Scoble hacks FaceBook, gets banned

Robert Scoble got the boot from Facebook recently for hacking the site by running a script that pulls data from his account. This raises so many questions. Do you own your data on social networks? Is Scoble a freedom fighter or a data thief?

What was he running on his Facebook account. According to him, he’s testing a new service called Plaxo Pulse. It is a Facebook importer that pulls and collects names, emails and birthdays of his contacts in his own account. However, Facebook banned him and suspended his account because of clear violations on their TOS:

Hundreds of people have been appealing that his account be re-instated and he got his wish. Facebook emailed him and explained the situation:

Facebook’s Terms of Use broadly prohibits the running of automated scripts on the site because they can be used to commit malicious attacks, send spam, and generally try to undermine the integrity of the site. When our systems detect these types of scripts, they immediately disable the account of the user responsible as a preventative measure. This is what happened in your case â€“ your automated script was exhibiting the same behavior as other malicious scripts that we have blocked before so your account was disabled.

When Plaxo contacted Scoble and several other bloggers, the company knew that they are violating the FB TOS. It was a risk they wanted to take but a risk that their invited bloggers will be facing, not Plaxo. Now Scoble got the boot and tried to get back in.

Some interesting issues were raised because of this debacle.

Who owns your data on social networks? I believe the user owns them and he has full rights however he wanted to with his contacts inside the network, within the network. Remember that the relationship between two contacts was consummated with the premise that both parties agree to use them within the network, and not outside of it.

Should social networks be opened? It depends on the users. If my contacts on LinkedIn grabs my information there and tries to move me to MySpace, Facebook or Hi5, I should also have a say whether he can or cannot do this. Networking is a bilateral agreement. Same agreement when I clicked on that Accept/Approve or Reject button when we got connected. If I have a social presence in Twitter or Pownce, that does not mean any of my contacts there can just automatically add me in Jaiku.

Is this safe? I believe in open-ness (and open source) but when it involves my personal information, I believe user privacy should be take precedence over anything else. And you know that these social networks have different privacy policies, right?

How about OpenSocial? One account to rule them all? How about, hack one, hack them all? Or fake one, fake them all! The idea seemed nice but I have reservations. Let’s take for example Google Accounts. Whenever, I’m logged in to GMail and do a search on Google, I get the personalized page. I don’t want the personalized page in the SERPs because it doesn’t show me the regular one. If I sign out of personalized search, I also signed out of GMail. Same with the time that Google wanted to consolidate my AdSense account with my Google Account. Please no, I don’t want my account to be migrated.

As it is, we are all open to spammers, phishers, and other malicious attacks. Has anybody heard of those horrible stories about people scamming other people via YM, thinking that they’re chatting with a known friend or distant relative? Only did they realize after sending them load credits over the messenger that they’ve been scammed by a hacked account.

I just think Facebook was right and Scoble was wrong. But then again, he’s on top of the food chain so he got away with it.

Abe Olandres

Abe is the founder and Editor-in-Chief of YugaTech with over 20 years of experience in the technology industry. He is one of the pioneers of blogging in the country and considered by many as the Father of Tech Blogging in the Philippines. He is also a technology consultant, a tech columnist with several national publications, resource speaker and mentor/advisor to several start-up companies.

https://www.yugatech.com

5 Comments

misx.margarette says:

15 years ago

* imba! *
- Reply
asdix says:

17 years ago

thanks Ordacin. it just didn’t really occur to me that it pose that much threat :) hehe i stand corrected. :) not a fan of socialnetworkin’ sites really.. hehehe
- Reply
Eugene says:

17 years ago

OpenSocial does not make a federated ecosystem of social networks. It just makes multi-platform social network apps. (Write once, deploy onto all OpenSocial-compatible networks.)
- Reply
Ordnacin says:

17 years ago

Wonder whether this is all a stunt by Scoble and Plaxo to get attention hmmm…

@asdix even if it’s just typical biographical info it’s still a danger. People can use this to gain sensitive info from financial institutions, most of them ask for biographical information like mothers maiden name, birth place, etc when verifying your identity over the phone…
- Reply
asdix says:

17 years ago

how dangerous was that script? i mean, if the data of your socialnetwork account’s really just the typical biographical info, i guess it wouldn’t really pose a danger. i mean, u dont divulge your CC numbers and all, right? that script i think might be useful for lazy lasses who wants to check all their socialnetworking accounts all at once, just like a mail client downloading all emails simultaneously.

anyway, haven’t really used facebook. im a friendster loyalist. its the only social networking account i’ve had. hehehe

nytz!
- Reply

YugaGaming