Skip to content

A Facebook error allows you to see a user’s friends … even if they are hidden

23 mayo, 2021

As part of its personalized privacy management, Facebook allows its users to choose who can see your group of friends. One option is to make it visible to everyone, while those most wary of having their information open to strangers can choose to make this list unseen. However, a Facebook bug allows this protection to “skip the bullfight”.

The process, revealed by an employee of the security company Quotium, is very simple. It is enough to create a fake user (let’s call it Fake User) and send a friend request to the contact we want to spy on (for example, Target User). Although he rejects the request, he is completely indifferent. Since then Facebook will suggest the Fake User to add people from the Target User’s friend listas he has no more contacts.

Just click on Show all in the suggestions offered in the section People you can meet so that all the Target User’s friends appear, even though he has never had a relationship with you.

FACEBOOK keeps a record of ALL WEBSITES you visit so you can DEACTIVATE IT

But it works?

From Genbeta we have tested this method and we can confirm that, indeed, it works. By creating a fake account and sending a friend request, you’re all done. If you access Find friendsOn the left side of the page, all or most of the friends of the user we want to “spy on” automatically appear.

Facebook Suggestions

Facebook suggests my friends to a stranger, whom I have not even accepted

What does Facebook say?

From Facebook have recognized that the system works like this although they “throw balls out” as they say: “If you don’t have friends on Facebook and you send a friend request to someone who has their private friends list, you might see some suggestions who are also friends of theirs. But you have no way of knowing if the suggestions you see belong to the full list of friends of that person “. Summarizing: It is not a bug, it is a feature.

That is, they know that at least a partial list of friends is shown to third parties, even if the user in question has decided not to share this information. His attempt to minimize the problem saying that it may be a partial list also doesn’t make much sense. In the first place, because even if not all the friends are there, they do recognize which part will appear. And, secondly, because as Quotium says and we have verified, most friends do come to light with this system.

More information | “Quotium”: http: //www.quotium.com/research/advisories/FacebookVulnerabilityDisclosesPrivateFriends_list.php Image | “Mashable”: http: //mashable.com/2013/07/09/facebook-privacy-how-to/ In Genbeta | “Facebook accidentally exposes contact details of more than 6 million accounts”: https: //www.genbeta.com/redes-sociales-y-comunidades/facebook-expone-por-accidente-datos-de-contacto-de -more-than-6-million-accounts