- How to stream Steelers vs. 49ers in NFL Week 3 action 4 Years Ago
- How to stream Bills vs. Bengals in NFL Week 3 action 4 Years Ago
- Colt halts production of AR-15s for civilians 4 Years Ago
- If you love long-winded, hashtag-heavy Instagram captions, these apps can help Today 2:54 PM
- Teen girls on TikTok have convinced the internet that they eat their tampons Today 2:33 PM
- Twitch streamer faces criticism for trying to defend racist jokes Today 2:03 PM
- How to stream Raiders vs. Vikings in Week 3 Today 12:55 PM
- NRA calls Beto O’Rourke ‘AR-15 salesman of the month’ in wake of buyback proposal Today 12:03 PM
- After 23 deaths, Sean Bean is tired of getting killed on-screen Today 11:48 AM
- Stephen Miller has a girlfriend—and people are stunned Today 11:35 AM
- Mickey Rourke says Robert De Niro iced him out of ‘The Irishman’ Today 11:07 AM
- Conservative men are melting down over Elizabeth Warren’s speech Today 10:40 AM
- People are calling rapper Tekashi 69 a ‘snitch’ for outing gang members Today 10:16 AM
- Greta Thunberg tells Congress to ‘listen to the scientists’ about climate crisis Today 9:55 AM
- Maybe we should start taking Tom DeLonge seriously about UFOs Today 9:11 AM
Harvard student loses Facebook internship after exposing privacy flaw
Aran Khanna’s app told you exactly where your Facebook friends were messaging from.
Facebook, a company born in a Harvard dorm room, has dismissed an inbound intern over something he created in his own Harvard dorm.
Computer science student Aran Khanna made headlines a few months ago by releasing a Chrome browser extension called Marauder’s Map. The software visualizes on a map where your Facebook friends are when they send you messages through the network’s Messenger chat app. It’s accurate to within three feet, and by Khanna’s own admission, it’s a “slightly creepy” capability for software to display—though that didn’t stop it from being downloaded 85,000 times in its first three days.
Khanna presented the app as something of an activist reaction to Facebook’s data policies. He wrote, “[Y]ou should keep in mind … that the mobile app for Facebook Messenger defaults to sending a location with all messages.”
Marauder’s Map made it abundantly clear that users send more data to Facebook than they might realize, and Khanna suggests people don’t actually consider the implications of having one’s location data so easily harvested: “Because there are no readily visible consequences to sharing your location, users are never incentivized to devote attention to what this default of sharing is actually revealing about them.”
Chrome Web Store
Access to such a wealth of location data meant Khanna (or anyone using the app) could easily track the hour-by-hour movements of his friends around the world. If he were to chat with strangers in a group, he could also see their locations, regardless of friendship status.
Facebook was predictably peeved at the actions of its would-be intern. Boston.com reports that the company rescinded Khanna’s internship two hours before he was due to travel join the company. It asked him to take down the app (which he claims he did). On June 4, Facebook disabled desktop location sharing across its network, a technical detail that rendered Marauder’s Map useless.
A Facebook spokesperson explained that Khanna’s app violated the company’s terms of service, due to how it collected the location data. “This mapping tool scraped Facebook data in a way that violated our terms, and those terms exist to protect people’s privacy and safety,” the spokesperson wrote. “Despite being asked repeatedly to remove the code, the creator of this tool left it up. This is wrong and it’s inconsistent with how we think about serving our community.”
Facebook has hired hacker-types in the past who demonstrate unconventional skills behind a keyboard, but something about Khanna’s efforts clearly missed the mark. This spokesperson explained, “[W]e don’t dismiss employees for exposing privacy flaws, but we do take it seriously when someone misuses user data and puts people at risk.”
“What seems to have made the difference was transparency,” Khanna wrote. “It is possible that before my extension and blog post, the degree of location data collection and sharing by Facebook Messenger was hard for an average user to notice and thus did not raise significant concern. Without public pressure, Facebook may have lacked significant incentive to change. My extension and blog post made the data collection and sharing practice real and transparent.”
Illustration by Jason Reed
Dylan Love is an editorial consultant and journalist whose reporting interests include emergent technology, digital media, and Russian language and culture. He is a former staff writer for the Daily Dot, and his work has been published by Business Insider, International Business Times, Men's Journal, and the Next Web.