Security chiefs have cautioned army, navy and RAF personnel to disable Facebook Places, over fears it could be used by terrorists to identify and track targets. The new service could act as a "one stop shop targeting pack", particularly in Northern Ireland, they warn. The Ministry of Defence is concerned about how it could be …
...I've said it before...
...and I'll say it again. Isn't arriving at some destination with your friends supposed to be fun? If you are all there together and presumably within eyeshot of each other, well what benefit can be had from posting an update to Facebook? Who's reading it? Evidently no one you care about enough to actually invite. So don't do it.
I've just blocked anything on Faceache coming from two people I know 'cos I got fed up with being spammed by what amounted to adverts for shops, cafes, coffee places etc. etc.
I don't need to know you're on the other side of town having a bloody burger!
I can see the problem.
"Hey Abdul, pass the rocket launcher."
"I've just noticed on Facebook that the British first armoured brigade have their locations down as 'behind hill 427 outside Kandahar'........"
They didn't think of that
When they updated "winning Hearts and Minds" to "winning Hearts, Minds and Facebook Friends"...
"...it could be used by dissident Republican groups..."
I never did trust those Tea Party people.
Sure and begorrah, t'eyre all in tat army base there
Alternatively, if you want to spot them out and about, look for the pack of tattooed drunken red faced goons, braying in Manc and Geordie, and picking fights with all and sundry when the odds are 3:1 in their favour. It's not exactly rocket-launcher science.
Nice stereotyping >_> I take it an old girlfriend ran off with a squaddie then? :)
@Gary : the point of a stereotype is that it is recognisable
Just because something is a cliche doesn't make it untrue.
I wonder how long it will be before...
Osama gives in to peer pressure and gets a Facebook page and advertises his location on Facebook Places as 3rd cave on the right, halfway up the fifth mountain on the right, just west of the Afghani/Pakistani border
the mountain that _used_ to be the fifth one on the right, before the unfortunate accident involving half-a-dozen W-88 warheads, right?
A common sense move to be honest
With respect, as a service member in NI, I can see the point in this. It would not directly cause a person to be targeted, but would in essence greatly feed into an intelligence picture that dissidents like to build up about the likes of us.
With monitoring, it's entirely possble to build up a piture of someone's weekly routine. For example, where they like to frequent if n weekend leave. With a location marked as a likely spot frequented by off-duty HM Forces to dissidents, they can then observe likely squaddies. They are not hard to spot, especially the 2 Bns of Infantry who have prodominantly mainland UK accents and short hair.
Recently I had to get one of these guys back home. He was black - not a common skin colour in NI to be frank, he'd lost his mates, he'd had his phone nicked, was plastered and had no money left. Luckily we spotted him before anyone else. Young people and especially young soldiers can be unaware of the very real threat against security forces in NI because of seeing NI now as 'peaceful' and can lead to dangerous complacancy; especially when coupled with advancing technology like GPS phones and instant internet access anywhere on your handset.
Badgers, coz that aint a badger set, that's an SRR hide watching 'em.
I was over there myself, and instantly knew that Facebook would be a useful supplementary targeting mechanism. The net can be used to pick up crumbs which, of themselves being no use, in aggregate enable selective targeting and either assassination or kidnapping (for intelligence purposes). To use the words of someone who mistakenly pooh-poohed the idea, it is not rocket science. All one needs is spare time, knowledge, and a search engine.
As it was for some years I checked under my car early in the morning. If a head of intelligence service can leave personal data on Facebook, so can anyone else. It's not the individual snippets, it is the picture that counts. Too many people discount this, and that is very slack. Once you've been over there your view of personal information security changes. Forever. No amount of civvy 'never mind, don't worry' will make it any safer.
Yes, this is one reason why my nick is fairly innocuous and nothing to do with my identity.
That's the thing
I don't think many people consider how the small bits of information online add up and can so easily be correlated.
I grew up a short kick in the arse from Thiepval Barracks (the helicopters weren't low-flying unless you could see the whites of the pilot's eyes ;-) ) and when I was old enough to go out drinking with my mates the bar we generally went to often had a bunch of squaddies just generally minding their own business and enjoying a night off duty.
Imagine how much easier it would have been for the terrorists if the same combination of Facebook and sloppy privacy thinking had been around back then. A pattern of people posting from the army base and also checking in to "name of bar here" would emerge without the recon ever having to be "in person".
That would have put the soldiers, the bar owners and the regular patrons at risk, all for minimal effort on the part of the terrorists to build a target list.
Nitpicking again, but...
"circuled" means what, exactly? ;¬)
More seriously, I have actively avoided Facebook and all similar applications precisely because the whole idea is pointless, for the most part. As pointed out above, anyone you really care about and who really cares about you, is already aware of pertinent information, like where you are, unless you don't want them to be. In either case, I fail to see how FaceBook and its ilk could help you there; it's transparently about gathering large amounts of information to sell, anonymized or otherwise, to businesses.
Does the document also advise 'users' to wear a bag on their head when in public in case they are spotted by eye. They may need to look at securing eyes too.
It is my opinion that aficionados of social networking are at heart longing for the security of social animals and eschewing the liberty and responsibilities of individuality. So be it. Worker ants are identical and interchangeable. Kill one and it has a vanishingly small effect on the nest.
So what's the big deal about losing the occasional Facebooker?
the big deal
"what's the big deal about losing the occasional Facebooker?"
There's too damn many of 'em to pick off one by one. We need 'em to congregate into large groups so that they can be eliminated en masse. We should be _encouraging_ them to use this 'technology'... and then we should have 'em 'friend' a cruise missile.
I think the part of the British Army still in NI has returned to its peace time role
Knocking up local girls and knocking out local men at the local bars.
No. The threat has reared its head quite a bit. The SF have interrupted arms buying, targeting and attacks for quite some time but, as civvies have been learning since 2001, it is impossible to stop every attack. Someday one idiot will get through. Just be thankful that this particular brand of madness does not involve strapping bombs around waists.
What has open source got to do with it?
"Social networks already provide an extensive open source intelligence gathering tool. This application is almost creating a one stop shop targeting pack"
Re: open source
I'm sure the MoD don't give two hoots about the source code or implementation of Facebook's web site. They're referring to the information. You've given up copyright or control over your personal information, and it's freely available to anyone who wants to use it. They're using "open source" as a loose synonym for "publicly available for free".
Actually, i think they use the word open source in the best possible way: free for all to use. :)
It only takes...
A guy who wants to come home and find his telly still there to work out that this is a bad idea and should be disabled. Nice to know military intelligence caught up: not so re-assuring to know that they needed to *tell* the solders
And I thought that Facebook...
was just just for killing time!! :)
Mine is the one with the built-in Lo-Jack and GPS transponder.
Don't forget FourSquare
If facebook is a risk, with it's many layers of security, I imagine FourSquare would be even worse, avoid!
Whilst you're locking down Facebook, don't forget FourSquare
The security built into FourSquare isn't all that bad, disable all updates to FaceBook and or Twitter when you checkin/check a mayorship etc.
FourSquare isn't in the UK yet.
Foursquare's in the UK & Europe
Plus Twitter has location feeds too,
Scaremongering Panic Wranglers Strike Again
Yet more people who obviously don't understand the functionality and can't be bothered to find out how it actually works spreading bullshit and generally scaremongering to try and cause panic. What a load of crap. With people like this around I'm surprised the internet got further than the fledgling network it started out as.
Re: Scaremongering Panic Wranglers Strike Again
Its all very well for you but you're not the one who has to check under your car every morning to ensure that someone who disagrees your fundamental right to exist hasn't left you a gift.
If you input this story into the Daily Mail headline generator
If you input this story into the Daily Mail headline generator, along with the stories about the CEOP buttons, you get the following...
"Is Facebook causing your family to become terrorists and paedophiles?"
It also carries the following subheading...
"Scientists still don't know if Facebook causes cancer and wars, is it safe to let your family take the risk?"
Obviously the MoD is correct.
And not just terrorists, but also spies, competitors, managers, rivals, burglars, future fathers in-law, and ex girl friends.
I use Facebook and I don't mind sharing somethings.
But when Facebook Places came out, I disabled it immediately.
If they had any they'd realise bookface could provide excellent misinformation for anyone stupid enough to believe everything they read online:
1) Don't post where you are - post where you aren't. If you're in Iraq tell everyone you're living it up down the pub;
2) Post often - eventually people will just classify you as a self-important berk and will ignore you. Which is what you want if you're on a covert mission;
3) Take the piss. Creatively annoy your enemy. Annoyed people think less rationally and are therefore more prone to doing the stupid thing. Maybe set up a Real IRA page and fill it with pictures of horse-fucking bucktoothed lunkheads.
There are so many ways you can misdirect and misinform using failbook. You just have to think outside the bomb. Sorry box.
face the fact
face book is crap so don't use it full stop!
I closed my account some months back, having trialled it using limited information for a few months. I used the 'terminate with extreme prejudice' option, rather than Facebook's 'revivable' option.
Everything about it made me uncomfortable toward the end, even though I'd screwed down tight every option I could. These people continually move the frigging goalposts, meaning that they remove users control over their data at their risk.
Pity really, because it was a useful tool for finding old friends.
Ha ha ha, typical MOD fubar and FUD
I turned this 'feature' as soon as it turned up in the browser.
Granted its not probably the best idea to advertise your location if your in that line of work but I would like to think that the MOD's intel was correct.
AFAIK the Places system is in use on the mobile versions of facebook and uses your phones GPS to tag where you are if you tell it to, also other users can tag you as well unless you disable that. Basically no GPS no checking in your location by yourself.
So why the MOD's release states that the app uses your IP address to determine your location seems to be a bit strange. IP addresses dont give that accuracy of location.
It's probably bored squaddies, crabs or matelot's who are bored and playing with there mobiles and not thinking of the consequences. If the naughty people can use this to track you how about trying to explain to the sgt major why facebook, after you added him as a friend once and forgot about it, showed you in the pub when you were supposedly bedded down in your room
Also even though its stated thats its for advising and not instructing personnel, It can be guaranteed that some idiot officer will ignore that and, not understanding the technology, will over-react and claim thats its been banned from use and that anyone caught using it may get told off.
Ha ha ha, typical MOD fubar.
Big Brother because even the lamp posts are watching you!
Trouble is, it's getting better...
"IP addresses don't give that accuracy of location."
..from a six-year-old article http://www.linuxjournal.com/article/7856
As the Daily Flail might say, "Won't anyone think of the Onion Router?"
Just to be on the safe side
Best ban telephone directories too. Don't allow anyone to place personal ads in newspapers. Have a full body suit on when out in public (so people can't even recognise your clothes). Ban DVLA from selling personal info - now I'm sure everyone will agree with that - Get rid of the electoral register.
The one with the name tag ripped out.
Were you never ex-directory? I've always been, and I don't appear on the electoral roll. If you've not served then you might not understand, but take a little time to reflect on the fact that some Islamic nutcases recently plotted to kidnap a Muslim soldier and do evil. Anyone who a) identifies themselves online and b) says they are in the forces is inviting trouble.
So yes, for flippantly joking about it perhaps you should be putting your coat on, before throwing yourself into the rain.
"unprecedented privacy controls" - Facebook
To be fair...
... they said "unprecedented". They didn't say "good"
Nice work on bluring/removing up the personal info MOD...
...apart from leaving the email visible in the third picture down.
Official Facebook response
As with a lot of new technologies, there has been confusion about how Places works and this is reflected in the article.
For Facebook Places to act as a 'targeting pack for terrorists', MoD personnel would need to actually be friends with the terrorist, as the privacy settings are set to Friends Only by default.
Places users have complete control; before your location is shared you have to actively check in somewhere, or allow your friends to check you in. You can’t be checked in unless you agree to be. We fully support organisations who want to educate their employees about how to use the internet and social networking sites, including Facebook. Whilst there were a few inaccuracies in the MoD guide, such as the claim that Facebook Places is automatically on until it is deactivated, they are clearly not 'labelling' Places as a 'targeting pack for terrorists'. The MoD is, like any responsible organisation, simply providing guidance on how to use these services appropriately.
Places also does not share your location details with third party websites or applications 'by default'. Every time an application needs to access your data - to make it work and give you a better user experience - it must provide a clear set of instructions so you can easily see what information is needed before you accept, just as it would if it wanted to access your photos or friend lists.
For people interested in how privacy on Places actually works, you can see a quick video on how to control your sharing through Places here: http://www.facebook.com/video/video.php?v=10150257497405484&ref=mf#!/video/video.php?v=697692691093
If you want to find out more, visit: http://www.facebook.com/places/
Sophy Silver, Head of PR & Communications, Facebook
Re: Official Facebook response
As I discussed at length with your PR agency on Friday, I'm afraid the document does label Places as a potential targeting pack, for terrorists.
"This application is almost creating a one stop shop targeting pack, which could potentially be used to target military personnel, family and friends". - MoD
I think that's pretty unequivocal. Unless you think they are concerned about the military and their families being targeted by someone else? Travelling timeshare salesmen, perhaps?
Which inaccuracy would that be again?
Regarding: "Whilst there were a few inaccuracies in the MoD guide, such as the claim that Facebook Places is automatically on until it is deactivated"
I just created a new test account and yes, Places was active by default, allowing "friends" to see my location.
Official Facebook response
Sophy, when you say “MoD personnel would need to actually be friends with the terrorist, as the privacy settings are set to Friends Only by default.” you are only taking direct relationships in Facebook into account and not the degrees of separation that occur in real life.
I have an example that occurred the other week. I have changed the names. I am Facebook friends with Bob; I used to work with his brother Dave who is married to Alice. On Facebook Bob posts “Off to a specific family event – at Dave & Alice’s”. Now “Dave & Alice’s” is tagged in Facebook places as a local business. Is the terrorist or stalker who is friends with Bob interested in Dave, Alice or someone else at that family event? These people think believe they have set their privacy settings correctly or perhaps don’t have a Facebook account due to privacy concerns.
"As with a lot of new technologies, there has been confusion about how Places works"
I think it's unfair to describe this "confusion" as being universal to "a lot of" new technologies. Some new technology is confusing granted, but no more than it has to be.
Even the average "Joe six pack" has a basic understanding of how a particle accelerator works, for example. Facebook on the other hand is a complete mystery. How does Places work? I dunno, do you? No. Where does it get data from, where does the data go to, who sees it in the middle? Unicorns? Space Turtles? Who? No one knows because Facebook is never going to tell us, as the answer is, in all probability, utterly terrifying.
How 'official' is this MOD document?
Chris - The MOD security document looks rather simplistic to my eyes, which leads me to question just how official it actually is? Did you remove the header/footers and other identifying marks to protect your source or was it really issued in that state? Either G2 Branch HQ NI & 38 (Irish) Bde issues really oddly (by MOD standards) formatted documents nowadays or this was a more local production. After all a poorly informed Lance Corporal in the local security section can knock up a document, email it to a few units and it becomes "Official MOD security advice". Would you care to comment on just how official this really is?
With all due respect Sophy...
...just because it's default is currently set to "friends only" doesn't mean it'll stay that way in future.
Sorry, but Facebook's record on privacy and in particular changing privacy defaults under the auspices of "improvements" speaks for itself in this regard.
Response from Facebook
Places are public spaces. The scenario you’ve described is really no different to what someone could have posted on Facebook or elsewhere online before Places was launched. Whether you are talking about relationships online or offline you should be conscious of how trustworthy your friends and their connections are – particularly if you are working in a sensitive line of work.
- Analysis iPhone 6: The final straw for Android makers eaten alive by the data parasite?
- TOR users become FBI's No.1 hacking target after legal power grab
- Vid Reg bloke zips through an iPHONE 6 queue from ZERO to 60 SECONDS
- Anal-ysis Buying memory in the iPhone 6: Like wiping your bottom with dollar bills
- Bacon-related medical breakthrough wins Ig Nobel prize