from Hacker News

Facebook Reveals New Security Settings Amid Privacy Concerns

by lambda_lover on 3/28/18, 1:33 PM with 62 comments

  • by lukewrites on 3/28/18, 4:03 PM

    They absolutely did not "reveal new security settings" – they revamped the security settings menu & page. From the article:

    > Facebook announced on Wednesday that it’s redesigning the settings menu on mobile devices, consolidating privacy options in one place, rather than sending users to some 20 different screens

    There is no indication in the article that they are allowing users more control over their data, and fb remain free to do what they will with your data once you sign up for their service.

    This does nothing to resolve the problem that people are up in arms about:

    > Under the revamp, users still won’t be able to delete data that they had given third-party apps on the platform previously, even if it was used for reasons other than what was agreed to. That data, generated over years of games and personality quizzes that had access to private information, is largely still stored outside of Facebook’s grasp by the private individuals and companies that built those applications.

  • by kennu on 3/28/18, 2:48 PM

    What's really needed is a way to delete old data in batches, like "delete everything I've posted over 1 year ago".

    Currently you have to delete thousands of individual items (like played Spotify songs) one-by-one, using a tediously slow and inconvenient UI that individually confirms each delete.

  • by jonahhorowitz on 3/28/18, 2:49 PM

    The real question is: will they let me delete all the call logs, address books, and SMS data they've scraped off my android phones over the years? If they do, will it actually be deleted? How long will it take to be removed from all backups?

  • by galieos_ghost on 3/28/18, 4:25 PM

    What's amazing to me is how the media can stir the public into a fever pitch with such ease. I've told people about FB and Google data collection for years and nobody cared, at least not until the talking heads told them to care.

    What FB does is innocuous compared to the CIA vault7 leaks, and yet the media shoved that down the memory hole. The real question is why is this being pushed now when literally of this has been public info for years?

  • by grinsekatze on 3/28/18, 4:03 PM

    Even if they offered a delete button any time before GDPR comes into effect I would not trust and use it. I also don't like the idea of using one of those chrome extensions mentioned here. To me, currently this is synonymous to hiding everything they have on me from myself.

    But doing this after May 25 would mean I definitely want it gone for good and if they don't fully delete what I manually remove, I expect them to get themselves into trouble.

  • by macspoofing on 3/28/18, 3:46 PM

    Here's a good security/privacy option: Provide a fully featured HTML5 app (specifically one that allows you to access the inbox). Then there is no reason to install the native app or messenger.

  • by bogomipz on 3/28/18, 6:03 PM

    >"“Last week showed how much more work we need to do to enforce our policies and help people understand how Facebook works and the choices they have over their data,” Facebook Chief Privacy Officer Erin Egan and Deputy General Counsel Ashlie Beringer wrote.

    Facebook Chief Privacy Officer. Now there's a job title.

    Seriously what does a Chief Privacy Officer at FB do? What are the responsibilities of a Privacy Officer at a company whose entire existence is predicated on their users having no privacy? Here's 15 years worth of their boss's views on privacy:

    https://www.cnbc.com/2018/03/21/facebook-ceo-mark-zuckerberg...

  • by prolikewhoa on 3/28/18, 2:41 PM

    Who is ever going to trust that these settings actually do anything except for the button animation after the previous two weeks of privacy disaster for Facebook?

    Probably most of the country, actually. =\

    Mark my words, their stock price goes right back to $180 over the next two weeks.

  • by nopacience on 3/28/18, 6:38 PM

    Something curious about facebook is, they let anyone access user profile/pages (or whatever it is called), so visitor can see the user profile picture and might be able to see other stuff. Facebook "protects" the privacy of the "visitor" because the user cannot see what visitors have visited their profiles.

    So, users have no privacy, but visitors have their privacy protected.

    Facebook should list "who" visited user profiles. I dont know why they dont do this already. And even more, they could somehow list what photos the visitor chose to see, how long visitor stayed on user profile, which 'full resolution pictures' visitor had downloaded. If they only saw thumbnails then no need to list, but if visitor made the effort to download all full resolution user pictures then the owner of those pictures should be able to see who has downloaded them.

    So this way, the user would be able to see how frequently visitor X, Y, Z has stayed on their profiles, and how many/which full res pictures they have downloaded/seen.

    If the user profile is not a person, but a store, then the store would be able to benefit from this data and send some message saying "We noticed you have been visiting us lately, and you seem to have a lot of intrest in product X. Do you want to know the price or make an offer?"

    Or, if the user is a person and has seen weird behaviour from weird users, then user would be able to take precautions.

    So in the end, the user profiles are public and have no privacy. But the visitors/consumer of other people profiles can snoop on other lifes and have their privacy protected because the page they visited is never able to know they have been visited by visitor X Ntimes.

  • by mtgx on 3/28/18, 3:34 PM

    Again, it wasn't "amid privacy concerns". It was because they were trying to be compliant with EU's upcoming GDPR regulation:

    https://www.reuters.com/article/us-facebook-sandberg-privacy...

  • by quadrangle on 3/28/18, 5:20 PM

    What I want is to download my history including the external links I posted. But they seem to not include that stuff. I'm sure they tracked which links I posted, but they don't consider that part of the private data I'd own in any way, so it's not there in the download. Which I means I can't find that article I stupidly posted to FB and forgot to bookmark otherwise…

  • by glbrew on 3/28/18, 3:44 PM

    The real problem is data collected about you from other people. For example all of my lesser friends install the android facebook app which gives them tons of information about me from my interactions with them. I need a way to tell facebook to delete and not collect data about me from other people's devices.

  • by benevol on 3/28/18, 4:38 PM

    F#ck the hypocrites at Facebook. That's all.

  • by feelin_googley on 3/28/18, 4:35 PM

    "The Facebook Privacy Setting That Doesn't Do Anything at All

    'I really can't make sense of it.'

    Gergely Biczok, CrySys Lab"

    https://www.wired.com/story/facebook-privacy-setting-doesnt-...