Tech & Biz

Plastic Frog Punks Facebook

by Jordan Yerman | August 15, 2007 at 05:43 am

1017 views | 14 Recommendations | 2 comments

We have met the enemy of online security, and the enemy is us. Sophos, a security software firm, set up a fake Facebook page for a plastic frog called Freddie, inviting 200 random Facebook users to be its friend. 87 out of 200 accepted, and 82 of those gave up personal data. To a green plastic frog. A green plastic frog called Freddi.

Without any "hacking" whatsoever, the tub toy managed to acquire a treasure trove of personal data. About 73 people were willing to post their birthday, while others willingly included places of birth, employers' names and addresses, photographs of family and friends, work resumes, and in at least one instance, the user's mother's maiden name.

All this in response to a request from something who obviously had no real identity of its own (its name is actually an anagram for "ID Fraudster") and offered zero information -- real or imaginary -- about itself.

Would you give your personal data to this guy? The Sophos survey results come in the midst of a little storm of controversy that erupted after a mis-configured Web server inadvertently revealed significant portions of Facebook's source code to ordinary users, rather than the home page that they would normally expect.

Sophos did not re-test using other plastic animals, but the point is pretty clear: One rarely divulges one's email address, phone number, and mother's maiden name to a random stranger in the street, yet nearly half of those asked were perfectly willing to do so online.

Do your part to prevent online idiocy: don't give up your details to plastic frogs.

0 See all footage | View Slideshow

Share: email story | add to any | | facebook | stumbleupon