A list of my friend's facebook statuses and "groups" people had liked related to the content on the CNN homepage. Every time I refreshed the page, the groups and statuses changed. This disturbs me for two reasons that I hope don't sound absolutely crazy.
The first reason: If a person is listening over your network with something like wireshark, he now has a list of people you know just after a few page clicks. He can look these people up on facebook and get a lot of information on you just with that. Maybe a mandatory HTTPS:// on any site consuming the facebook api in the way is the way to go?
The second reason: Does this adhere to the privacy settings I set? or does this adhere to the friends who can see me when logged in? If my statuses are being sent onto a web site like that, that would make me incredibly uncomfortable.
I have gone to great lengths to make sure what I put on face book stays on facebook. These gadgets are poking up everywhere, and simple javascript exploits could gather this data, let alone trojans, activex controls, or rogue BHO's.
Am I just being too paranoid?
And just FYI: If you ever need any info on people, it's scary how much info you can get from facebook not even being their friend.
EDIT: Ok, I did some research using wireshark. I was successfully able to capture my Facebook integer ID that they used before we all had 'usernames' and find myself. Not only that, but it was my whole facebook cookie.
