iPhone app iPad app Android phone app Android tablet app More

'Evil' App Exposes Facebook Users' Phone Numbers To Show How Widely We Share (VIDEO)

Huffington Post   First Posted: 05/24/10 01:57 PM ET Updated: 05/25/11 05:35 PM ET

Inspiring
 Funny
 Obsolete
 Scary
 Must-Have
 Amazing
 Innovative
 Nerdy
Evil App Facebook

"Evil," a new tool created by Tom Scott, is leveraging Facebook's Graph API to expose Facebook users' phone numbers.

Unlike the glitch that revealed users' private chats, or the snafu that spilled personal email addresses, Evil is not a bug exploiting a Facebook security weakness.

Rather, it's an app that searches Facebook groups created by people who've lost their phones hoping to get friends' numbers, then collects and displays the publicly-shared phone numbers.

Like PleaseRobMe.com, Evil calls attention to the kind of personal information users are sharing online, often without realizing how widely it can spread. Although Evil censors part of the numbers that it displays, "those digits are publicly available," Scott says. "Anyone could scrape them. And produce a phone directory. Or nick them for marketing."

Scott explains how he created the tool:

There are uncountable numbers of groups on Facebook called "lost my phone!!!!! need ur numbers!!!!!" or something like that. Most of them are marked as 'public', and a lot of folks don't understand what that means in Facebook's context -- to Facebook, 'public' means everyone in the world, whether they're a Facebook member or not. So Evil uses the graph API to search for groups about lost phones, picks a couple at random, extracts the phone numbers, and shows them here.

See a demo of Evil in the video below. Have you ever posted your number to one of these "lost phone" Facebook groups? If so, will Scott's Evil app inspire you to delete your posts? Tell us in the comments below.

(via AllFacebook, Mashable)

FOLLOW HUFFPOST TECH

"Evil," a new tool created by Tom Scott, is leveraging Facebook's Graph API to expose Facebook users' phone numbers. Unlike the glitch that revealed users' private chats, or the snafu that spilled ...
"Evil," a new tool created by Tom Scott, is leveraging Facebook's Graph API to expose Facebook users' phone numbers. Unlike the glitch that revealed users' private chats, or the snafu that spilled ...
Related News On Huffington Post:
 

Read more from Huffington Post bloggers:
John Seed

John Seed: When Is a Nude OK on Facebook?

When a Facebook user uploads photos to his or her profile, they are asked the check a box certifying that the image is not pornographic. For visual artists, this is where things get murky.

 
 
  • Comments
  • 18
  • Pending Comments
  • 0
  • View FAQ
Comments are closed for this entry
View All
Recency  | 
Popularity
photo
poetcetera
10 Fans
08:57 PM on 05/24/2010
FB discussion summary, part II:

PorPer: "Everyone needs to go join Diaspora."
SorSer: "Diaspora is still sitting in a garage somewhere in New York. I suppose you believe the movie 'Primer' was real, too?"
PorPer: "Do you want to join our Facebook protest? Just visit our Facebook page for more information."
Sorser: "That is so idiotic and hypocritical and ironic, even though I don't know the actual definition of irony."
PorPer: "Seriously? Do you know of a better place to advertise a FB-related event? You must at least care that Zuckerberg is laughing at you all the way to the bank."
SorSer: "I am laughing at Zuckerberg and all of his cronies for thinking that they will effectively monetize my interest in kittens."
PorPer: "Well, the fact still remains...most people are not as smart as you and will be taken advantage of."
SorSer: "Likewise, most people are not as cautious as you and will never realize the risks they are exposing themselves to by carelessly sharing personal information."
PorPer: "Wanna get coffee?"
SorSer: "I can't, I'm tweeting my reaction to the final episode of Lost right now. Besides, I live in Nigeria."
Permalink  |
photo
poetcetera
10 Fans
08:56 PM on 05/24/2010
FB users increasingly fall into two groups: "panicked and pissed" and "secure and smug". PorPers love conspiracy theory and statements that would make a Luddite blush. SorSers, meanwhile, act as smitten apologists for FB. I can save you all a Monday evening by summarizing the current discussion around FB:

PorPer: "AHHH! Facebook is evil! They will steal your identity and turn you into a robot."
SorSer: "You are an idiot. I am smart. I can click buttons to change all of my FB settings to 'Friends Only.'
PorPer: "But you also have to opt out of OpenGraph and separately block Yelp and Pandora and so on, and you must ditch all your other apps to be safe, and there’s a secret hidden check box that you have to tap three times or hackers in China will be able to buy things on Ebay with your debit card and then reverse the charges so the funds will be inaccessible for DAYS!"
SorSer: "So? [Insert various hackneyed comment about how we share more information with grocery store frequent buyer programs, etc.].”
PorPer: "But...FB no longer lets you share your interests with others unless they have pages. That makes all your interests public and subjects your freedom of expression to mob rule. FB is trying to make us all the same!"
SorSer: "I doubt you are original enough for that to matter. While am so savvy that I already left FB for Foursquare two score years ago."
Permalink  |
photo
Ish and Em
4 Fans
07:48 PM on 05/24/2010
klondike 456..

http://www.youtube.com/watch?v=k9e3dTOJi0o
Permalink  |
photo
HUFFPOST COMMUNITY MODERATOR
Clare53
239 Fans
06:44 PM on 05/24/2010
Why would someone post their phone number anyway?
Permalink  |
photo
RationalDubSteppa
895 Fans
06:12 PM on 05/24/2010
ROTFL!! This is so awesome!! Goes to show that the most common exploit in computer systems in human stupidity.
Permalink  |
photo
HUFFPOST SUPER USER
Graceless
47 Fans
 
04:55 PM on 05/24/2010
This is exactly the reason I will never use FB mobile. If the company had a sterling reputation for privacy, it'd be another story.

I have always been a privacy nut, but using FB is a constant battle to keep the little I do share in the realm of "friends only".
Permalink  |
photo
GeekAaron
73 Fans
 
05:51 PM on 05/24/2010
This has nothing to do with posting your phone number on your profile page, but instead this application shows phone numbers people post to groups that are open to the public. Anyone can see those.
Permalink  |
photo
HUFFPOST SUPER USER
Graceless
47 Fans
 
07:57 PM on 05/24/2010
People are very free with their mobile number and have no issue registering it on the website to access it via mobile phone, so it is not shocking that some users have no problem posting it in an even less secure manner on the website.

And while I understand that the issue lies outside of the FB mobile registration, the continued degradation of privacy and security policies will continue to mean that more and more information that one used to think was "secure" on the website will, by default, no longer be.
Permalink  |
photo
HUFFPOST SUPER USER
zombywulf
Pirate Captain Church of Saint Jerry
832 Fans
04:31 PM on 05/24/2010
I use the local FBI field office number, I hope they steal it.
Permalink  |
photo
pinkindie
Out of all those people, you got a brain w/ a view
480 Fans
03:54 PM on 05/24/2010
Do some people really post their phone numbers on FB?? Really? (Let me stifle my laughter)
Permalink  |
photo
HUFFPOST SUPER USER
Rynox
My patience is over taxed.
1184 Fans
03:57 PM on 05/24/2010
Yes.

My profile was even set to public for a while, but I've made it private recently. There's been a lot of hysteria surrounding fb lately. I don't understand it but I assume it will fizzle eventually.
Permalink  |
photo
HUFFPOST COMMUNITY MODERATOR
theobsoleteman
128 Fans
06:21 PM on 05/24/2010
I'm kind of hoping Facebook will fizzle instead.
Permalink  |
photo
HUFFPOST SUPER USER
Rynox
My patience is over taxed.
1184 Fans
03:54 PM on 05/24/2010
So you tell facebook you want to make your phone number available, set it to public and you are shocked when the phone number is made public? Okay...

Would you prefer if the software did not work as it is supposed to?
Permalink  |
This user has chosen to opt out of the Badges program
photo
Deaninphilly
217 Fans
03:51 PM on 05/24/2010
Oh look another bad thing about FB here. Please make sure to link your FB account with here, thank you
Permalink  |