Indeed. So basically someone made a very high quality video of a creepy dude in a dark room creeping on Facebook and getting really mad. Then (with some special effects they used) they make it look like (almost perfectly) the guy is viewing your profile page, looking through your photos, and creeping on your friends. Then he maps your last known location on Google Maps, looks right at you, and drives over to your house.
not to mention that, in the car, he has a print out of your profile picture, and a screwdriver (or is it a box cutter) in his hand as he exits the car.
I'm betting its a lollipop in his hand. The video doesn't make it clear but the ending title screen shows a lollipop taped to something so I feel like that was a hint.
It's an example of how much personal data you actually leak through Facebook illustrated through a movie of a crazy serial killer browsing Facebook, with nicely done overlays of your actual personal data that the app pulled from you.
Serial killer? That's just your assumption, based on video editing. Remember the scene in Men in Black, where Will Smith is asked to shoot cardboard aliens and shoots a little girl instead?
HN Against Prejudice! :-)
(showed TakeThisLollipop to my gf, who freaked out and immediately deleted all fb apps... so prejudiced!)
Since when does "leak" equate to "explicitly grant permission to access"?
It is not like the app is getting information that some random hacker can access, at least if you have any privacy controls set on your Facebook profile.
Right, because Facebook would never change their privacy policies on a whim without giving users warning ahead of time. At least they probably won't. Anymore. Well, only if they really need to.
I'm not sure that it is, but now that you mention it I feel like this could actually be a REALLY effective viral media stunt for a new TV Show/Movie...
There isn't an "X5" postcode here, nor is it anywhere near where I was last time I did a location based update. The inaccurate google map thing is what made me lul.
It's nice that you can disallow the permissions granularly, for example, I didn't mind it accessing all my data, but posting AS me on facebook? No. Disabled. Happy days.
I had the same. I looked at it in chrome inspector and it turned out the reason was that I didn't allow the 2nd set of access rights, because it said it was optitional.
If you don't want sites like this to view your stuff, please also set the privacy setting for applications your friends use to a better one. Or else you would be next.
P.S. Since you connect to that application by yourself, that is pretty clear that they can read your friends list, your feed and post as you.
This. It's very well done and all, but what is the point? That if you explicitly allow access to one specific application, that application will have access? Or is the creepy guy supposed to be the app developer?
A better idea (maybe not possible, I dunno) might have been to have different things happen based on your privacy settings. That would actually call people's attention to something they should care about, instead of just fear-mongering to everyone regardless.
If you care about your privacy settings and lock them down. you are (probably) not the target audience. And part of a minority anyway.
Speaking of which, how many of your FB friends would grant ~impersonation~ rights to an app without lots of thoughts? And - could that app then, using your _friend_ as proxy, play this particular game of fear with you?
Looks like it's connected with the ad agency Evolution Bureau ("EVB") (clients: [1]), the same people who did the Office Depot-braded "Elf Yourself" sensation [2].
Why do I think it's EVB? This is the only other site on the same IP as manipulation.com, and manipulation.com is registered clearly to EVB. The agency's creative work is consistent with this project too.
It was Jason Zada (http://jasonzada.com/) a Commercial and Music Video director who may have one point been at EVB (and was the one who registered manipulation.com) but apparently he's now at Tool of North America.
142 comments
[ 3.1 ms ] story [ 419 ms ] threadOk, so I did it and now I'm never sleeping again.
It's eerily realistic.
Disclaimer: not my project, found it on the web.
HN Against Prejudice! :-)
(showed TakeThisLollipop to my gf, who freaked out and immediately deleted all fb apps... so prejudiced!)
It is not like the app is getting information that some random hacker can access, at least if you have any privacy controls set on your Facebook profile.
How did they do video compositing on top of an embedded browser window in Flash?
Perhaps they pre-rendered the webpages server-side using WebKit or some such and sent a screenshot to Flash....
UPDATE: better link here: http://flashexplained.com/actionscript/loading-external-jpgs...
They had a similar "approach" :)
Still, very nicely done!
There isn't an "X5" postcode here, nor is it anywhere near where I was last time I did a location based update. The inaccurate google map thing is what made me lul.
will report back tomorrow with a follow up comment ;)
P.S. Since you connect to that application by yourself, that is pretty clear that they can read your friends list, your feed and post as you.
There's no way too see those things without being my friend.
A better idea (maybe not possible, I dunno) might have been to have different things happen based on your privacy settings. That would actually call people's attention to something they should care about, instead of just fear-mongering to everyone regardless.
Speaking of which, how many of your FB friends would grant ~impersonation~ rights to an app without lots of thoughts? And - could that app then, using your _friend_ as proxy, play this particular game of fear with you?
Why do I think it's EVB? This is the only other site on the same IP as manipulation.com, and manipulation.com is registered clearly to EVB. The agency's creative work is consistent with this project too.
[1] http://evb.com/work/ [2] http://elf.evb-archive.com/
http://twitter.com/#!/danielstein/status/126322020152651776
EDIT: Yup: http://www.fearnet.com/news/b23933_mastodon_premiere_twisted...
It was Jason Zada (http://jasonzada.com/) a Commercial and Music Video director who may have one point been at EVB (and was the one who registered manipulation.com) but apparently he's now at Tool of North America.
http://bits.blogs.nytimes.com/2011/10/18/mysterious-site-cre...
http://www2.lost-in-val-sinestra.com
http://www.youtube.com/watch?v=-xBA0mpWuuo