Goalpreviously Facebook parent company, is a company with a tendency to be in the eye of the hurricane when it comes to privacy. Apart from the doubts that it has always generated, scandals such as that of Cambridge Analytica, the leaking of the data of more than 500 million users and the denunciation of Frances Haugen have ended up seriously damaging its corporate image, despite its attempts to relaunch itself. through the metaverse.
Obviously, cleaning up such a negative image requires great efforts, so Meta has gone out of its way to explain what it has done to prevent unauthorized media from accessing the data of Facebook users (the social network) that are projected. through the URL.
One of the techniques used for data collection is unauthorized scraping using data collection scripts and tools. Meta has explained that she is not in favor of putting it into practice through automated tools, which are capable of scraping data by guessing the Facebook ID (FBID) printed in the web browser’s URL.
To explain it basically, Facebook URLs have an embedded FBID that allows the content displayed to a specific user to be uniquely identified, so unauthorized trackers can take advantage of that to collect quite specific data. By comparing the contents of the URLs with other data points, it is possible to create complete profiles and therefore data sets that, of course, become an article that can be traded, and not precisely through free channels. of suspicion.
In order to avoid this scraping of data that comes in some cases from an unauthorized collection, Meta has replaced FBIDs with Pseudonymized Facebook Identifiers (PFBIDs), which are much more secure and harder to guess. by collectors because they are generated based on timestamps that also rotate. FBID-guessing attackers rely heavily on repetition, so the introduction of PFBID should present a significant hurdle for them.
As we have already said, the data that Meta tries to protect is printed in the URL, that is, in the address bar of the web browser used by the user, so it is possible to take measures to protect yourself from malicious actors. For example, Firefox has implemented a feature that allows you to clean the URL of specific data to leave only those that are used by all users. This is also possible with extensions for other browsers, so it is not a bad thing to take this measure if you are a Facebook user.
Finally, and although it may be surprising, Meta is interested in implementing this type of measure, not only to avoid the sanctions that fall on it from time to time, but also to protect its own business model from other parties with which it has agreements.
