Facebook Saved Passwords in Regular Text File

Ars Technica:

Brian Krebs reports that hundreds of millions of Facebook users had their credentials logged in plain text by various applications written by Facebook employees. Those credentials were searched by about 2,000 Facebook engineers and developers more than 9 million times, according to a senior Facebook employee who spoke to Krebs; the employee asked to remain anonymous because they did not have permission to speak to the press on the matter.

In a blog post today, Facebook Vice President of Engineering, Security, and Privacy Pedro Canahuati wrote that the unencrypted passwords were found during “a routine security review in January” on Facebook’s internal network data storage. “This caught our attention because our login systems are designed to mask passwords using techniques that make them unreadable. We have fixed these issues and, as a precaution, we will be notifying everyone whose passwords we have found were stored in this way.”

Not surprised.

Facebook Announces Leadership Changes

The Verge:

Here’s the breakdown of the executive changes:

Chris Cox will depart Facebook, but hasn’t revealed plans for what’s next.

Chris Daniels will leave WhatsApp, and Facebook declined to provide any details on why or the circumstances.

Will Cathcart will go from running the main Facebook app to VP of WhatsApp

Fidji Simo who was the VP of Product for Facebook video, news, and advertising will take over Cathcart’s role running Facebook’s main app

Javier Olivan who was Facebook’s VP of growth will lead the task of identifying how to integrate Facebook’s products, including the plan to unify the backend of Facebook Messenger, WhatsApp, and Instagram direct to expand encryption and allow cross-app messaging that some see a shield against Facebook being broken up.

Instagram VP Adam Mosseri, Messenger’s VP Stan Chudnovsky, Simo, and Cathcart will now report directly to Zuckerberg, while Chief Marketing Officer Antonio Lucio reports to COO Sheryl Sandberg

Facebook Service are Down For a Lot of Users

The Verge:

Facebook and Instagram appear to be partially down for some users around the world today. While you can open both platforms and some services appear to have been restored, users are reporting issues with sending messages on Messenger, posting to the feed on all Facebook products, and accessing other features on Facebook.com, Instagram, and WhatsApp. Even Facebook-owned Oculus VR is experiencing issues related to the outage.

Earlier in the day, WhatsApp appeared to be fine for many people, but users in Paraguay, India, Bangladesh, Argentina, and more note that they begun experiencing issues with sending messages as the afternoon went on. DownDetector indicates that those in Brazil were experiencing the most severe outages.

Facebook is using Twitter to explain its outage.

Facebook Deletes Ads about Breaking up Facebook

The Verge:

The ads that were briefly taken down were replaced with text that read, “This ad was taken down because it goes against Facebook’s advertising policies.” The company has policies around using Facebook’s logo and name in advertisements, and a Facebook spokesperson told Politico these rules were why the ads were originally removed.

In a tweet, Warren responded to Facebook saying, “Curious why I think FB has too much power? Let’s start with their ability to shut down debate over whether FB has too much power. Thanks for restoring my posts. But I want a social media marketplace that isn’t dominated by a single censor.”

Right, because of the logo.

Facebook, Zuckerberg Consider Auto Deleting Messages

Mark Zuckerberg via Facebook:

I believe there’s an opportunity to set a new standard for private communication platforms — where content automatically expires or is archived over time. Stories already expire after 24 hours unless you archive them, and that gives people the comfort to share more naturally.

This philosophy could be extended to all private content.
For example, messages could be deleted after a month or a year by default. This would reduce the risk of your messages resurfacing and embarrassing you later. Of course you’d have the ability to change the timeframe or turn off auto-deletion for your threads if you wanted.

And we could also provide an option for you to set individual messages to expire after a few seconds or minutes if you wanted.

Should have been done 10 years ago.

Android apps send your data to Facebook

The Verge:

Major Android mobile apps from companies including Yelp and Duolingo send data that could be used to personally identify you for ad tracking straight to Facebook immediately upon logging in, according to a new report from the London-based UK charity and watchdog group Privacy International (PI).

This data transfer happens even if a user isn’t logged into Facebook on that device and even in the event the user doesn’t have an active Facebook account at all.

Amazing.

Mark Zuckerberg Shows Off Bizarre VR Experience

Alfred Ng writing for CNET

Zuckerberg showed off a few of the creative possibilities that come with the new Oculus platform, like being able to draw and play with your creations in the social experience.

The demonstration was Facebook’s first dive into creating a social platform for Oculus, using VR to connect with your friends and family. The social network is one of many major tech companies pushing virtual reality as the next big trend. The company entered the VR business through its $1 billion acquisition of Oculus in 2014.

Oculus is pushing for a more social environment on VR, with its Oculus Avatar feature, allowing users to create a digital version of themselves and interact with their friends from anywhere in the world.

“This is the first time that tech has made this level of social presence possible,” said Lauren Vegter, Oculus’ social product team leader.

She introduced Parties and Rooms, two new features that let people come together in a VR lounge, where they can watch videos, listen to music and hang out.

None of the things he showed seemed useful or better than the current way we do things (Playing chess, playing cards, taking selfies, and so on). It sounds more and more like Oculus Rift is a bust. It is more expensive than the Playstation VR and much less useful even though the tech behind it is better than the rest.

Playstation VR has a much better chance of succeeding since there are all those PS4s laying around and Sony has a history of making it’s own games.

The whole Oculus keynote demo was strangely awkward, and not something I’d expect out of Mark.

Facebook Brings Back The MarketPlace

Cyrus Farivar writing for ArsTechnica

Facebook has begun rolling out its “Marketplace” feature to users, allowing people to buy and sell items locally through the app.

Marketplace has existed for some time as part of Facebook Groups. (I’ve bought and sold some items through a local parents’ group for the last few years, and it works well.) Delivery and payment is handled separately from the app, just like similar ads posted on Craigslist.

The company said in a Monday press release that the feature would be “rolling out to everyone over 18 years old in the US, UK, Australia, and New Zealand on the Facebook app for iPhone and Android.”

The new “shop” button will replace in-app real estate currently occupied by Messenger, Facebook’s standalone messaging app. On Sunday, the company rolled out “Messenger Lite,” a stripped-down version released to users in Kenya, Tunisia, Malaysia, Sri Lanka, and Venezuela, with more countries coming soon.

Facebook had a marketplace early on it’s life (almost 10 years ago), but decided to get rid of it.

From Wikipedia:

Marketplace

On May 14, 2007, Facebook launched Marketplace, which lets users post free classified ads.[196] Marketplace has been compared to Craigslist by CNET, which points out that the major difference between the two is that listings posted by a user on Marketplace are seen only by users in the same network as that user, whereas listings posted on Craigslist can be seen by anyone.[197]

If they would have kept it in 2007 I think Craigslist would never come to exist.