Search fb Profile by phone Number

0
28

                                                 Search fb Profile by phone Number
                                     Search fb Profile by phone Number
Facebook phone number lookups now limited, but you should still tweak this privacy setting
Facebook says it has patched a security hole related to a little-known phone number search within Facebook. Specifically, the social networknow limits the number of phone number lookups that any given IP address can perform on Facebook.
Last Friday, independent security researcher Suriya Prakesh published a blog post in which he claimed that “98 percent of your phone numbers [on Facebook] are not safe.” In the post, Prakesh demonstrated that a brute-force attack could be used to lookup sequential phone numbers on Facebook and match them with their respective user names.

But first, a little background: It seems as though not many people realize this, but if you know someone’s phone number you can usually easily look them up on Facebook. Simply type the phone number into Facebook’s search bar and any profile associated with that phone number will pop up—even if that person has set their phone number to private.

Let me explain, because (surprise, surprise) Facebook doesn’t make that distinction very clear. There are two different privacy settings associated with phone numbers (and email addresses) on Facebook: One relates to what shows up on your profile, and one relates to what others can use to look you up on Facebook.

When you add a phone number or an email address to your Facebook profile, you can choose whether it shows up to everyone, friends only, just yourself, or to a custom list of people. This privacy setting is located right on the page when you add the phone number/email address. However, the other privacy setting, which relates to what people can use to look up your Facebook profile, is tucked away in Facebook’s privacy settings, under How You Connect.

Related Post:

By default, this setting is set to allow everyone and anyone to search for your email address or phone number on Facebook to find your Facebook profile. And since many people assume that setting their phone number or email address to private on their profile means that it’s private, most people never realize they need to change this setting as well.

So what Prakesh discovered was that Facebook’s phone number lookup, coupled with people’s ignorance of how Facebook privacy works (or rather, doesn’t work), could be exploited using a few choice pieces of code. Prakesh’s experiment showed that since Facebook didn’t curb the number of phone numbers that could be looked up, he was able to harvest phone numbers coupled with Facebook photos and names, which is somewhat useful data for advertisers and/or hackers.
Anyway, Facebook said Wednesday that it fixed this–Prakesh’s post now notes that he can no longer look up 10,000 phone numbers at a time. Facebook did say that, at the time of Prakesh’s experiment, it had a system in place for “preventing the malicious usage of [its] search functionality,” but it has since tweaked the system to be a little more sensitive.
However, Facebook also confirms that the phone number lookup is not a bug.
“The ability to search for a person by phone number is intentional behavior and not a bug in Facebook,” Facebook said this week in a statement. “By default, your privacy settings allow everyone to find you with search and friend finder using the contact info you have provided, such as your email address and phone number. You can modify these settings at any time from the Privacy Settings page.”
Keep your contact info safe on Facebook
Facebook’s phone number and email address lookup feature has long been the stalker’s secret. I admit to using it a time or two when I’ve been curious, or when I’ve wanted to find someone who has a particularly generic name.
Facebook Comments

Leave a Reply