Subscribe
Notify of
guest

46 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
Chris Jeraco
Chris Jeraco
4 years ago

FB saves post revisions, including the original saved post. This is cute but if they want to see orignal post data they can.

shift8web
shift8web
4 years ago
Reply to  Chris Jeraco

Totally aware of this.

It will be impossible to know the extent of revision history retention, but most likely a company with facebook’s resources you can
assume its infinite.

What I suggest is running the script X number of revisions against the same posts across X number of months, to ensure that the data changes impacts as much as possible. If they want to run their metrics against me for revision 99 out of 200 for a single post, thats fine. What will they be able to use their algorithms to calculate after the data is changed that extensively? Probably that I’m a paranoid sysadmin /developer and show me ads for tinfoil hats.

All that said, the idea here is to do the best we can. You can run the script 1000 times against your posts, or once. Whatever makes you feel comfortable owning your data. Thats the best we can ask for unfortunately without better privacy laws.

Robert A Stewart
Robert A Stewart
4 years ago
Reply to  Chris Jeraco

Depends. If you get into the right spot then you could identify if the data was going to a back up server. I doubt they masq the back up from the main server. Maybe sneak something in that lays dormant and logs traffic til you mapped your way through?

shift8web
shift8web
4 years ago

Backups are typically overwritten (in theory with facebook) after X days/months. It would be difficult for even them to keep infinite numbers of revisions to infinite numbers of backups for infinite numbers of historical days/months/years. Anything is possible I suppose

Robert A Stewart
Robert A Stewart
4 years ago
Reply to  shift8web

I wonder where the data comes from when fb gives you those “on this day 6 years ago u said this” posts….

That would be handy to know….

Robert A Stewart
Robert A Stewart
4 years ago

Something to consider…

I just had to deal with a loader that nested in the driver kernels on my bios. It locked the partition so that it couldnt be overwritten and being on the vid card it set the bios to load the infected kernel before anything else meaning every power on executed script that recreated itself in a new spot on the hd and also refreshed a fresh version on the updated initrfs.img file

Again just tossing ideas around. I have always heard go big or go home right?

Mike_Bowman
Mike_Bowman
4 years ago
Reply to  Chris Jeraco

Creating obfuscation as far as we can go. It very likely won’t all go away, but we can make an effort to make it difficult to utilize what we didn’t give permission to utilize.

Robert A Stewart
Robert A Stewart
4 years ago

So… it would seem to me that instead of just doing this you could use the same method that fb is already not doing much about. A small group of bot programs injected on a cloud server would work best to keep your qwerty clean. One set of programs runs the (working) editor script the other simply crawls through a series of posts and clicks around randomly for a loop of specified times. Each loop opening a page each click from group A is matched by a directed click from group b. The server mask would make it so that only the server block could be certainized.

Make the clicks a little slower and it makes it even more difficult to differentiate between the bot activity and say an excited human user.

Go for gold and Jack into an accepted ad server with a replicating version and you could… well. You know the rest

If done well and added with a password forcer you could end up with tons of data being affected meaning if your data got miffed… hey it’s not my fault… it was a virus…. *shrug*

It may take more coding but the end result would be spectacular

shift8web
shift8web
4 years ago

I definitely think your suggestion is worth merit. The reason why I went the smaller scale route , from my experience, its much easier to mitigate “services” that interact with user profiles in this way. That is to say the IP of a server in a data center that is responsible for purging 10,000 accounts is much more easily noticed by the network security team than a script running locally on your workstation using your residential ISP.

Robert A Stewart
Robert A Stewart
4 years ago
Reply to  shift8web

Right. Agreed. I would still keep it smaller. But fb is already weak to add crawlers and Google cloud. End point users are backing up data on their personal cloud space too don’t forget so there is potential residue issues there as well. By making a wider target base you then have a chance to not only hit the end user cache in their cloud(if it’s there) but also there is chance to expand the server space and the range of source ips fmypu are injecting from making it even more difficult to isolate.

Just throwing out some ideas here. I know it will be code extensive and that’s a burden on scripters in the build but the difference would be worth it because the end game of such a hypothetical evolution would have the potential to impact not only the way fb handles data and their servers but also would put a strain on Google and other ad intensive bot nets. It would take AV authors who knows how long to script something to contain it….

Make it so nasty that any server it inhabits has to be nuked and that any preventative backup of data would be a risk

Below14th
Below14th
4 years ago

Could we just insert a random number generator and create a for loop to randomly change old posts? Haven’t started digging through the repo yet.

shift8web
shift8web
4 years ago
Reply to  Below14th

Ultimately this is my goal. I plan on making another article about this exact issue. I personally have painstakingly collected every single post ID since I joined facebook in 2008. With CasperJS this can definitely be automated. My focus first was to have the ability to edit and obfuscate the data. Next I want to automate the entire process end-to-end. So far the response has been amazing and the proof of concept works.

Contributions to the repository on github are very welcome! 🙂

Isaac Newton
Isaac Newton
4 years ago

Totally pointless article. Gee I can’t believe the TV-watching lemmings have forgotten already. Your data is very likely already sitting on a disk in Bluffdale. NSA has been deep mining Facebook since 2010.

Léo Bandipure
Léo Bandipure
4 years ago
Reply to  Isaac Newton

NSA okay but what about sites that would use datas for commercial use?

Mike_Bowman
Mike_Bowman
4 years ago
Reply to  Isaac Newton

Who gives a shit about the NSA? They have everything already. What we’re talking about is FB itself using our data in a way we didn’t agree to. The NSA was given a voted clearance to do what they’re doing, regardless of how people feel about it.

Michael Rasmussen
Michael Rasmussen
4 years ago
Reply to  Mike_Bowman

I think the difference is that the NSA can jail you over that data, whereas Facebook can never have that power. That’s why it’s more concerning that they have it, especially when the intelligence services of our country have shown time and time again that they don’t give shit about personal liberties, the sovereignty of nation states they disagree with, human rights, or international law.

shift8web
shift8web
4 years ago
Reply to  Isaac Newton

I wouldn’t say this is a totally pointless article because, at a minimum, we are creating a dialogue about privacy, the right to be forgotten and how consent is interpreted by companies as they grow and more importantly grow more dependent on the bottom line and stock prices.

If we can even obfuscate the historical data so that it is 10% less effective, then I think that that is a small win at the very least.

Chuck Norris
Chuck Norris
4 years ago
Reply to  shift8web

I’m guessing this can’t be used if all I have is an android phone that I only use on internet….

Denver
Denver
4 years ago
Reply to  shift8web

I loathe anyone that says “Creating a dialogue”. Go fuck yourself you hipster douche, you and all your #progressive #mellinnial #blessed assholes.

Goddamn people like you are fuckng dull.

Nicolas Durand
Nicolas Durand
3 years ago
Reply to  Denver

Oh, Dnver (I’m not gonna bther splling yor nme corrctly), how is life in IQ=15 world?

RBruce Biggs
RBruce Biggs
4 years ago

Funny, everyone here is using their FB login to post on Disqus

shift8web
shift8web
4 years ago
Reply to  RBruce Biggs

Not me! 🙂

TalkingBackpack
TalkingBackpack
4 years ago
Reply to  shift8web

Me either. ONly idiots would merge different accounts.

Jerry Mael
Jerry Mael
4 years ago
Reply to  RBruce Biggs

not everyone. 🙂

LioN
LioN
2 years ago
Reply to  RBruce Biggs

Speak for yourself.

Linda JJ
Linda JJ
4 years ago

this is awesome!

shift8web
shift8web
4 years ago
Reply to  Linda JJ

Thanks!!

Kevin
Kevin
4 years ago

This also looks like it could be adapted to populating new accounts with filler content.

For example: machine generated remixed content harvested from the daily news, popular blogs, and social media.

These filler posts would have to be of sufficient quality that they would pass automated machine filters, but not pass the desire for advertising nor would they contain anything revealing about you personally.

Wouldn’t this violate the terms of service? I beleive not, so long as this tool was simply a time saving helper, like hiring an assistant.

“Don’t have time to maintain a 24-hour-a-day social presence? Well don’t worry, we’ve got you covered with the all new Friendster 2.0: let us curate content, reply to friends, and comment on popular articles with your authorization. We take the stress out of keeping up!”

With millions of people relentlessly sharing using assistance tools like this, it won’t be long before the signal to notice ratio fades into the rising tide of worthless remixed filler.

Really?
Really?
4 years ago

Who gives a shit? Does anyone actually think I am going to the trouble to write script because of some stupid shit I have written? As long as my enemies know I’m armed and not afraid of them I’m good. Pretty soon we are all going to be afraid of our own shadows. Get a grip, people. Grow some balls.

Punk ass
Punk ass
4 years ago
Reply to  Really?

No clearly YOU’RE not going to write a script because you don’t what the hell you’re doing but for those of us that actually care about our data and don’t want ad companies to walk all over us and steal our data without our consent, this article is very useful. I mean why even comment on the article if you’re just going to shit all over it? Pure ignorance I guess..

Really?
Really?
4 years ago
Reply to  Punk ass

Go for it, Nerd. I’m sure your very valuable data must be protected from Big Brother’s Eye of Sauron.

shift8web
shift8web
4 years ago
Reply to  Really?

good troll!

Jan de Vries
Jan de Vries
4 years ago

Bullshit! hopefully they will stop this senseless illegal stuff soon!

Gregorio Thousandaire
Gregorio Thousandaire
4 years ago

I already LOVE this idea!

Jeff Boyington
Jeff Boyington
4 years ago

Too late…

Heikki Lehtinen
Heikki Lehtinen
4 years ago

the link doesnt work for me 🙁

CaPPsiE
CaPPsiE
4 years ago

Could the following script (A script to bulk edit Facebook post privacy settings) be combined/hacked to retrieve all previous FB posts? https://github.com/pellaeon

shift8web
shift8web
3 years ago
Reply to  CaPPsiE

No – this python script you linked uses the Graph API to interact with facebook.

Once upon a time you would be able to interact with their API to make bulk lookups and potentially bulk changes to your posts and whatnot. They now throttle access in this way and restrict it so that just anyone cannot interact with their own facebook profile by creating an app and using the API.

This would have been the best way to accomplish purging your facebook data and perhaps years ago facebook realized this and this is why its restricted now.

Lee Roy
Lee Roy
4 years ago

Side note: Look into NightmareJS or Puppeteer if you use CasperJS.

ml
ml
3 years ago

We need to run your script for each post we made? We can’t run it in a way to find out all of our post under our user and poised all contents?

shift8web
shift8web
3 years ago
Reply to  ml

The script is supposed to build a massive list of your post ID numbers. Then iterate across all the posts and generate random content. The idea is to have the entire process automated but its very difficult to do that especially with how facebook over complicates how their layout is structured (to circumvent ad blocking for one, most likely)

Kenneth Kron
Kenneth Kron
2 years ago
Reply to  shift8web

This is the kind of peaceful protest we need to stage. FB plans to continue to poison elections all over the world order to make $Billions$. I’m willing to start documenting and teaching others how to use this.
We need a catchy name though.

Daniel Diniz
Daniel Diniz
2 years ago

what would it take to adapt the script to languages other than english?

Joe B
Joe B
11 months ago

Can someone show me how to do this or do it for me, gladly pay you for your time.I am not a programmer have no idea how to execute this script.

Epstein didn't kill himself
Epstein didn't kill himself
8 months ago

This is an example of something written by an engineer and not by someone who knows how to actually instruct or teach people how to do x/y/z. The documentation on this is a joke, unfortunately. I love the part where it’s like “This is already documented somewhere else” linked w/ 0 documentation and explanation. lol xD

shift8web
shift8web
8 months ago

This was written by a technical person (me) intended for technical people specifically. It received a little bit of traction and may have entered the peripheral of non-technical people as a result. Since this was done on unpaid time as an open source effort, it is up to the broader open source developer community to take this conceptual or literal project and run with it to contribute and help it grow.

If that ever happens then it may have enough resources (people) to produce something that would be a bit more user friendly and easy for non-technical people. I hope that this makes it easier to understand – user friendly solutions are an insane amount of work. All unpaid and all thankless (As your comment demonstrates very clearly).