What a Hacker Can See About Your Job, Your Interests, and Your Voting Preferences on Facebook.

I would never expect someone I never met before to walk up to me and say, “Hi, my name is Jane, and I’m a 47 year old recovering alcoholic who owns a gun. I live in Maryland,. I’m interested in men, and I’m voting for Donald Trump! “ I would be questioning this person’s sanity, but this type of information is given to the public facing internet everyday by thousands upon thousands of people. Ignorance of Facebook security policies is causing the leakage of  a large amounts of  personal information  which could be used by the wrong people.

What makes it worse is that this information is retrievable by Facebook’s search engine, providing the ability to easily harvest this data, by law enforcement, marketers, and criminals. Facebook’s search engine is easy to operate, and provides assistance if a specific query isn’t quite right.

Putting on the hacker hat, if I wanted to identify people who are in the recovery community, I could type:

People who like Alcoholics Anonymous

into Facebook’s search engine, and retrieve a list of people who liked this page.

I could also do a join to find people who may be struggling with their addiction.

People who like Alcoholics Anonymous and Jack Daniel’s Tennessee Whiskey

How about I’d try to identify firearms owners who have struggled with alcohol? Let’s focus on women over 30.

Women over 30 years old who like Alcoholics Anonymous and National Rifle Association

Facebook search’s ability to search within a geography provides an easy way to stalkers to identify information on the age, location, employer, and marital status of someone. Both of these queries work

Single women over 20 who live in your city here

Women over 20 years old who live in your city here interested in men

I can earn things about your religion and political affiliation.

People who like Christianity and Donald J. Trump
People who like Donald J. Trump

(BTW  there does seem to be a correlation between people who are white supremacists who like the Donald.)

People who like Donald J. Trump and White nationalism

If I was an LE person gathering intelligence, I could also run a check on Black Lives Matters affiliated users.I can also use Facebook to identify police officers who work or live in a certain city. Not putting that query in, but I don’t feel the same obligation to self identifying ISIS members

People who work at Islamic State of Iraq and the Levant



So the question you are probably acting is how can I be safe on Facebook? While Facebook attempts to provide information on security best practices, and there is some good information elsewhere,  the design and ever changing nature of the site makes locking down all your past pictures and links a manual job that requires continuous monitoring.. I feel that their security needs to be strengthened, and Facebook should create a  security wizard that allows you to completely lock down your page  Maybe if will happen if enough of us share this article.

