Stalkbook Lets You View Anyone's Facebook Info, Even if You're Not Friends

Stalkbook Lets You View Anyone's Facebook Info, Even if You're Not Friends

Recent MIT graduate Oliver Yeh has taken Facebook stalking to another level. Yeh created a service called Stalkbook that allows people to view user's Facebook info even if they're not friends with said user. Yeh told IEEE in an interview that this is all possible because he figured out a way to snoop under the guise of other Facebook users: 

So, the photo version works by whenever a person signs on to the application; not only does he reveal his or her own information but he also compromises all of his or her friends' information too. So for example, if I sign on to the site, then my friend Trevor would also be signed on to the site because I'm friends with Trevor. And because with my credentials, I can see Trevor's information. Now, everyone on the Internet can also see Trevor's information by using my credentials. And as more people sign up to Stalkbook, you get this network effect, in which you only need perhaps 10 percent of Facebook to join to compromise 80 to 90 percent of Facebook.

Yeh mocked up a simple chart that explains it all (image 2) for those who find his explanation fuzzy. If you're thinking this all goes against Facebook's terms of service, you may be right. Though, according to Yeh, it's not: 

So, with Facebook API--which is software that Facebook developed so that third-party developers can access Facebook's information--so with this API, I can have access to my friend Trevor's information. And what Stalkbook does is it goes through all of a user's information and all of the friends of the user's information and stores a cache copy on the website, so that when somebody else visits Stalkbook, they now have access to a cache version of Facebook's data, even though they don't have permission to access Trevor's information.

However, CNET believes that Facebook would never let this fly as it clearly violates both the social network's original terms of service, as well as the Facebook Platform Policies put in place for developers creating third-party apps. "If you login to a third-party app or Web site that leverages Facebook, only you can view your friends' data," says CNET's Emil Protalinski. "Yeh, or anyone else for that matter, is not allowed to hoard your credentials so that others can see your friends' information and photos." 

Stalkbook is not yet live and there's no word on if or when it will be. So, breathe easy. Your info is safe for now. 

[via CNET

Tags: facebook, mit
blog comments powered by Disqus