Jump to content
begood

Another webtool targeting Facebook: "Evil"

By begood, in Stiri securitate

Recommended Posts

begood Newbie

begood

Posted
Posted (edited)

What is this?

This site randomly displays the private phone numbers of unsuspecting Facebook users.Who made it?

Hello. I'm Tom Scott. I live at tomscott.com, and you can email me or follow me on Twitter.

The lightning photo is from Hugo on Flickr and is under a Creative Commons license.

How does it work?

There are uncountable numbers of groups on Facebook called "lost my phone!!!!! need ur numbers!!!!!" or something like that. Most of them are marked as 'public', or 'visible to everyone'. A lot of folks don't understand what that means in Facebook's context — to Facebook, 'everyone' means everyone in the world, whether they're a Facebook member or not. That includes automated programs like Evil, as well as search engines.

Can you be more specific?

Evil uses the graph API to search for groups about lost phones. It picks them at random, extracts some of the phone numbers, and then shows them here.

Are you cracking Facebook?

This site isn't doing anything that you couldn't already do manually, or by just doing a simple Google search. It's just a bit more dramatic.

Are you storing the results?

No. I don't even see the phone numbers. All the processing is happening on your own computer.

How do I make my number private?

Go into all the "lost number" groups you've ever joined. Ever. Delete your posts. (You might want to try searching for your own phone number on Google, too; it might turn up in unexpected places.)

Why do the numbers cluster into area codes?

Evil reads up to 25 numbers from one group to avoid unnecessary strain on Facebook. These tend to be friends in the same geographical area, hence, the same code. Give it a few seconds, it'll change.

Why are you censoring the last few digits?

It's called Evil, not diabolic. Those digits are publicly available though, and I - or anyone malicious - could easily flick a metaphorical switch and show them here. Or produce a phone directory. Or nick them for marketing. Don't forget, the Facebook pages you "Like" are public too.

It's broken!

Quite possibly. This was coded in a few hours' frenzy after getting the idea, and there are almost certainly bugs. A great flood of users (more than one every two seconds) may also trigger Facebook's rate limiting. Needless to say, this site is not affiliated with Facebook, which may also hamper it from time to time.

Why's it called Evil?

Because it's evil. Duh.

http://www.tomscott.com/evil/

Edited by begood

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...