Profile picture
Gavin Sheridan @gavinsblog
, 9 tweets, 2 min read Read on Twitter
Just thinking about the Facebook hack again. Short thread I promise.
This is speculation and scenario speculation. But imagine for a moment it's a sophisticated attacker (which it might well be), and they have a purpose in mind.
First, build a target list of Facebook IDs you want to pwn. Let's say the top 2,000 people in the world whose accounts you want to compromise and see /exfiltrate their private Facebook messages, activity etc. We already know Zuck and Sheryl were compromised.
So let's apply Dunbar's number for the average of 150 friends of those 2,000 people. Run your exploit over those accounts too, because a) you want to access messages where people discuss your 2,000 targets and b) they are likely interesting people too, because your seed list is
This gets you to ~300,000 compromised accounts. Next do one more remove of friends from those 300,000. ie, friends of friends of the 2,000 target accounts. 300,000 * 150 = 45,000,000 accounts.
Next, compromise the SSO/auths of the first 2000, then the 300,000, then the 45,000,000. Do it slowly and iteratively so as not to raise suspicions on activity. Youre still doing just a couple of degrees from your target 2,000.
In principle (and we dont yet know) you could get access to most third party services, eg Tinder message of those accounts if they used FB SSO. FB messages might be harder to pull out, since they are quantitively "bigger", but you could imagine the first degree being attempted.
Once done, store all that data. Use it for purposes yet unknown - the possible chaos and division that could be sowed by simply publishing data of that nature would be enormous. Again, this is scenarios (worst case)
So if you think things could get bad, you'd be right. But we don't know yet where on the spectrum of bad this hack is.
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Gavin Sheridan
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

More from @gavinsblog see all

Profile picture
Ah the MANs. It's become a part of my life at this stage. Here's Mark Griffin from @Dept_CCAE at the PAC last month. What are these cost savings you speak of Mark? (Also it's Norcontel not Norcom)
A reminder: the Court of Appeal hearing against the Department is due to start next month with regard to access to the concession agreement under FOI - the Department lost the High Court case.
Anyways! What are these "cost savings" of €22 million? Let's dig for a second.
Read 16 tweets
Profile picture
Interesting. China says it has tested re-usable rockets and will apply the technology "within 2-3 years"
The Chang'e 4 probe is due to land on the moon this week. en.wikipedia.org/wiki/Chang%27e…
Just before Christmas, China launched the first Hongyun satellite - a 156 constellation to deliver high speed broadband (similar to SpaceX's Starlink) nasaspaceflight.com/2018/12/chines…
Read 3 tweets
Profile picture
I hope you all have a fabulous 2019.
*including the haters and losers 🤣
x2
Read 3 tweets

Related threads

Profile picture
It's not just Rolls Royce... Here's what we can conclude (short #thread):

theguardian.com/business/2018/…
1. Although no manufacturing jobs are being moved, the EU's aviation body will take the place of the CAA. Clearly this is a work transfer.

2. UK aviation companies are showing they lack confidence in the UK government to provide safeguards.

...
3. There is turbulence ahead as aerospace manufacturers weigh where to invest. They operate closely integrated supply chains, so expect them to move as one body.

4. Much depends what Rolls, Bombardier and Airbus do. They will take tens of thousands of jobs with them if they go.
Read 3 tweets
Profile picture
Last night, I learnt something from my Quicksell Basic Class: The market is growing and huge. Particularly for trainers.

A short #Thread
People have knowledge gaps. And whoever takes the initiative to fill this gap, carries the day.
In the near future, those who will be smiling to the bank will not just be those providing services, but those willing to pass on knowledge to others.
Read 7 tweets
Profile picture
#Thread: Press Conference today regarding TheEastLight's recent events regarding the band's abuse and assault by Producer A and CEO KimChanghwan "B" (leader Lee Seokcheol) and his lawyer at Choyeongrae Hall
(181019)
Lee Seokcheol shares that both he and his brother, Lee Seunghyun have endured being beaten by Producer A

Lee Seokcheol shared that Kim Changhwan, their CEO, was aware of the situation and would watch the two of them be beaten up in the 5th floor studio
Seokcheol shares for the past 4 years, beginning in 2015, he and the members would be clubbed by a baseball bat, the abuse would occur everywhere within the company, studios, practice rooms
Read 37 tweets
Profile picture
#Thread
#Sabarimala #FemaleReporters
Those accusing our organisations of sending female reporters to gain trp, you should know this. When we give them the slightest hint that things are not okay, first thing they tell us is "waha se niklo fataafat (leave from there immediately).
Saw a tweet that said only national channel reporters were attacked. Not Malayalam channels (later they were also targetted), because the latter have common sense. Yes, they do. Because they know you well? For those outside, Kerala is/was god's own country full of literates. Hmm.
Most reporters covering south for national channels are women. Same with @thenewsminute . All 6 reporters covering 5 south Indian states for @CNNnews18 are women. When additional reporters are required during a major news event, reporters from the nearest bureau are sent.
Read 9 tweets
Profile picture
Should a church venture into business? Wouldn't that be distracting? What impacts will this on faith and the basic principles of the kingdom? What would happen if chuches in Nigeria start farms and employ their members to work on them? A short #thread

#LetMyPeopleThink
1. Answered Prayers. For the young and agile members who are unemployed. For the business consultants who want to work on new projects. One prayer point would be ticked off the list. #LetMyPeopleThink
2. Stewardship. Working in a "church-run business" will provide Christians with more practical avenues to demonstrate and prove ourselves as caretakers of heaven's resources on the earth.
#LetMyPeopleThink
Read 8 tweets
Profile picture
A short #thread about #organtrafficking
👇
1. An excerpt from HIDDEN COLORS 3. Underground trafficking of black children body parts and organs

facebook.com/10000503986939…
2. "Homan Square revealed: how Chicago police 'disappeared' 7,000 people"

theguardian.com/us-news/2015/o…
Read 5 tweets

Trending hashtags

#KeralaFloods #Putin #Aadhar #Mercer #October18ReleaseNotes #PublicRelations #multiplicateur #Influence #Marketing #RSO #TeamDynamism #déficit #Assange #RIC #Instagram #FakeMed #CityNext #hispoorteachers #FoxNews #VideoMarketing #MachineLearning #Oct18ReleaseNotes #Allemagne #Microsoft #RussiaToday

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!