Without trying it for obvious reasons, going off the HTML, I'm guessing it just posts a load of status updates on various topics, eg "Posts ridiculous lyrics and statuses about love for artists like Nickelback."
I call BS. There is a snowball's chance in hell Facebook have seen this, let alone approved it. One of the options is to defriend everybody. How is this not a malicious action?
The other options allow you to post content on someone else's behalf, without their consent. That is unauthorised access, and probably against their ToS. I would be extremely surprised, and concerned, if it was not.
Your footer is just hilarious of course. You claim that you do condone unauthorised access to other people's Facebook accounts, on a site who's only function is to let you make unauthorised access to someone else's Facebook account.
Agreed. How is this any different than taking over a friends email account or cell phone and deleting data or sending malicious messages? There is nothing interesting or clever about this.
"Did a friend leave Facebook open? Mess with it now" sure sounds like encouraging unauthorized access to me, tiny "in no way encourages" message notwithstanding. If it actually removes all friends like the button says it does, that's definitely malicious.
Further, the "We only use the word Hack in our name to concisely disclaim the site's ability to mess with one's facebook account." makes very little sense at all. Did you mean proclaim instead of disclaim?
If it doesn't encourage, it certainly enables. The whole point of the site is to let you exploit unauthorised access to somebody else's Facebook account. The footer is a non sequitur.
Your app gives Facebook bad publicity. That's pretty much the gist of it.
See Breakup Notifier[1] and Girls Around Me[2] for services that did nothing else but highlight what the platform allowed people to do.
Breakup Notifier (later Crush Notifier) later managed to get on Facebook again, so if (when) you get shut down, try contacting the guys behind the service to see what they did. There are a couple of HN submissions about them.
Hey guys - I'm one of the FB engineers at Penn. This app has a great looking design but definitely goes against the spirit of the platform as well as our TOS.
With that said, next time please seek us out at the hack (I have a hard time believing anyone OK'd this) and we can work with you to ensure that your app can be funny but still benefit users in a meaningful way.
Clarification: FB representatives here only ok'ed the use of our flavors concept, not the spirit of our app.
While setting a facebook flavor alone isn't against the Facebook TOS, we realize that directly encouraging people to jump on their friends' Facebooks is clearly against the spirit of the platform.
Facebook can't revoke the API, because the site clearly states in the footer that "Buddy Hack in no way encourages the usage of any Facebook account other than your own." That seems waterproof to me.
Let's say your friend just left their Facebook logged in at your house or got up from their laptop to go to the bathroom for a minute. You're tempted to mess with their Facebook, but don't know where to start or don't have enough time. Just go to http://buddyhack.com, sign in with Facebook, and we will help you hilariously mess with your friend in under a minute!
I appreciate how they were mature and stayed away from inappropriate content. The hack can still be funny without the need to be gay, racist, sexest, etc. I personally like the "It's Your Birthday" one. Props guys!
Do everyone a favor and get rid of this. There is nothing OK with making light of identity theft. And quite trying to absolve yourself of any responsibility
I am an engineer working on Platform Integrity at Facebook. Just as friends can't consent to transferring friend data outside of an app, they also can't consent to an app taking actions on their friends' behalf (such as posting a story when the friend didn't consent to it). Even if it's funny.
Yeah...we've come to see that the language was encouraging behavior that was clearly against the spirit of the Facebook platform. We have since removed most of that language.
Best ways are to check https://developers.facebook.com/policy/ thoroughly - it's actually a very well written and concise set of policies - or come see us at one of the hackathons we frequently run (such as the UPenn one mentioned in this thread).
If you've removed any language suggesting that this should be used to gain and exploit unauthorised access to somebody elses Facebook account (I presume that means you will be registering new domain name for the app) then what is the point of it any more? Why would I want to click a button to post a bunch of fake stuff to my wall? That would be like #poopin yourself. Utterly pointless.
People are hitting the site and using it. I wasn't sure if it was a real use case either; but our conversion rate for hitting the site and actually using it is even higher than before, so I guess some people think otherwise.
54 comments
[ 2.9 ms ] story [ 110 ms ] threadPretty self-explanatory once you get to that page, but there should be an explanation on the index.
Your footer is just hilarious of course. You claim that you do condone unauthorised access to other people's Facebook accounts, on a site who's only function is to let you make unauthorised access to someone else's Facebook account.
Further, the "We only use the word Hack in our name to concisely disclaim the site's ability to mess with one's facebook account." makes very little sense at all. Did you mean proclaim instead of disclaim?
See Breakup Notifier[1] and Girls Around Me[2] for services that did nothing else but highlight what the platform allowed people to do.
Breakup Notifier (later Crush Notifier) later managed to get on Facebook again, so if (when) you get shut down, try contacting the guys behind the service to see what they did. There are a couple of HN submissions about them.
[1]: http://news.ycombinator.com/item?id=2255232
[2]: http://techcrunch.com/2012/03/30/girls-around-me-creeper-app...
With that said, next time please seek us out at the hack (I have a hard time believing anyone OK'd this) and we can work with you to ensure that your app can be funny but still benefit users in a meaningful way.
While setting a facebook flavor alone isn't against the Facebook TOS, we realize that directly encouraging people to jump on their friends' Facebooks is clearly against the spirit of the platform.
It's an app designed to be authorized on someone else's account. You make that pretty clear.
People are hitting the site and using it. I wasn't sure if it was a real use case either; but our conversion rate for hitting the site and actually using it is even higher than before, so I guess some people think otherwise.