Hi, my name is Keith Adams, and I worked on Facebook's typeahead. The system has evolved a bit since we launched, but I talked about first_degree.php in the tech talk we did about the typeahead back-end last year:
Briefly, first_degree.php returns objects you're directly connected to in the graph, and if there's space a few machine-generated guesses at other good results. We preload these as soon as you focus the "Search" box at the top of the page, in the hopes of having some decent results to show when you start typing. The index field does, as the article inferred, represent our best guess at a ranking function on these first degree objects. The inputs to this ranking function explicitly do not include other users' behavior on the site. I talked a bit about our ranking function in this quora question:
Keith, I would like a feature to clear my facebook search history/profile view history. I consider it a privacy issue.
The knowledge that anyone who stumbles across my logged-in profile can see who I'm interested in by experimenting in my friend search bar has a chilling effect on the profiles I view. Google and most browsers have a 'clear search history' feature- it would be nice if facebook had the same.
That's not a privacy issue, its a security issue. If you can't be bothered to log out your account on shared computers, people are going to get access to your account, and a malicious person will be able to do anything they please. Search type-aheads are the smallest of your problems.
Being able to uncover what profiles have been viewed is a significant problem for a lot of people. And they aren't worried about malicious users - they are worried about their partners/parents/children seeing which profiles they've viewed. Who looks at what profile is one of the most sensitive pieces of information facebook has, and I'm a little surprised that they do this.
I'd be more worried about people accessing my Internet banking or my email than who I look at on Facebook. Log out of your bloody accounts before you leave your PC!
Just to be clear - I don't think people are especially worried about strangers seeing which profiles they've viewed (it would be quite unlikely it would be meaningful) - they are worried about the people they trust seeing which profiles they've viewed.
Facebook doesn't show which profiles you've viewed explicitly for a good reason - I think they were just hoping that this would be obfuscated enough not to get much notice.
they are worried about the people they trust seeing which profiles they've viewed
In other words, you don't trust the people you trust. Perhaps you need to rethink your behavior, based on your revelation that you don't actually trust them.
It's not always as simple as that. There are times where it's better to keep certain information from certain people no matter how much you trust them or like them. It's just better that way.
Some of us have had significant others with jealousy issues. It's not that we don't trust them, it's just better if they don't worry about silly issues like whose Facebook profiles we've been perusing. Not because it's a secret or because there is anything to hide, just because it helps the SO control their counter-productive impulses if they aren't informed on the matter.
That same kind of avoidance can be applicable in all other sorts of relationships. It's not that the people aren't trusted, it's just that there's no reason to know, and it will only cause damage if they find out -- not because it's bad or trust-breaking, but because the person's reaction may be problematic for completely different reasons (compulsions, or potential taint of future circumstance).
this is the old "you don't have anything to hide" mantra dressed up in more personal terms. people aren't perfect and they have the right to distrust their closest friends if they want to.
Of course they do. That's why modern operating systems have security.
It just doesn't make sense to insist that both (a) I want to leave everything unlocked and open; and (b) I don't want anyone to be able to see what's there.
You've got every right to protect your privacy from prying eyes. But if you want to do so, do it.
I often hand my laptop or iPad to my wife so that she can look at something/use it for a few minutes while sat on the sofa (her computer is a desktop in the other room).
I normally don't bother logging out of whatever sites I'm logged in to.
I'm not too bothered what she sees if she opens up the Facebook tab with me logged in - but I can see that it may be a problem for some.
And I don't think that "hand it over for five minutes to check something" is that uncommon a use-case.
"here - look at this interesting article on Wikipedia"
... she starts reading ...
... I get bored and go to make cup of tea, forgetting that I hadn't logged out of Facebook ...
... she finishes article, closes tab and finds herself on my Facebook page ...
It is my fault, but a "clear history" (or at least make my history invisible) function would mean that mistakes like the above will have much less impact
I disagree, it most certainly is a privacy issue. You may share a computer with friends, room mates, and significant others. If someone had access to your facebook account they could read all your messages, but this is something we are all aware of. Up until now I was _not_ aware of the fact that someone gaining access to my account could actually discover which profiles I frequent, which is like having a browsing history I did not know about, which I cannot even clear/remove after I learn about it. This is what makes it problematic.
If someone you don't trust has access to your logged-in profile, you have much worse problems. For example, they can read all of your private mail and send mail as you.
There's more to it than just logging out. What if you don't want a subpoena to reflect your most visited profiles? There should be a way to purge any data kept longer than the routine access log cycle, including information on frequently viewed profiles.
The fact that someone can "stumble across" your logged profile is less of a concern for you than the fact that they might see your search history? Seriously?
If you read his discussion of how it works, though, that's very much not what this is. What you're asking for doesn't even make sense, to be honest.
It's not about who you search or view. It's all just a big guess at who you might be interested in. From what I've gathered, it tries to find probable relationships based on all of these factors:
Comments, Likes, Tags, Events, Applications, Friends, and Work and Education data
Note that those are both your own comments, etc, and those of the people it's trying to relate you to. Who knows exactly how it combines all those to come up with its guesses, but I'm quite positive it has fairly little to do with who you're actually viewing (though I'll admit, maybe that's a small factor in there, too).
I guess this implies that Facebook does not really remove the imported information, but that it keeps this information and just hides those contacts from you in the friend finder interface.
I think you're leaping to a bad conclusion. Keith's post mentions "computer-generated guesses" to fill in the list. Looking at the guesses in my list, they appear to be friends of friends. (The prefill list is probably using logic similar or identical to the logic that presents "people you may know.")
Find somebody on your mystery list who isn't a friend of your friends, and then you can get paranoid.
I see plenty of people I know of but have never interacted with online (in fact I just found the previous-unfound profile of a coworker with a very common name). Facebook is /smart/--though I wouldn't doubt for a second that they've used your friend finder data to strength their edgerank data I would not be surprised to learn their seeming precognition comes from more esoteric sources.
Interesting point - the "friend ranking" numbers are different when I checked Mozilla vs. Chrome.
In Mozilla, the first person ranked was at -6.2650374; on Chrome, it was -7.2581474 (I go back and forth with this person quite a bit). Also, the ranking of some of the people were different.
My guess is something to do with browser cookies or caching - any ideas why this might be the case?
OT, but for the second time this year, someone is newly (just as of today) using one of my secondary Gmail accounts as their FB user ID. They don't appear to have access to the Gmail account -- and I've newly killed any concurrent sessions and then changed its password and security Q/A to be sure. So, I don't know how they're accomplishing this. But that Gmail account received the sign up confirmation messages and is now filling up with friend confirmations.
Any chance you could plug me into someone relevant at FB, as this appears to be a recurring problem without a ready explanation? Email to pasbesoin at that gmail place.
P.S. As best I can determine, my systems are clean, and I've no other problems/compromises that are apparent. There appears to be something borked with the Facebook account creation confirmation process.
https://www.facebook.com/video/video.php?v=432864835468
Briefly, first_degree.php returns objects you're directly connected to in the graph, and if there's space a few machine-generated guesses at other good results. We preload these as soon as you focus the "Search" box at the top of the page, in the hopes of having some decent results to show when you start typing. The index field does, as the article inferred, represent our best guess at a ranking function on these first degree objects. The inputs to this ranking function explicitly do not include other users' behavior on the site. I talked a bit about our ranking function in this quora question:
http://www.quora.com/How-does-the-new-Facebook-search-engine...
Edit: To clarify what a lot of people seem to be wondering, visiting someone's profile does not affect the search results of anyone but yourself.