Security Basics mailing list archives

RE: [Full-disclosure] Facebook Police

From: "Murda" <murdamcloud () bigpond com>
Date: Mon, 7 Dec 2009 10:00:49 +1000

Hi Ian, I wasn't actually disputing their TOS or even holding it against
them. They certainly can have whatever TOS they wish. I don't use Facebook
but not because of their TOS. I think there are valid reasons for being
anonymous on the net as I also think there are invalid reasons for being
anonymous.
I was just trying to make the point to the OP that his assertion that the
police are violating laws or rights (two different things) is not as simple
as first thought.
The whole area of privacy and how old school laws are trying to keep up with
the area of the internet fascinates me. 

Also, privacy in countries which have draconian measures in place to prevent
the populace from speaking out against them or from accessing 'prohibited'
political material is definitely something which will be impacted(in the
future) by certain websites' TOS.




-----Original Message-----
From: Ian Bradshaw [mailto:ian () ianbradshaw net] 
Sent: Saturday, December 05, 2009 2:29 AM
To: 'Murda Mcloud'; security-basics () securityfocus com
Subject: RE: [Full-disclosure] Facebook Police

If you dont like the way they do things then just use a different service
... its there service, they can have whatever TOS they wish.

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of Murda Mcloud
Sent: 04 December 2009 05:42
To: security-basics () securityfocus com
Subject: FW: [Full-disclosure] Facebook Police

Has anyone tested the 'policy' in a court of law? Ie, someone has created a
'fake' profile and then been sued or prosecuted by Facebook for doing so?

They have been sued by real people who had their names used on the fake
profiles, though.
http://www.guardian.co.uk/technology/2008/jul/24/facebook.privacy


I'm sure people have made all manner of defamatory statements on Facebook
using the 'anonymity' of it.
Google were recently forced to reveal the name of an anonymous blogger.
http://www.smh.com.au/technology/technology-news/model-forces-google-to-reve
al-skank-bloggers-identity-20090819-epz0.html

If the police were to stray on the wrong side of the law(which never
happens...) in using the 'fake' identity then perhaps they could be
prosecuted.

I can't see that Facebook's policy actually, physically stops you from
creating a fake ID but if they were to find out that you had done so, then
they would be 'justified' in deleting your account, and if the real person
you have pretended to be finds out, then you could be in trouble.

If, however, I said my name was Zaphod Beeblebrox(apologies to Douglas
Adams) then would I get in trouble?
-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of Stephen Mullins
Sent: Wednesday, December 02, 2009 5:42 AM
To: Michael.Barber () wellsfargo com
Cc: netinfinity.securitylab () gmail com; security-basics () securityfocus com
Subject: Re: [Full-disclosure] Facebook Police

People assuming false identities on MY internet?  Heaven forbid.  I am
quite appalled by this drastic revelation.

On Fri, Nov 27, 2009 at 3:12 PM,  <Michael.Barber () wellsfargo com> wrote:

Interesting take on the situation... however if you extend internet to

real life your argument takes on a different tone.  By your reasoning it
should be illegal for law enforcement to go undercover.  If you assume it is
legal for a cop to go undercover ... then he/she is using a real name.
 Therefore no laws or policy's are being broken.


Just my 0.02.



-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]

On Behalf Of netinfinity

Sent: Thursday, November 26, 2009 7:46 PM
To: security-basics () securityfocus com
Subject: Re: [Full-disclosure] Facebook Police

 "Facebook policy requires the use of one's real name to sign up, but
they let the police use fake names.."

Sure the policy says that but a lot of people are changing their names
on a daily basis (ok maybe not daily). And majority of those changes
are
just for fun, but never the less they are against the policy. What
about those people? Only way to verify or check someone's name is
through IP (ISP). And that can't be done
by will.. It must have some legal grounds...

Let me get to the point, I'm sure that police is violating some some
kind of human rights or even law's (?)

--
netinfinity

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL

certificate.  We look at how SSL works, how it benefits your company and how
your customers can tell if a site is secure. You will find out how to test,
purchase, install and use a thawte Digital Certificate on your Apache web
server. Throughout, best practices for set-up are highlighted to help you
ensure efficient ongoing management of your encryption keys and digital
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727
d1

------------------------------------------------------------------------


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL

certificate.  We look at how SSL works, how it benefits your company and how
your customers can tell if a site is secure. You will find out how to test,
purchase, install and use a thawte Digital Certificate on your Apache web
server. Throughout, best practices for set-up are highlighted to help you
ensure efficient ongoing management of your encryption keys and digital
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727
d1

------------------------------------------------------------------------

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL
certificate. We look at how SSL works, how it benefits your company and how
your customers can tell if a site is secure. You will find out how to test,
purchase, install and use a thawte Digital Certificate on your Apache web
server. Throughout, best practices for set-up are highlighted to help you
ensure efficient ongoing management of your encryption keys and digital
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727
d1
------------------------------------------------------------------------

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase,
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

Current thread:

RE: [Full-disclosure] Facebook Police Michael.Barber (Dec 01)
- Re: [Full-disclosure] Facebook Police Stephen Mullins (Dec 01)
- <Possible follow-ups>
- Re: [Full-disclosure] Facebook Police martinez85 (Dec 01)
- FW: [Full-disclosure] Facebook Police Murda Mcloud (Dec 04)
  - Re: FW: [Full-disclosure] Facebook Police arpunk (Dec 10)
- RE: [Full-disclosure] Facebook Police Murda (Dec 10)