Michael
Michael I like to break things | I'm the good guy | I hunt people down on the internet | OEF Vet | @tracelabs | @endsurveillance | #IAmAGuardian | #OSINT

Tales of a Man Flippant With His Data (Facebook)

This is post 2 of 2 in a series on data collection. You can view post one here.

IP ADDRESSES GALORE

Unless I’m mistaken, and I very well may be, it appears that Facebook does far more IP logging than Google did (at least from what was available in the respective archives). Not only did my Facebook archive contain a list of every single IP address I’ve ever accessed the service from, some of the content I posted had IP addresses linked to it as well. If you aggregated all of the IP content out of my archive, along with somehow grabbing historical dynamic IP records, you would have an insanely detailed map (or heat map if that’s your thing) of my every single place I’ve been since 2007. While you were on your IP safari of my life, you’d also be able to see the photos and videos I uploaded at each IP address. Having been in the Army and deployed once, this list would include IP addresses from military installations here and overseas if I happened to check my Facebook while connected to WiFi there or on one of the computers on base(which I did).

FRIENDS AND CONTACTS

I also found a list of contacts in my archive. At first I thought this was my friends list but it is actually an entirely separate list. My friends list is located elsewhere in the file and I’ll get to that shortly. When you install the Facebook app, one of the permissions it requests is your contact list. That is what this is. The phone numbers and emails of everyone in my phone, whether they are on Facebook or not. So Facebook has a list of phone numbers and/or emails of people who have never even signed up for the service. My assumption for this is that they use it for the “Suggested Friends” feature in some way. I have also noticed on Twitter that when a new friend joins, I get notified by Twitter that “so and so has joined”. This must be because they used an email or phone number in my contacts list that they are storing.

My friends list was also more descriptive than what you will find on my profile. In this portion of data you will find a sorted list of your current friends along with the date you became friends, friend requests I have sent others that haven’t been accepted yet along with the date I requested them, pending friend requests I have yet to confirm (with date), declined friend requests (with date), removed friends (with date), and followers (with date).

Were you (or are you) the person who is in and out of Facebook relationships quicker than I can change my socks in the morning? Well the list of every single relationship you’ve been in with their name and date are in this archive as well.

THE SECURITY TAB

I am not entirely sure why this tab is labeled “Security” as I feel it should more properly be labeled something like “Account Changes”. This tab is where you will find the list of IP addresses I mentioned earlier but there’s much more here. You can also find a list of every time you deactivated and reactivated your Facebook account (20 times for me fyi) along with the date/time and IP address you initiated them from. Continuing you also will find all logins and logouts with time/date, IP address and full browser info which on the phone includes your phone model, OS version, and cell service provider.

There is a subtitle on this page called “Recognized Machines” which does include each browser I’ve authenticated to the service from (with IP address) but this also appears to be where they store all apps that have access to my account like various games and services (ex: Spotify, Groupon, etc.). Beyond this, in a subtitled section called “Login Protection Data” is a censored list of cookies for the service with date/time and a historical time/date list of estimated gps coordinates based on my IP addresses.

Lastly is a catch all list of “Administrative Records” where they have a record of all username changes, phone changes, email changes, profile picture removals(this is odd because they don’t record profile picture uploads), successful two-factor authentications, password changes, and more. All with time/date and IP addresses corresponding with each entry.

ADS

There’s nothing really surprising here but due to the recent privacy concerns by the every day consumer, I thought I’d include this data. The top of the ads page is a list of ad “topics” that Facebook thinks are good targets for me. A particular entry I found interesting was just “Sunday”. Why are you advertising “Sunday” topics to me Facebook?! I want to know! After that is a list of specific ads that I closed or clicked and the time and date I interacted with it. Displayed ads I did not interact with were not logged. The only other information here was a rather long list of “Advertisers who uploaded a contact list with your info”. It doesn’t actually explain what that fully means but a lot of these advertisers are the usual people you would recognize like Hulu and Amazon. However, there were dozens upon dozens that I had no idea how or why they uploaded my contact info anywhere. I’ve never even been to Ohio, nor do I know what the AFP Foundation is first of all. Second of all, I don’t speak Chinese and I have absolutely no connection to anything Chinese culturally. But for some reason this advertiser uploaded my info. For the non-Chinese here like myself, that translates to “Fantastic Beasts And Where To Find Them” (if Google serves me right).

GENERIC CATCH ALL CONTENT SECTION

This section is a catch all for me, not the archive. The archive has this information neatly sorted but for time and length purposes of this blog, I will simply summarize here. You can always download your own Facebook data and see for yourself with the link at the bottom of this post. Every photo and video you’ve ever uploaded is in your archive. Not only that, your photo and camera metadata is stored with your photos you’ve uploaded. There is also a handy dandy full extraction of your Facebook timeline dating all the way back to account creation including your posts and posts others have made on your wall. Additionally, you will find a full database of any message conversation you’ve ever had with somebody, including pictures either of you have sent (your wild days aren’t fully behind you just yet). There is also a list of every event with start and end date that you’ve: created, attended, declined, or been invited to without response.

Remember when poking was a thing? There’s a time/date log of pokes too.

BUT WAIT THERE’S MORE

However, for the sake of time, I’ll leave that up to you to go discover. Please don’t consider this post as a conclusive summary of everything inside a Facebook archive and also know that everyone’s will vary depending on the level of access they have given Facebook. Some declined to give it permissions like their contacts list among other things so again, please know that I gave them full access to whatever data and it may look different than yours.

I did not write and share this post because I am upset with Facebook. They provided a service and I partook in it while agreeing to their terms of service and privacy policy. I will be writing one final post to conclude these first two to elaborate on my position about all of this data. My hope is not that you’ll be upset but that you’ll be aware of the reality of using free services in the age of information. I think many tech people are not very surprised about the recent uproar regarding Facebook, however, the average user seems to be shaken by all of it so I simply want to do my part to bridge the gap.

Thank you for your time and for staying until the end of this post and I appreciate your support.


ADDITIONAL RESOURCES