IGCSE/GCSE/O & A Level/IB/University Student Forum

General Chat NEW! The Student Forums Chatroom => Technology => Topic started by: DrEvil on July 29, 2010, 08:40:17 am

Title: Over 100m Facebook profiles harvested, available in torrent
Post by: DrEvil on July 29, 2010, 08:40:17 am: Just as concerns over Facebook privacy started to fade out of the headlines, a hacker has rekindled the fire by making over 100 million profiles available in a single gift-wrapped download. Ron Bowes of Skull Security compiled the 2.8GB torrent (which is currently available on TPB) by creating a web crawler to harvest the data of users listed on Facebook's open access directory.

The package supposedly contains the profile URLs, names, addresses, dates of birth, and phone numbers of 171 million members (around 100 million unique) – more than one in five of Facebook's half billion user base. Viewing an individual's profile gives access to their friends' pages too – even those who have made themselves non-searchable. The torrent also has the tools used to collect the data.

(http://static.techspot.com/articles-info/280/images/facebook-privacy.jpg)

Since all the information is publicly available, Bowes hasn't violated any laws. This doesn't necessarily count as "failure" on Facebook's end either, but it underscores a question many have asked from initial privacy upheaval: should users be exposed by default regardless of opt-out features?

Source: TechSpot
Title: Re: Over 100m Facebook profiles harvested, available in torrent
Post by: Alpha on July 29, 2010, 08:50:17 am: Wow...
Title: Re: Over 100m Facebook profiles harvested, available in torrent
Post by: The Golden Girl =D on July 29, 2010, 09:17:26 am: O h My god .....And i thought facebook was the safest of all my accounts.

iA it won't be me .
Title: Re: Over 100m Facebook profiles harvested, available in torrent
Post by: $tyli$h Executive on July 29, 2010, 11:50:07 am: Genius guy. I wish to learn how to hack paypal and online banking sites this way.
Title: Re: Over 100m Facebook profiles harvested, available in torrent
Post by: Saladin on July 29, 2010, 12:51:13 pm: To hack sites like that, you are going to need a very powerful computer, something that you cannot buy actually.
Title: Re: Over 100m Facebook profiles harvested, available in torrent
Post by: DrEvil on July 29, 2010, 12:57:57 pm: Quote from: Engraved on July 29, 2010, 12:51:13 pm
To hack sites like that, you are going to need a very powerful computer, something that you cannot buy actually.

Hackers usually use rigs... And in this case, i.e. 100m profiles, it must be a very hi-fi rig.
Title: Re: Over 100m Facebook profiles harvested, available in torrent
Post by: $tyli$h Executive on July 29, 2010, 03:05:46 pm: @Engraved

Nothing that money cannot buy. Anyways, I don't think this will require a supercomputer as it just targets vulnerabilities, if they exist, not some kind of brute force attack.

Whatever, I would prefer not getting into a technical argument here.
Title: Re: Over 100m Facebook profiles harvested, available in torrent
Post by: DrEvil on July 29, 2010, 03:37:10 pm: This does require an extreme performance computer because collection and compilation of those 100m profiles is not what you can do easily. A normal computer would have taken ages to compile such a huge collection.

And I think that there is nothing technical in this, its just common sense.
Title: Re: Over 100m Facebook profiles harvested, available in torrent
Post by: Crooked on July 29, 2010, 04:08:54 pm: THIS IS AWESSSSSOME ! :D :D :D :P
Title: Re: Over 100m Facebook profiles harvested, available in torrent
Post by: $tyli$h Executive on July 29, 2010, 04:16:25 pm: Okay. Lets get this clear.

It requires you to exploit a security VULNERABILITY. Its not a simple loop. Once you discover the vulnerability, you just have to repeat it, in a loop, over the facebook website. It requires a high speed internet connection. But a large hard disk capacity would be enough for this, with a common computer, like those used for server.

You do know what is a brute force attack, don't you? If yes, only brute force attack will require a high performance computer, IF PROCESSING is involved. But in this case, the internet is involved. Once you get the logic, you just have to set up the loop. One go, thats it.

Remember the hacker Curador? He was an ordinary school boy who hacked millions of credit card numbers. Thing is, he got the logic and executed it. Now don't tell me he had a high performance computer.

So, better do some research on how many hackers have got a mainframe, or a supercomputer. At best, a server configuration computer is enough for any hacking purposes for the professional hacker. Usually a common computer like we use is enough.
Title: Re: Over 100m Facebook profiles harvested, available in torrent
Post by: Freaked12 on July 29, 2010, 04:35:04 pm: No need to insult him. >:(
Title: Re: Over 100m Facebook profiles harvested, available in torrent
Post by: DrEvil on July 29, 2010, 05:41:52 pm: Quote from: $tyli$h Executive on July 29, 2010, 04:16:25 pm
Okay. Lets get this clear.

It requires you to exploit a security VULNERABILITY. Its not a simple loop. Once you discover the vulnerability, you just have to repeat it, in a loop, over the facebook website. It requires a high speed internet connection. But a large hard disk capacity would be enough for this, with a common computer, like those used for server.

You do know what is a brute force attack, don't you? If yes, only brute force attack will require a high performance computer, IF PROCESSING is involved. But in this case, the internet is involved. Once you get the logic, you just have to set up the loop. One go, thats it.

Remember the hacker Curador? He was an ordinary school boy who hacked millions of credit card numbers. Thing is, he got the logic and executed it. Now don't tell me he had a high performance computer.

So, better do some research on how many hackers have got a mainframe, or a supercomputer. At best, a server configuration computer is enough for any hacking purposes for the professional hacker. Usually a common computer like we use is enough.

First of all, if you had downloaded the torrent file, you would have known that it wasn't any hacking. He just copied the main info of users that is still easily available and compiled it into a text file. You cannot hack facebook accounts unless you have the facebook IP's of those accounts. Hacking of facebook accounts is near to impossible unless you are or you were a member of the facebook team or professional hacker.

The example you gave of hacking in not considered hacking dear. That is called virtual theft. Stealing credit card numbers is something else and mostly people doing that are easily traceable in western countries. You should have researched about that before posting.

And I still say that professional hackers require hi-fi rigs. There is no point in discussing that. Only noobs try hacking from simple computers and thus they have a greater chance getting caught too.
Title: Re: Over 100m Facebook profiles harvested, available in torrent
Post by: $tyli$h Executive on July 29, 2010, 06:19:35 pm: I don't have the time to download the 2 GB torrent file. But its not hacking, I realize now. I thought it was the full profile info. Anyway, facebook got a loose privacy policy.

Look up the definition of hacking in any technology dictionary. Hacking is any form of unauthorized access in a computer system. Identity theft like Curador did, is a subcomponent of hacking, and is a kind of hacking itself. It is gaining UNauthorized access to a database to get credit card numbers and personal data. Better get your definitions right first.

And to get caught, we are not discussing about that here. We are discussing hacking here, not security methods or the chances of getting caught. ALL professional hackers have spent time in jail, at some point of their life. Google it. Some had spent more than 10 years.
Title: Re: Over 100m Facebook profiles harvested, available in torrent
Post by: cutee on July 29, 2010, 06:23:09 pm: Did you know that facebook, the world's biggest website only has revenues of $500m a year? That is revenue, not profit.
And twitter has not made any money so far.
Title: Re: Over 100m Facebook profiles harvested, available in torrent
Post by: DrEvil on July 29, 2010, 06:27:37 pm: Quote from: $tyli$h Executive on July 29, 2010, 06:19:35 pm
Look up the definition of hacking in any technology dictionary. Hacking is any form of unauthorized access in a computer system. Identity theft like Curador did, is a subcomponent of hacking, and is a kind of hacking itself. It is gaining UNauthorized access to a database to get credit card numbers and personal data. Better get your definitions right first.

And to get caught, we are not discussing about that here. We are discussing hacking here, not security methods or the chances of getting caught. ALL professional hackers have spent time in jail, at some point of their life. Google it. Some had spent more than 10 years.

Don't worry, I know all the definitions that I need to know.

And I know many hackers that are far from jail. ;)

@Ex Prime Minister Tony Blair here
Why is that so?
Title: Re: Over 100m Facebook profiles harvested, available in torrent
Post by: $tyli$h Executive on July 29, 2010, 06:32:51 pm: LOL, he is astar! ;D

But what he said is true. It is just that they are valued so much, due to the large user base and advertising potential. Microsoft valued facebook at 15 billion and purchased 1% stake in it.
Title: Re: Over 100m Facebook profiles harvested, available in torrent
Post by: DrEvil on July 29, 2010, 06:34:34 pm: LOL... :D Why is astar making fake accounts? :P
Title: Re: Over 100m Facebook profiles harvested, available in torrent
Post by: Saladin on July 29, 2010, 07:35:59 pm: Quote from: $tyli$h Executive on July 29, 2010, 04:16:25 pm
Okay. Lets get this clear.

It requires you to exploit a security VULNERABILITY. Its not a simple loop. Once you discover the vulnerability, you just have to repeat it, in a loop, over the facebook website. It requires a high speed internet connection. But a large hard disk capacity would be enough for this, with a common computer, like those used for server.

You do know what is a brute force attack, don't you? If yes, only brute force attack will require a high performance computer, IF PROCESSING is involved. But in this case, the internet is involved. Once you get the logic, you just have to set up the loop. One go, thats it.

Remember the hacker Curador? He was an ordinary school boy who hacked millions of credit card numbers. Thing is, he got the logic and executed it. Now don't tell me he had a high performance computer.

So, better do some research on how many hackers have got a mainframe, or a supercomputer. At best, a server configuration computer is enough for any hacking purposes for the professional hacker. Usually a common computer like we use is enough.

Yes, but in most cases, the vulnerability is spotted by the anti-virus system, whenever unauthorised changes are made, the system is made in such a way to prevent that, so finding a vulnerability on a server is very hard. Often, people have to use a combination of both brute force and other techniques such as loop hole plunging to actually get the access code necessary. Before, computers were not so easily available and they were a lot more expensive, because of the companies spent little on protection, as compared to now.

Yes, and the person who got that info, was already working with Face-book, he is a part of a security group actually. I actually happen to know a lot of people who hack for a hobby, but the conclusion they came to is that now internet intervention is impossible, you at least need to get into the LAN and know the LAN well enough, to hide behind the computer IDs.

And brute force and computer loop holes are not the only hacking methods. Brute force is not extremely processor hogging, there are other more intelligent methods that require even more processor power as well as network infrastructure.
Title: Re: Over 100m Facebook profiles harvested, available in torrent
Post by: $tyli$h Executive on July 29, 2010, 07:54:57 pm: Safest way is to get a job at the security department of a bank somehow.

Whatever.
Title: Re: Over 100m Facebook profiles harvested, available in torrent
Post by: $tyli$h Executive on July 29, 2010, 08:06:32 pm: Whatever it is, exploiting loopholes and brute force attack are the only ways to hack. Hacking can be done with simple tools and PC as I explained earlier provided you know how to. Complexities will, at best, require a server configuration computer.
Title: Re: Over 100m Facebook profiles harvested, available in torrent
Post by: M-H on August 01, 2010, 12:59:42 pm: Quote from: $tyli$h Executive on July 29, 2010, 11:50:07 am
Genius guy. I wish to learn how to hack paypal and online banking sites this way.

YEAH!! i love hackers!!!! i wish i could do some too!
Title: Re: Over 100m Facebook profiles harvested, available in torrent
Post by: Arthur Bon Zavi on August 01, 2010, 04:51:28 pm: Quote from: $tyli$h Executive on July 29, 2010, 11:50:07 am
Genius guy. I wish to learn how to hack paypal and online banking sites this way.

ditto!! ;D ;D