Browse > Home / Archive by category 'Facebook'

Whistleblower Discusses Fake Account Infestation at Facebook

May 25, 2021

While working at Facebook, Sophie Zhang followed her conscience where her managers and peers failed to go. Naturally, this initiative eventually got her fired. AP News shares the data scientist’s perspective in, “Insider Q&A: Sophie Zhang, Facebook Whistleblower.” Reporter Barbara Ortutay introduces the interview:

“Sophie Zhang worked as a Facebook data scientist for nearly three years before was she fired in the fall of 2020. On her final day, she posted a 7,800-word memo to the company’s internal forum. … In the memo, first published by Buzzfeed, she outlined evidence that governments in countries like Azerbaijan and Honduras were using fake accounts to influence the public. Elsewhere, such as India and Ecuador, Zhang found coordinated activity intended to manipulate public opinion, although it wasn’t clear who was behind it. Facebook, she said, didn’t take her findings seriously. Zhang’s experience led her to a stark conclusion: ‘I have blood on my hands.’ Facebook has not disputed the facts of Zhang’s story but has sought to diminish the importance of her findings.”

If you have not yet seen excerpts from the eye-opening memo or read the full story, we suggest checking out the Buzzfeed and/or Guardian links Ortutay supplies above. In the AP interview, Zhang adds some details. For example, she was apparently fired because the work she did to protect citizens around the world was interfering with her official, low-level duties. She blamed herself, however, for not doing more because she was the only one seeking out and taking down these fake accounts. No one around her seemed to give a hoot unless an outside agency contacted Facebook about a specific page. She states:

“I talked about it internally … but people couldn’t agree on whose job it was to deal with it. I was trying desperately to find anyone who cared. I talked with my manager and their manager. I talked to the threat intelligence team. I talked with many integrity teams. It took almost a year for anything to happen.”

It was actually remarkable how many fake accounts Zhang was able to eliminate on her own, but one employee could only do so much. Especially without the support of higher ups. Though Facebook pays lip service to the issue, Zhang insists they would be doing more if they were really prioritizing the problem. We note this exchange:

“Q: Facebook says it’s taking down many inauthentic accounts and has sought to dismiss your story.

A: So this is a very typical Facebook response, by which I mean that they are not actually answering the question. Suppose your spouse asks you, ‘Did you clean up the dishes yesterday?’ And you respond by saying, ‘I always prioritize cleaning the dishes. I make sure to clean the dishes. I do not want there to be dirty dishes.’ It’s an answer that may make sense, but it does not actually answer that question.”

Indeed.

Cynthia Murrell, May 19, 2021

Written by Stephen E. Arnold · Filed Under Facebook, News | 1 Comment 

Facebook Tracking: Why Secrets Are Important to Some Digital Players

May 12, 2021

I read a headline which I assume was crafted to shock; to wit: “Analytics Suggest 96% of of Users Leave App Tracking Disabled in iOS 14.5.” The headline did not surprise me, nor did the fact that four out of 100 in the sample said, “Sure, follow, listen, and watch me 24×7.” The write up states:

According to the latest data from analytics firm Flurry, just 4% of ?iPhone? users in the U.S. have actively chosen to opt into app tracking after updating their device to iOS 14.5. The data is based on a sampling of 2.5 million daily mobile active users.

The article points out:

Facebook, a vociferous opponent of ATT [app tracking tech], has already started attempting to convince users that they must enable tracking in iOS 14.5 if they want to help keep Facebook and Instagram “free of charge.” That sentiment would seem to go against the social network’s earlier claim that ATT will have a “manageable” impact on its business and could even benefit Facebook in the long term.

Several observations:

  • Secrets work. Making certain behaviors “known” undermines a number of capabilities; for example, revenue, trust, and data collection
  • iPhone users appear to be interested in keeping some of their mobile centric behaviors within their span of control. (What about iPhone users in China and Russia? Alas, the write up did not include those data.)
  • Processing items of data across time and within the monitored datasphere may make it difficult for some entities to perform in the manner they did prior to the introduction of ATT.

Net net: Flowing information erodes certain beliefs, social constructs, and processes. Once weakened by bits, these beliefs, constructs, and processes may not be reconstructable. The Apple ATT may have unforeseen consequences.

Stephen E Arnold, May 12, 2021

Written by Stephen E. Arnold · Filed Under Facebook, News, Online (general) | Comments Off on Facebook Tracking: Why Secrets Are Important to Some Digital Players 

Online: Finding Info Is Easy or Another Dark Pattern?

May 7, 2021

When I attended meetings about online search, I found considerable amusement in comments like “Online makes finding information easy” and “I am an expert at finding information on Google.” Hoots for sure.

I read “How to Find a Buyer or Seller’s Facebook Profile on Marketplace.” According to the write up, at some time in the recent past “finding” information about a person offering something for sale on Facebook Marketplace was easy. Since I have never used Facebook Marketplace, I can accept the facile use of the word “easy” as something a normal thumbtyping Facebooker could do. Some investigators probably had the knowledge required to figure out who was pitching a product allegedly stolen from a bitcoin billionaire.

The write up identifies about nine steps in the process to navigate from a listing’s “seller handle” to the vendor’s Facebook profile. I thought this online search was easy.

I can think of several reasons why Facebook makes finding information difficult with weird words and wonky icons. (One of these was described as a “carrot” in the write up. A carrot? What’s up, Mark?

It is possible that Facebook wants to accrue clicks and stickiness. Since I don’t use Facebook, I am not a good judge of how sticky the site is. I do know that some individuals in government agencies think a lot about Facebook and the information the company’s databases contain.

Another possibility is that Facebook wants to make it more difficult for stalkers, miscreants, and investigators to move from a product listing to the seller information. The happy face side of me says, “Facebook cares about its users.” The frowny face says, “Facebook wants to make life difficult for anyone to get useful information because accountability is a bad thing.”

A third possibility is that Facebook’s engineers are just incompetent.

Net net: Finding information online is easy as long as one works at the organization with the data and the person doing the looking has root. Others get an opportunity to explore a Dark Pattern. Fun. Helpful even.

Stephen E Arnold, May 7, 2021

Written by Stephen E. Arnold · Filed Under Facebook, Governance, News, Search | Comments Off on Online: Finding Info Is Easy or Another Dark Pattern? 

The Addiction Analogy: The Cancellation of Influencer Rand Fishkin

May 5, 2021

Another short item. I read a series of tweets which you may be able to view at this link. The main idea is that an influencer was to give a talk about marketing. The unnamed organizer did not like Influencer Fishkin’s content. And what was that content? Information and observations critical of the outstanding commercial enterprises Facebook and Google. The apparent points of irritation were Influencer Fishkin’s statements to the effect that the two estimable outfits (Facebook and Google) were not “friendly, in-your-corner partners.” Interesting, but for me that was only part of the story.

Here’s what I surmised from the information provided by Influencer Fishkin:

  1. Manipulation is central to the way in which these two lighthouse firms operate in the dark world of online
  2. Both venerated companies function without consequences for their actions designed to generated revenue
  3. The treasured entities apply the model and pattern to “sector after sector.”

Beyond Search loves these revered companies.

But there is one word which casts a Beijing-in-a-sandstorm color over Influencer Fishkin’s remarks. And that word is?

Addiction

The idea is that these cherished organizations use their market position (which some have described as a monopoly set up) and specific content to make it difficult for a “user” of the “free” service to kick the habit.

My hunch is that neither of these esteemed commercial enterprises wants to be characterized as purveyor of gateway drugs, digital opioids, or artificers who put large monkeys on “users” backs.

That’s not a good look.

Hence, cancellation is a pragmatic fix, is it not?

Stephen E Arnold, May 5, 2021

Written by Stephen E. Arnold · Filed Under Business strategy, Censorship, Facebook, Google, News | Comments Off on The Addiction Analogy: The Cancellation of Influencer Rand Fishkin 

Facebook: Everlasting Delight!

April 29, 2021

We are still aghast at the carelessness that allowed hackers to access user information for about a billion accounts between Facebook and LinkedIn. The Facebook breach, at least, has spawned a couple of interesting side stories. First we learned that CEO Mark Zuckerberg uses chat app Signal, a competitor to Facebook’s WhatsApp. We also found out the Facebook breach has forced “Have I Been Pwned” to rework its search functionality, at least for this particular data set.

The folks at Signal must be delighted. India Today reports that the “Leaked Phone Number of Mark Zuckerberg Reveals He Is on Signal.” While both Signal and WhatsApp boast end-to-end encryption, there have been issues with what Facebook does with the back-up files. From Facebook’s point of view, this tidbit about Zuckerberg comes at an unfortunate juncture. Writer Yasmin Ahmed points out:

“The news comes at a time when many users outraged with Facebook-owned WhatsApp’s new privacy policy are moving to seemingly safer alternatives like Signal. WhatsApp’s contentious new terms of service are slated to come into effect from May 2021. The updated privacy policy changes how Facebook can access users’ chats with business accounts.”

Oh dear. In another tangent, we are interested in this change prompted by the leak—“The Facebook Phone Numbers Are Now Searchable in Have I Been  HYPERLINK “https://www.troyhunt.com/the-facebook-phone-numbers-are-now-searchable-in-have-i-been-pwned/”Pwned,” explains the security check site’s own Troy Hunt. It is good to see a site adapt its search to evolving circumstances. But why was the site not already searchable by phone number? Hunt explains:

“I’d never planned to make phone numbers searchable and indeed this User Voice idea sat there for over 5 and a half years without action. My position on this was that it didn’t make sense for a bunch of reasons:

1. Phone numbers appear far less frequently than email addresses
2. They’re much harder to parse out of most data sets (i.e. I can’t just regex them out like email addresses)
3. They very often don’t adhere to a consistent format across breaches and countries of origin

Plus, when the whole modus operandi of HIBP is to literally answer that question – Have I Been Pwned? – so long as there are email addresses that can be searched, phone numbers don’t add a whole lot of additional value. The Facebook data changed all that.”

Indeed. While more than 500 million phone numbers were stolen, only a few million addresses went along for the ride. Until Hunt changed the search, he writes, over 99% of the many people checking on his site received a false negative. He was able to easily parse most phone numbers from well-formatted files in the breached data and normalize their format with a country code. The caveat—this fix only applies to this breach, unless or until a similar batch of phone numbers is harvested. See the post for the technical reasons that making phone-number searches standard is unworkable for the free resource.

Cynthia Murrell, April 29, 2021

Written by Stephen E. Arnold · Filed Under Facebook, News, Security | Comments Off on Facebook: Everlasting Delight! 

Facebook Skewing Job Hunters? Is Skew the Right Word?

April 14, 2021

I read “Study Reveals Gender Bias in How Facebook Directs Employment Ads.”

Here’s the quote I noted from the article:

“Facebook’s ad delivery can result in skew of job ad delivery by gender beyond what can be legally justified by possible differences in qualifications,” the study said. The finding strengthens the argument that Facebook’s algorithms may be in violation of U.S. anti-discrimination laws, it added.

The write up omits details about the study. The idea that Facebook does something that disadvantages users of its free service is ludicrous. The article continues to suggest that Facebook is not the knight riding to the rescue of those in economic distress; to wit:

Facebook spokesman Joe Osborne said the company accounts for “many signals to try and serve people ads they will be most interested in, but we understand the concerns raised in the report.”

Facebook cares about signals. Facebook understands.

That’s super. Do the job hunters and advertisers?

Stephen E Arnold, April 14, 2021

Written by Stephen E. Arnold · Filed Under AI, Facebook, News | Comments Off on Facebook Skewing Job Hunters? Is Skew the Right Word? 

Facebook Security: Fodder for Testimony?

April 9, 2021

Who knows if this is true? “533 Million Facebook Users’ Phone Numbers Leaked on Hacker Forum.” The write up states:

The mobile phone numbers and other personal information for approximately 533 million Facebook users worldwide has been leaked on a popular hacker forum for free. The stolen data first surfaced on a hacking community in June 2020 when a member began selling the Facebook data to other members.

If true, the revelation is a nice complement to a series of outstanding achievements by the centralized, big tech, really smart managers at super important companies. Examples include:

  • Twitter’s senior manager spoofing elected officials
  • Microsoft’s Exchange Server misstep when Windows Defender was on the job sort of
  • Amazon’s brilliant Twitter campaign about workers’ inexplicable need to take breaks
  • Google’s staunch defense of employees who grouse with assurances of continued employment.

Now Mr. Zuckerberg’s digital nation and its outstanding security.

How did this happen? The write up asserts:

According to Alon Gal, CTO of cybercrime intelligence firm Hudson Rock, it is believed that threat actors exploited in 2019 a now-patched vulnerability in Facebook’s “Add Friend” feature that allowed them to gain access to member’s phone numbers.

I envision Mr. Zuckerberg answering this question under oath in an upcoming Congressional hearing:

Senator X: Mr. Zuckerberg, what the heck happened? I have a teen age grand daughter. Are you protecting her?

Mr. Zuckerberg: Senator, thank you for that question. At Facebook, we take every possible precaution to guard our user’s identify. I will look into this matter and provide a report written by an Amazon PR person whom we just hired, and assign the former head of Microsoft security also a new hire to investigate this matter. Early reports suggest that the 1,000 criminals attacking Microsoft were supplemented with an additional 2,000 bad actors to breach our highly secure system.

Plus, the loss of data affected a mere 533 million users. Trivial. It is old news too.

Stephen E Arnold, April 9, 2021

Written by Stephen E. Arnold · Filed Under Facebook, News, Security | Comments Off on Facebook Security: Fodder for Testimony? 

Facebook and Microsoft: Communing with the Spirit of Security

April 7, 2021

Two apparently unrelated actions by bad actors. Two paragons of user security. Two. Count ‘em.

The first incident is summarized in “Huge Facebook Leak That Contains Information about 500 Million People Came from Abuse of Contacts Tool, Company Says.” The main point is that flawed software and bad actors were responsible. But 500 million. Where is Alex Stamos when Facebook needs guru-grade security to zoom into a challenge?

The second incident is explained in “Half a Billion LinkedIn Users Have Scraped Data Sold Online.” Microsoft, the creator of the super useful Defender security system, owns LinkedIn. (How is that migration to Azure coming along?) Microsoft has been a very minor character in the great works of 2021. These are, of course, The Taming of SolarWinds and The Rape of Exchange Server.

Now what’s my point. I think when one adds 500 million and 500 million the result is a lot of people. Assume 25 percent overlap. Well, that’s still a lot of people’s information which has taken wing.

Indifference? Carelessness? Cluelessness? A lack of governance? I would suggest that a combination of charming personal characteristics makes those responsible individuals one can trust with sensitive information.

Yep, trust and credibility. Important.

Stephen E Arnold, April 7, 2021

Written by Stephen E. Arnold · Filed Under Facebook, Microsoft, News, Security | Comments Off on Facebook and Microsoft: Communing with the Spirit of Security 

Facebook: The Polarization Position

March 17, 2021

I find Silicon Valley “real” news amusing. I like the publications themselves; for example, Buzzfeed. I like the stories themselves; for example, “Polarization Is Good For America, Actually, Says Facebook Executive.”

How much of the Google method has diffused into Facebook? From my point of view, a magnetic influence exists. The cited article points out:

Facebook has created a ”playbook” to help its employees rebut criticism that the company’s products fuel political polarization and social division.

The idea is that employees comprise a team. The team runs plays in order to score. The playbook also directs and informs team members on their roles.

Trapped Priors As a Basic Problem of Rationality” explains how feedback loops lead to a reinforcement of ideas, data, and rationality otherwise not noticed.

Buzzfeed references this Facebook research document:

In the [Facebook] paper, titled “What We Know About Polarization,” Cox and Raychodhury [Facebook experts] call polarization “an albatross public narrative for the company.” “The implicit argument is that Facebook is contributing to a social problem of driving societies into contexts where they can’t trust each other, can’t share common ground, can’t have conversation about issues, and can’t share a common view on reality,” they write, adding that “the media narrative in this case is generally not supported by the research.” While denying that Facebook meaningfully contributes to polarization, Pablo Barberá, a research scientist at the company, also suggested political polarization could be a good thing during Thursday’s presentation. “If we look back at history, a lot of the major social movements and major transformations, for example, the extension of civil rights or voting rights in this country have been the result of increasing polarization,” he told employees.

The value of polarization and a game plan to make explicit a particular business method are high. The fact that the trappings of research are required to justify the game plan is interesting. But those trapped priors are going to channel Facebook’s behavior into easy-to-follow grooves.

Scrutiny, legal action, and “more of the same” will allow pot holes to form. Some will be deep. Others will be no big deal.

Stephen E Arnold, March 17, 2021

Written by Stephen E. Arnold · Filed Under Facebook, Management, News | Comments Off on Facebook: The Polarization Position 

Facebook WhatsApp, No Code Ecommerce, and Google: What Could Go Wrong?

March 5, 2021

The Dark Web continues to capture the attention of some individuals. The little secret few pursue is that much of the Dark Web action has shifted to encrypted messaging applications. Even Signal gets coverage in pot boiler novels. Why? Encrypted messaging apps are quite robust convenience stores? Why go to Ikea when one can scoot into a lightweight, mobile app and do “business.” How hard is it to set up a store, make its products like malware or other questionable items available in WhatsApp, and start gathering customers? Not hard at all. In fact, there is a no code wrapper available. With a few mouse clicks, a handful of images, and a product or service to sell, one can be in business. The developer – an outfit called Wati – provides exactly when the enterprising marketer requires. None of that Tor stuff. None of the Amazon police chasing down knock off products from the world’s most prolific manufacturers. New territory, so what could go wrong. If you are interested in using WhatsApp as an ecommerce vehicle, you can point your browser to this Google Workspace Marketplace. You will need both a Google account and a WhatsApp account. Then you can us “a simple and powerful Google Sheet add-on to launch an online store from Google Sheets and take orders on WhatsApp.” How much does this service cost? The developer asserts, “It’s free forever.” There is even a video explaining what one does to become a WhatsApp merchant. Are there legitimate uses for this Google Sheets add on? Sure. Will bad actors give this type of service a whirl? Sure. Will Google police the service? Sure. Will Facebook provide oversight? Sure. That’s a lot of sures. Why not be optimistic? For me, the Wati wrapper is a flashing yellow light that a challenge to law enforcement is moving from the Dark Web to apps which are equally opaque. Progress? Nope.

Stephen E Arnold, March 5, 2021

Written by Stephen E. Arnold · Filed Under Dark Web, Facebook, Financial, Legal matters, News, Privacy | Comments Off on Facebook WhatsApp, No Code Ecommerce, and Google: What Could Go Wrong? 

« Previous PageNext Page »

  • Archives

  • Recent Posts

  • Meta