The BBC writes that “we have discovered a way to steal the personal details of you and all your Facebook friends without you knowing.” It’s standard scare tactics of traditional media. How did they steal the user’s information? Well they simply built an application and had someone install it. Yes, when you install an application, people have access to personally identifiable information but not your email and phone number.
The BBC quotes Paul Docherty, Technical Director of Portcullis Security, as saying “Morally, Facebook has acted naively.” I honestly think this is ludicrous. Don’t users know that they are providing application developers with their profile information when they install an application? Then again, I’ve programmed applications myself and know what developers are able to access. Perhaps the average user doesn’t know what they are getting into. Do you know what you are getting into when you install an app? Do you think the average user does?