Over 100m Facebook profiles harvested, available in torrent

[DrEvil]

Just as concerns over Facebook privacy started to fade out of the headlines, a hacker has rekindled the fire by making over 100 million profiles available in a single gift-wrapped download. Ron Bowes of Skull Security compiled the 2.8GB torrent (which is currently available on TPB) by creating a web crawler to harvest the data of users listed on Facebook's open access directory.

The package supposedly contains the profile URLs, names, addresses, dates of birth, and phone numbers of 171 million members (around 100 million unique) – more than one in five of Facebook's half billion user base. Viewing an individual's profile gives access to their friends' pages too – even those who have made themselves non-searchable. The torrent also has the tools used to collect the data.

Since all the information is publicly available, Bowes hasn't violated any laws. This doesn't necessarily count as "failure" on Facebook's end either, but it underscores a question many have asked from initial privacy upheaval: should users be exposed by default regardless of opt-out features?



Source: TechSpot

[Alpha]

Wow...

[The Golden Girl =D]

O h My god .....And i thought facebook was the safest of all my accounts.

iA it won't be me .

[$tyli$h Executive]

Genius guy. I wish to learn how to hack paypal and online banking sites this way.

[Saladin]

To hack sites like that, you are going to need a very powerful computer, something that you cannot buy actually.

[DrEvil]

To hack sites like that, you are going to need a very powerful computer, something that you cannot buy actually.

Hackers usually use rigs... And in this case, i.e. 100m profiles, it must be a very hi-fi rig.

[$tyli$h Executive]

@Engraved

Nothing that money cannot buy. Anyways, I don't think this will require a supercomputer as it just targets vulnerabilities, if they exist, not some kind of brute force attack.

Whatever, I would prefer not getting into a technical argument here.

[DrEvil]

This does require an extreme performance computer because collection and compilation of those 100m profiles is not what you can do easily. A normal computer would have taken ages to compile such a huge collection.

And I think that there is nothing technical in this, its just common sense.

[Crooked]

THIS IS AWESSSSSOME !

[$tyli$h Executive]

Okay. Lets get this clear.

It requires you to exploit a security VULNERABILITY. Its not a simple loop. Once you discover the vulnerability, you just have to repeat it, in a loop, over the facebook website. It requires a high speed internet connection. But a large hard disk capacity would be enough for this, with a common computer, like those used for server.

You do know what is a brute force attack, don't you? If yes, only brute force attack will require a high performance computer, IF PROCESSING is involved. But in this case, the internet is involved. Once you get the logic, you just have to set up the loop. One go, thats it.

Remember the hacker Curador? He was an ordinary school boy who hacked millions of credit card numbers. Thing is, he got the logic and executed it. Now don't tell me he had a high performance computer.

So, better do some research on how many hackers have got a mainframe, or a supercomputer. At best, a server configuration computer is enough for any hacking purposes for the professional hacker. Usually a common computer like we use is enough.

[Freaked12]

No need to insult him. 

[DrEvil]

Okay. Lets get this clear.

It requires you to exploit a security VULNERABILITY. Its not a simple loop. Once you discover the vulnerability, you just have to repeat it, in a loop, over the facebook website. It requires a high speed internet connection. But a large hard disk capacity would be enough for this, with a common computer, like those used for server.

You do know what is a brute force attack, don't you? If yes, only brute force attack will require a high performance computer, IF PROCESSING is involved. But in this case, the internet is involved. Once you get the logic, you just have to set up the loop. One go, thats it.

Remember the hacker Curador? He was an ordinary school boy who hacked millions of credit card numbers. Thing is, he got the logic and executed it. Now don't tell me he had a high performance computer.

So, better do some research on how many hackers have got a mainframe, or a supercomputer. At best, a server configuration computer is enough for any hacking purposes for the professional hacker. Usually a common computer like we use is enough.

First of all, if you had downloaded the torrent file, you would have known that it wasn't any hacking. He just copied the main info of users that is still easily available and compiled it into a text file. You cannot hack facebook accounts unless you have the facebook IP's of those accounts. Hacking of facebook accounts is near to impossible unless you are or you were a member of the facebook team or professional hacker.

The example you gave of hacking in not considered hacking dear. That is called virtual theft. Stealing credit card numbers is something else and mostly people doing that are easily traceable in western countries. You should have researched about that before posting.

And I still say that professional hackers require hi-fi rigs. There is no point in discussing that. Only noobs try hacking from simple computers and thus they have a greater chance getting caught too.

[$tyli$h Executive]

I don't have the time to download the 2 GB torrent file. But its not hacking, I realize now. I thought it was the full profile info. Anyway, facebook got a loose privacy policy.

Look up the definition of hacking in any technology dictionary. Hacking is any form of unauthorized access in a computer system. Identity theft like Curador did, is a subcomponent of hacking, and is a kind of hacking itself. It is gaining UNauthorized access to a database to get credit card numbers and personal data. Better get your definitions right first.

And to get caught, we are not discussing about that here. We are discussing hacking here, not security methods or the chances of getting caught. ALL professional hackers have spent time in jail, at some point of their life. Google it. Some had spent more than 10 years.

[cutee]

Did you know that facebook, the world's biggest website only has revenues of $500m a year? That is revenue, not profit.
And twitter has not made any money so far.

[DrEvil]

Look up the definition of hacking in any technology dictionary. Hacking is any form of unauthorized access in a computer system. Identity theft like Curador did, is a subcomponent of hacking, and is a kind of hacking itself. It is gaining UNauthorized access to a database to get credit card numbers and personal data. Better get your definitions right first.

And to get caught, we are not discussing about that here. We are discussing hacking here, not security methods or the chances of getting caught. ALL professional hackers have spent time in jail, at some point of their life. Google it. Some had spent more than 10 years.

Don't worry, I know all the definitions that I need to know.

And I know many hackers that are far from jail. 


@Ex Prime Minister Tony Blair here
Why is that so?