Urgent news flash: your privacy settings on Facebook don’t really give you the privacy that you think you have. Not even setting your Facebook to “Only Me” would save you from the major loophole in a feature of the social network.
A list of your mutual friends between another user is easily viewable, as long as one of you have set their friend list to public. Facebook doesn’t see this much of a threat though, and instead cautions its users that the privacy of their Friends List is dependent on their connections’ privacy settings.
Online security group CyberInt begs to differ and conducted an experiment to show just how dangerous it is, especially for high-profile people and businesses. They created a program that would exploit Facebook’s founder Mark Zuckerberg’s private friend list.
How did they do it and what did they uncover? Read on to find out.
Zuckerberg does keep his friends list private but longtime Facebook employee and Product Head Chris Cox keeps his friends list public. They have 248 shared connections which helped build the list of Zuckerberg’s 400+ friends.
If two users both have their friends list set to private, it would be impossible to see both users’ connections. Such is the case between Zuckerberg and Facebook COO Sheryl Sandberg who also has hidden her friends list, leaving the program unable to retrieve their connections and add to Zuckerberg’s partial list of friends.
Billions of surprises
The publicized friends list of Zuckerberg reveals that he is (quite unsurprisingly) friends with Facebook board members Marc Andreessen and Don Graham, and Napster co-founder and former Facebook president Sean Parker.
But what is more intriguing is that the program has managed to unearth literally billions of surprises. China’s third richest man and Baidu cofounder is in his friends list, and a lot of Silicon Valley’s most powerful CEOs, along with other strange names to be affiliated with a social network like One King’s Lane cofounder Alison Pincus.
Not a threat
Even with this major uncovering of their CEO’s connections, Facebook still shrugs it off and still considers it as unthreatening. Although they have yet to comment on the release of Zuckerberg’s friends list, they have released a statement stating that they “give people control over who can see their friends list on their Timeline, but [they] explain prominently that their friends also get to choose who they share with and that they might select a different set of people.”