Sign up to our newsletter
The latest security news direct to your inbox
Facebook’s Graph Search is quietly rolling out to U.S. users this week – a powerful new tool which can reveal information people might have forgotten they ever “shared”. Now is a good time to review your profile and ensure that anything you want to stay private is kept safe from prying eyes.
The search tool – built using Microsoft’s Bing – allows detailed searches using people’s names, and can find posts, images and information that are hidden from Timeline.
Crucially, some of Facebook’s existing privacy tools are focused on Timeline – the profile page for each user – and do not affect posts’ visibility to Graph Search. One hacker has already shown off how the function can be used to create a “phone directory” of Facebook users.
Other information – such as “Likes”, and tagged posts that don’t appear on your own Timeline – are now far more easily accessible to people you may not know. Below are some tips on how to ensure your private data stays safe.
Check your Activity Log for tagged posts
Photos and posts where you have been “tagged” are the key privacy concern with Graph Search – these can now be found near-instantly using a search of your name. Previously, “hiding” these posts on your Profile was enough – but those posts and images may now be searchable, dependent on your privacy settings, and (more worryingly) those of your friends. Visit Facebook’s Activity Log (on your profile) and manually review photos that might be visible to others, setting those to “Friends” or “Only Me”.
Which privacy menu should you visit?
Confusingly, some of the options in Facebook’s main “Privacy” menu do little to hide posts from Graph Search – they are focused on Timeline. Instead, adjust settings for photos on Activity Log (found on your profile page). You will have to do this manually. Graph Search will not show off any photos or posts that are set to be private – ie ones that can be seen by “Only Me” or “Friends” – so choose these to be safe.
Switch off “Friends of Friends” now
If any of your content is set to be viewable by “Friends of Friends”, it will be seen by people you do not know. Ensure private information, posts and photographs are set to “Friends Only” or “Only Me”, otherwise it may pop up in Graph Search.
Timeline is not your friend
Your Timeline is not a reliable indicator of what someone can find using Graph Search. Posts you have hidden may well be visible. The only tool which works to keep information private is Activity Log, which requires you to adjust privacy settings manually for each post. It’s worth doing – otherwise, site users can simply search your name, and “Photographs” to see every post that you are tagged in, regardless of whether it is on your Timeline or not.
“Likes” can come back and bite you
People can also search for “Likes” on Graph Search – using terms such as “People who live in New York and like coffee.” Visit your Activity Log and make sure you haven’t “Liked” any companies, products or sites you wouldn’t want the world to know about.
Profiles are now much more public
Information that people share on Profile pages – such as their home town – can be searched via Graph Search. This includes information that could be used by cybercriminals to steal identities. Avoid showing up in location searches by policing your Profile – and being wary of location-based apps.
Author Rob Waugh, We Live Security