While some of us are more open and are comfortable with random strangers viewing our Facebook profile, some are more guarded and prefer keeping everything as private as possible, going as far as limiting photos, information and status updates to a select few friends. If the latter describes you and you’re really concerned about your online privacy, there is apparently a service dubbed Stalkbook developed by MIT graduate, Oliver Yeh, that lets you view that person’s profile, photos, contact info, etc. simply by letting you view that profile under the guise of another Facebook user. In an interview with IEEE, Yeh detailed how Stalkbook worked:


“So, the photo version works by whenever a person signs on to the application; not only does he reveal his or her own information but he also compromises all of his or her friends’ information too. So for example, if I sign on to the site, then my friend Trevor would also be signed on to the site because I’m friends with Trevor. And because with my credentials, I can see Trevor’s information. Now, everyone on the Internet can also see Trevor’s information by using my credentials. And as more people sign up to Stalkbook, you get this network effect, in which you only need perhaps 10 percent of Facebook to join to compromise 80 to 90 percent of Facebook.”

He also goes on to explain how this was achieved:

“So, with Facebook API–which is software that Facebook developed so that third-party developers can access Facebook’s information–so with this API, I can have access to my friend Trevor’s information. And what Stalkbook does is it goes through all of a user’s information and all of the friends of the user’s information and stores a cache copy on the website, so that when somebody else visits Stalkbook, they now have access to a cache version of Facebook’s data, even though they don’t have permission to access Trevor’s information.”

At the moment Stalkbook is not available to the public, which we’re sure that many of you guys are thankful for, and fortunately the app that Yeh would have to build also goes against Facebook’s terms of service which states that, “You will not solicit login information or access an account belonging to someone else.” Pretty scary stuff, huh?

[Image credit – Sandy Woodruff]

Filed in Web. Read more about Facebook.

Related Articles
User Comments