Hacking Reputation in MySpace and Facebook

I'll be the first to admit it: I know next to nothing about MySpace or Facebook. I do know that they're social networking sites, and that -- at least to some extent -- your reputation is based on who are your "friends" and what they say about you.

Which means that this follows, like day follows night. "Fake Your Space" is a site where you can hire fake friends to leave their pictures and personalized comments on your page. Now you can pretend that you're more popular than you actually are:

FakeYourSpace is an exciting new service that enables normal everyday people like me and you to have Hot friends on popular social networking sites such as MySpace and FaceBook. Not only will you be able to see these Gorgeous friends on your friends list, but FakeYourSpace enables you to create customized messages and comments for our Models to leave you on your comment wall. FakeYourSpace makes it easy for any regular person to make it seem like they have a Model for a friend. It doesn't stop there however. Maybe you want to appear as if you have a Model for a lover. FakeYourSpace can make this happen!

What's next? Services that verify friends on your friends' MySpace pages? Services that block friend verification services? Where will this all end up?

Posted on December 7, 2006 at 7:29 AM • 54 Comments

Comments

TimDecember 7, 2006 8:18 AM

Reminds me of the joke about the Barbie doll: "if Barbie is so popular, why do you have to buy all her friends?"

Lou the trollDecember 7, 2006 8:38 AM

At some point, the masses will get bored with these sites and move onto other, newer constructs. It's like I always say, "The meek shall inherit the Earth because everyone else will have moved onto bigger and better things."

Brother JohnDecember 7, 2006 9:01 AM

Hey, know what?

Lets do the elections using the MySpace popularity ratings....

Oh, er... sorry.

MuladDecember 7, 2006 9:20 AM

Well, that's amusing, but MySpace is also earning a reputation for being a favorite target of phishers. Hackers are finding all sorts of ways to create fake login pages that snag passwords. The sneakiest ones have been finding interesting pathways which allow JavaScript onto the site. MySpace allows you to embed objects that require various plugins -- usually videos or slideshows. One recent hack exploits a feature in QuickTime where the video can contain an HREF. Turns out that you can sneak JavaScript through that hole. There's at least one guy blogging about it -- take a look at http://blog.myspace.com/burntpickle

GeorgeDecember 7, 2006 9:23 AM

At the time that TextAmerica (blogger site) began to implode, about 198 of its prime members migrated to several other blogger sites, of which FlickR became a primary site and Myspace (we call it myface) became a place to leave messages and notes to each other. Most important, we do not allow nonfriends to see us or leave comments. It is easy, so far just us in our group.

MattDecember 7, 2006 10:06 AM

This looks like a hoax. You can't actually sign up for an account. How many real web startups would *not* take your money?

EricDecember 7, 2006 10:24 AM

Seriously, how sad must you be to pay random people to leave notes on a web page so that other random people will see it and be impressed?

Ismael A.December 7, 2006 10:27 AM

So so sad...The lenghts people go to to perpetrate popularity is sad\disturbing....

"Everything is meaningless..."

a_LexDecember 7, 2006 11:07 AM

ROTFLMAO

No realy, this is hillarious!
A human being PAYING CASH to X so X will leave comments on his pages?! Holy my...

And where do the hire "friends"? I wanna earn some bucks by merely posting "friendly" comments on some fish-faced sad moron's ugly page!

HozzDecember 7, 2006 11:22 AM

After 20 years of being part of the "collective" (since Commodork64 BBS years)

I must "assimilate" my life and take back the creative, unique, professional & social skills that the "collective" internet has eroded in me... because "the Internet is way better at letting us be weird than it was at helping us be normal."

I have great fear for my family, my friends & our future after watching the "social" networks turn our great nation into criminal, self absorbed, socially dysfunctional, deviant junkies... I thought that was the governments job ;-)

Wow, a reference to "Whuffie"... I love your readers!

AlbyDecember 7, 2006 11:36 AM

Doesn't the social *networking* aspect of all this mean that as soon as one fake is found then the other fakes are also found? Not secure, methinks!

Tired of London City LifeDecember 7, 2006 11:37 AM

"Maybe you want to appear as if you have a Model for a lover"

No not at all...

Having spent six months living in the same house as a barely famous model in the 1980's I can tell you for free it's not a quite or peacfull life. The phone rings all the time, all sorts of "hopefulls" keep calling round, you end up with lots of new "friends" who come around to see you on the off chance she is in so they can indirectly get to meet her. I was glad to move out. Not that I had any trouble getting a new tenent to replace me (I should have auctioned the dam room off and got some compensation).

FreiheitDecember 7, 2006 11:43 AM

I saw this link somewhere (Slashdot maybe) and there was reasonable evidence posted that it was a hoax. Something regarding the site owner being an artist who had done things like this in the past.

When I escape the office I'll look into it and check it.

Matt NorwoodDecember 7, 2006 11:53 AM

Social networking sites, in their early conception, were based on the "web of trust" model. This system does nothing to affect that function. If I want to decide whether X is safe to date/hang out with/do business with, I can ask our mutual friend Y, or even better, look at the degree of trust/approval/whatever accorded to X by Y. This is then weighted by the degree of trust/approval I accord Y's evaluations. You can chain it out from there. You know, second-year computer science stuff.

Under this model, "fake" friends are entirely irrelevant to my decision to trust X.

I understand that this is not how these sites have worked out in practice. But I still see it as one of their few actual potential functions.

Lou the trollDecember 7, 2006 12:16 PM

@Matt Norwood. That's a great model for an overly simplistic computational scenario, but I don't see how it applies in these cases. The almost unanimous percentage of users in these environs aren't interrogating these extended sets of 'friends'. The situation is even worse in that these are often chains of 'friends' as opposed to 'sets' and as chains they have increasing degrees of separation as you traverse away from your starting node. I guess I'm saying that weighted trust valuation is an extremely rare exception to the general behavior on these sites.

Davi OttenheimerDecember 7, 2006 12:25 PM

"I'll be the first to admit it: I know next to nothing about MySpace or Facebook."

I'm guessing you were not the type to purchase a yearbook and have all your friends scribble notes in it? Or maybe not the type to decorate your school notebook with your favorite bands, names of girls you liked, etc? I can't help but think of these sites in those terms. On the other hand, sometimes I think of them as PKI gone wild, but without the keys...hint, hint.

YourSpaceDecember 7, 2006 12:48 PM

Presumably if you stop paying, your 'friends' start saying some really nasty things about you?

Neil in ChicagoDecember 7, 2006 1:14 PM

This is just the First Fallacy of the Internet all over again. The internet isn't what it was when you first discovered it; you took a snakshot of an avalanche. It's still avalanching, and still gaining strength.
How many of this year's internet superstars were stars three years ago? As few as the stars of three or four years from now are already stars now.
We are a very long way from people running out of new ideas of what to do with this thing. This morning on the bus I saw an ad for a coffeepot with an internet connection so it can tell you what to wear today. Not in Cory Doctorow or Charlie Stoss, on the ordinary city bus . . .

Matthew SkalaDecember 7, 2006 1:14 PM

If I were in high school, and if I thought having lots of cool-looking people claiming to be my MySpace friends would get me *real* cool people as friends, and in particular, get me laid, then I'd be willing to pay for it. It might actually have that effect. MySpace is very important in some segments of teenage culture; though it's laughable to us as adults, it's not a joke that some teenage cultures really do determine pecking order from how many and who your MySpace friends are. I don't see that it's all that much different from paying money for the latest cool clothes or CDs or whatever else. Everybody wants to be cool, and buying your way into social status has been a standard part of human life for pretty much as long as money has existed.

DarronDecember 7, 2006 1:34 PM

This sort of thing could be used by a pedophile to build their fake persona. Assuming a young target doesn't check very deeply into the background of their new acquaintance, it could be very effective.

Scary thought.

Just about as scary as the laws Congress might enact to stop such a thing.

derfDecember 7, 2006 1:35 PM

When the social networking scene is finished, folks will probably scour the TSA's nekkid X-ray picture collection website to find their friends and/or enemies.

FPDecember 7, 2006 1:42 PM

Reminds me of a story I heard years ago about an agency where you could order calls to your cell phone. In the middle of an important meeting, your phone would ring, and you would have a pre-arranged conversation. In a foreign language, if so desired, to show off your fluency, and the globality of your contacts.

I don't know if that story was true or just an urban legend.

robDecember 7, 2006 2:15 PM

Surely your MySpace reputation in a teen peer group depends on who the other people in the group are, not on what they look like. This is a bit like the (very old) "My (boy/girl)friend is in College but I can't bring them to meet you", or "At my last school ...."

Israel TorresDecember 7, 2006 2:44 PM

Out of curiousity I looked over on eBay and found this fine ongoing auction (currently with six bids no less...)

"I will be YOUR myspace girlfriend or friend for a MONTH"
http://tinyurl.com/y92upl

which consists of the following:

StartQuote:
^_^ You are bidding on my time to play the role of your girlfriend or friend on myspace!

^_^ I will post comments - messages - bullitens ( You can have me write what ever you want them to say) .

^_^ I will put you as number 1 in my top 8.

^_^ I will communicate daily with you for an entire month ( first day starts when the auction ends).

^_^ You will not be Disapointed.

^_^ I will make a myspace fan club of you if the bidding reached over $50.00

^_^ http://www.myspace.com/133146124


This auction meets all of the requirements to be listed in this category. This is in no way a sex offer or sexual offer. You will not recieve anything more from me then personalized myspace communications(that I listed) You are simply receiving 1 months worth of personalized messages, comments , bulliten or what ever more you can think of that you can do on myspace.
EndQuote:

... (spell checker not included in this auction?)
Israel Torres

Andre LePlumeDecember 7, 2006 3:09 PM

Bill Gates (or Dennis Ritchie, if that's your preference) could make big bucks on LinkedIn this way :^)

"[Your name here] was instrumental in helping me overcome challenges in operating system design. Modest as he is, he took no credit."

Man would that be funny.

Matthew SkalaDecember 7, 2006 3:18 PM

"Surely your MySpace reputation in a teen peer group depends on who the other people in the group are, not on what they look like."

In a word, no.

Richard BraakmanDecember 7, 2006 4:17 PM

@Israel Torres:

The spelling errors add authenticity :) After all, the buyer will want her to leave comments that look like she was spontaneously gushing all over the keyboard. That's not a state of mind in which you use a spelling checker.

RoxanneDecember 7, 2006 4:42 PM

I am even more tempted to go create the Mythical Me on MySpace. You know, the Me that would exist if I had followed a Different Life Path. That person is probably either herding sheep in New Zealand, or living with some rich dude on the upper west side of Manhattan, or possibly leaking confidential information to folks at the NY Times (since the Washington Post doesn't do investigative journalism anymore). Of course, none of these folks would have MySpace pages anyway, so I guess it doesn't matter. :-)

Absolutely AnonymousDecember 7, 2006 5:09 PM

@Richard Braakman

"spontaneously gushing all over the keyboard."

Thanks. That explains all the typos and mistakes I make when contributing to this blog :)

Davi OttenheimerDecember 7, 2006 7:49 PM

@ Matthew Skala

"buying your way into social status has been a standard part of human life for pretty much as long as money has existed"

Exactly! Moreover, leveraging a little investment to convince others to spend their money on you for no reason other than everyone else seems to be doing it, is yet another standard part of human (and lemming) life. I mean if you can use this system to build credibility into your evangelical church, your exercise machine, your weight-loss system, your TV show...

A variation of this theme I worked on a couple years ago was a plan where you could see online where all of your "friends" or other cool people were congregating. I reasoned this was a social-networking based form of advertising and prone to all kinds of abuse.

Like a land-rush proposal, the security of the ID registration, linking and related trust issues tended to be purposefully left weak in order to increase the chance of use (growing a userbase was the first objective). This model is great at first, but has some rather tough security bumps down the road. Imgaine, for example, the cost/benefit for a business-owner who creates fake IDs to appear en masse in/around their location. Each ID has value, but if that value increases exponentially as they multiply (collective power), then the incentives are clear for mass ID generation, cracking, and control systems.

Reminds me ofDecember 8, 2006 7:58 AM

Incidently, I did consider becoming an imaginery (male) girlfriend.... easy money!

Nathan JonesDecember 10, 2006 6:24 PM

In response to all the comments saying that is it's sad/silly/unecessary to have fake friends to impress your true friends or random stragers, I agree, but...

What if your online persona itself is fake? Let's say I want to gain information by having someone's trust: perhaps I'm stalking someone, or checking up on a girlfriend. Creating an empty MySpace page and then initiating conversation with her might come across as creepy or suspicious. But if I first populate the page with friends, comments and photos, suddenly I seem like a real person.

B1G-T0nYDecember 13, 2006 6:08 PM

that is true nathan , but i would not pay for some friends... i have a program i use that will auto add everybody in any specified location you put. so i use that... ;)

Help meJanuary 31, 2007 11:33 AM

my computer at home is broke so uhhh i need to get on myspace at school but the point is i've tried everything and nothing at all works we were using this one sight but now it's blocked that one was www.snowgraveyard.com
but now it's blocked so what else can i try i've tried everything!

Tom - MunichFebruary 27, 2007 12:15 PM

That's what I like at the Internet. It creates services for mutually ALL the little needs and pains we have. Not that I feel the irresistible urge to surround me with the Halle Berries or ____ ( enter the name of your favourite VIP here), but – hey – we were all young and I perfectly understand the urge.

But why stop at the fake CV (tall, athletic, IQ190, 6 languages, …)? The only logical consequence is to have fake friends, fake animals, fake ancestors, fake achievements, fake heroic deeds, fake houses, fake degrees, fake enemies and so on. The next business model ist to create and maintain a consistent fake life, taken out of a catalogue and customized to one’s delta between claim and reality – the Fake Factory.
In the Fake Life, you can even pay someone to have him rescued from a burning building. You can create lists of rescued people, sorted by catastrophe – beautiful people of course, worth to be rescued. For the most bizarrely rescued person you get the catasTrophy.

It’s “brain, the final frontier, these are the voyages of the person….. to boldly go, where no avatar has gone before��?

happy faking

tom (no fake) Munich (no fake either, I promise - really! Believe me! It's true! I swear both hands.....

tiger eyesJune 12, 2007 8:24 AM

Ok how to i do this fake space am newq to my space and it will take time to ask friends to writ me comment and i think in return i have to writ them bak i dont have much time can just liek tell me how and thanks for this great offer

ninaSeegeJanuary 15, 2009 4:31 PM


Жалко, но порой необходимо сменить образ жизни. И писать такие грамотные посты.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..