Facebook creates scary “shadow profiles” with information you never wanted to give

Everyone already knows Facebook is obsessed with collecting your private information. Data collection seems to be the primary business goal of this company these days. However, what most people do not know is that Facebook does not just collect and archive data taken from your profile. No, Facebook actually keeps huge databases of so called “shadow profiles”. These profiles contain information you never gave to them, infact we are pretty sure you would never allow them to have it.

For example, Facebook is a major customer of third-party data-brokers, who compile huge dossiers on people based on their spending, internet and phone usage, employment history and so on. In addition, Facebook encourages users to upload their entire address books to their system to “find your friends,” and while doing this, most Facebook users do not realize that they are leaking sensitive information, including nicknames, private numbers, and connections to the system.

Facebook mines this data to create their “shadow profiles” of its billions of users. And yes, these profiles are literally filled with data about you that you have never consciously provided to the system. It is data mined from third parties, including your friends, but also those spooky data-brokers we mentioned before. Facebook’s shadow profile system was first confirmed in 2013 when it accidentally leaked all of the users’ shadow profiles to them along with their own data. Something the company says it will never do again out of (ironic) respect for the privacy of the people who provided the data that goes into your shadow profile.

The “shadow profiles” are involuntary and there’s no opt-out. Facebook even has shadow profiles on people who don’t use the service. For example, even though I’m not a Facebook user anymore, multiple people have uploaded their address books containing my email and phone number to the system, thus allowing Facebook to create a profile of my contacts by looking at who lists me as a contact.

Ofcourse Facebook doesn’t like, and doesn’t use, the term “shadow profiles.” because it sounds like Facebook creates hidden profiles for people who haven’t joined the network, which Facebook says it doesn’t do. Ofcourse the company is not being honest about this, as I just explained.

Most users remain unaware of the reach and power of the”shadow profiles”. Because shadow-profile connections happen inside Facebook’s algorithmic black box, people can’t see how deep the data-mining of their lives truly is, until an uncanny recommendation pops up.

Scary examples: (quotes from Gizmodo)

  • A man who years ago donated sperm to a couple, secretly, so they could have a child—only to have Facebook recommend the child as a person he should know. He still knows the couple but is not friends with them on Facebook.
  • A social worker whose client called her by her nickname on their second visit, because she’d shown up in his People You May Know, despite their not having exchanged contact information.
  • A woman whose father left her family when she was six years old—and saw his then-mistress suggested to her as a Facebook friend 40 years later.
  • An attorney who wrote: “I deleted Facebook after it recommended as PYMK a man who was defense counsel on one of my cases. We had only communicated through my work email, which is not connected to my Facebook, which convinced me Facebook was scanning my work email.”

As expected, Facebook does what it can to underplay how much data it gathers through contacts, and how widely it casts its net. “People You May Know suggestions may be based on contact information we receive from people and their friends,” Facebook spokesperson Matt Steinfeld wrote in an email.

So how do you stop Facebook from collecting data? Contact every person you know who ever received your contact information and uploaded it to Facebook and ask them to go to Facebook’s contact management page and delete it. That is really the only way.

Just don’t miss anyone. “Once a contact is deleted, we remove it from our system, but of course it is possible that the same contact has been uploaded by someone else,” Steinfeld wrote in an email.

Sources: BoingBoingGizmodo

SQL injection tutorial – A step by step guide (4 parts)

Are you interested in learning about hacking? Perhaps you imagined hacking a website and uploading your own custom message to it? Today we want to introduce you to SQL injection. The guide below comes in 4 parts and takes you from beginner to advanced in less than an hour. The final part is about uploading a shell as an image.

Remember, these tutorials are for educational purposes only.

SQL injection tutorial – A step by step guide – Part 1:

SQL injection tutorial – A step by step guide – Part 2:

SQL injection tutorial – A step by step guide – Part 3:

SQL injection tutorial – A step by step guide – Part 4: