Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

We can assure you from our side, that the way the app is structured, no part aside from login, uses facebook's user ids. We've tried to be very strict about that.


How do you filter my "own" posts without correlating my Facebook id with a post-author id?


All user associated data uses our own user ids, not facebook's ids. That includes post author ids.


Your system seems to be able to correlate the FB id and user id on login to filter my own posts and aggregate my friends postings.

Am I wrong to assume that this ability might enable de-anonymization of postings after a server compromise?


No, you're correct in that assumption.

In case of a complete server breach, that would indeed allow for de-anonymization of posts.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: