Facebook insecure by design

Robert Bonomi bonomi at mail.r-bonomi.com
Wed Oct 26 17:07:10 UTC 2011

> From: "steve pirk [egrep]" <steve at pirk.com>
> Date: Wed, 26 Oct 2011 09:24:04 -0700
> Subject: Re: Facebook insecure by design
> On Oct 24, 2011 7:55 AM, "Robert Bonomi" <bonomi at mail.r-bonomi.com> wrote:
> >
> >
> > >                  You can even download it all and erase yourself if
> > > you want out.
> >
> > Don't count on it.  You may 'disappear' from public view, but that does
> > not necessarily mean the data is truely 'gone'.  Specific example -- if
> you
> > request a USENET posting to be removed, all they do is make it 'invisible'
> > to the world.  It is _not_ removed from the databases, or from inernal
> > access/use.
> >
> >
> That is a very good point, and one of the things that is being tested now
> that Buzz is going into archive mode. Users are given the option of backing
> up their posts on Buzz, and then deleting their Buzz content. Many like
> myself will just leave it there. It is a year+ of history, and what I posted
> publicly can stay public.
> It is supposed to remove all your Buzz content from the service and I
> believe it includes the content shared only with certain individuals. It
> does not completely erase it, because I believe email copies of the posts
> and comments that people had sent to their Gmail accounts will remain with
> those users.
> Deleting a product like your Picasa web albums is permanent as far as I
> know, but I will definitely ask some people on the Picasa team. Deleting
> your search history and other Dashboard items is supposed to be permanent,
> but as you pointed out, we are taking Google's word for it.
I _don't_ know, but I *strongly* suspect that things like search history 
_are_ kept -- although 'detached' from any identification of the original 
person.  That kind of information is simply 'too valuable' -- for pattern 
recognition, say -- to entirely discard.  I also suspect it remains as 
part of lots of aggregate demographics, etc.   I wouldn't be surrised if
they kept statistal data on 'who deletes what'.  <grin>

More information about the NANOG mailing list