Last week I was contacted by Erika Eichelberger of Mother Jones magazine who was curious about my blog posts covering the Mitt Romney Facebook hacking issue. She was interested in talking to other victims, so I put her in touch with a few people on the Hacked By Mitt Romney page.
Her story ran this morning but it concluded a whole lot of nothing:
So we asked the social-networking company to do that. Facebook agreed, and had a team research the issue. They concluded that users are probably liking the Romney page on a mobile device by either accidentally clicking on a Romney ad or a “sponsored story” from the Romney campaign in their news feed. A Facebook spokesman, who wanted to remain anonymous, said the issue is unique to mobile because of the way the app works on small screens, and rejected the idea that the Romney camp was engaging in clickjacking. He added that the company is currently working to clean up its mobile interface.
Eichelberger told me, and I agreed, that only Facebook could say for sure what was happening. But how much effort did Facebook put into researching this? Did the “team” look at actual affected accounts? Why is every other link I’ve ever clicked on listed in my Facebook Activity Log but not the one for Romney?
Do you know how badly Facebook’s mobile app sucks? Especially on a low-end phone? I hardly ever use it because when I do it’s as slow as Christmas. I certainly don’t click on things there, and even if I do it gets recorded in the Activity Log along with every other goddamn thing I’ve ever done on Facebook.
Johna Mennone’s deceased father liked Mitt Romney’s page from the great beyond:
As of today, I got notification that my father “liked” Mitt Romney. It came over the newsfeed. The problem, I lost my father at the start of the month!
I’m pretty sure Facebook’s mobile app sucks just as bad in Heaven as it does here.
So Eichelberger didn’t call these Romney hacking victims liars per se, just clueless. I’m not sure which is worse. I’ve worked in network security for 20 years, 24 years counting the OPSEC I did in the U.S. Navy as a cryptologic technician. I think I would know if I clicked on something I shouldn’t have.
As disappointing as it is, I do concede that this is Facebook’s word against the hundreds of people who’ve come forward so far. I suppose I didn’t expect the company to tell Eichelberger “Why, gosh! You’re right! We’ve got a major security breach that we didn’t even realize!” and for that to count for anything. Facebook would be embarrassed to admit any ClickyPanky as it would lessen the trust in its advertising power.
It’s said extraordinary claims require extraordinary evidence. I admit I don’t have that evidence. Facebook is a walled garden and keeps its secrets to itself. As flawed (or inconclusive, to be more accurate) as the Mother Jones story is, it might at least get some people talking.