I would highly recommend against using this tool, as it is against Facebook's Terms of Service. Robert Scoble was kicked off Facebook in January 2008 for pulling a stunt exactly like this (http://scobleizer.com/2008/01/03/ive-been-kicked-off-of-face...). While his fame and contacts allowed him to get his account reinstated in short order, many of us might not be so fortunate.
So in other words, it downloads the ith friend at time 11*i +/- 1s; an average of one download every 11.5s might just be sufficiently slow to avoid getting banned from Facebook. Obviously, Facebook could look for patterns in their logs that look like the tool (too high a ratio of friend data downloads to other pages, for example, or an unnaturally high goodness of fit to 11s plus uniform variation), but it would probably be quite expensive for them to make such searches too complex, and if an arms race between the autoblockers and the downloaders ensued, the downloaders would have the upper hand because Facebook has the disadvantages of needing to avoid false positives and to deal with the large amount of data they would need to process to do any complex statistical analysis across all access requests.
A few sources cite the median number of Facebook friends at 150 - so even at the relatively slow rate of one friend data download a minute (perhaps with some intervening decoy requests), half of all Facebook users could download all friend data in 2.5 hours. A non-bot user could easily hit Facebook at that rate, and Facebook would get very bad PR if they started banning a significant proportion of their user base due to false positives.
I would highly recommend against using this tool, as it is against Facebook's Terms of Service
I would phrase the facts a little differently. I would say that if you use this tool, FB may choose to discontinue your service, while not making a personal recommendation either way.
Quite honestly, if FB chooses to "kick me off" for taking action to reduce my dependency on their service... No great loss. My business will not fail. My kids will still love me in the morning. And my friends will email me as they always have.
Ultimately, I view the threat of kicking me off FB as roughly equivalent to a cable company telling me that if I don't take a particular bundle of services, they won't do business with me any more. Well, ok, you win, let's not do business any more.
I'd be curious what would happen if thousand of people used the tool rather a lone researcher.
As we saw with Facebook's censorship and uncensorship of lamebook.com, their "terms" seem to be essentially "we'll do what we can get away with and back-off if enough people push back".
Well, if you intend to leave facebook anyway and want a dump of your frendlist to invite them to some other, more open social networking system, it doesn't matter that you get banned does it?
^^ What he said. I did this, and it exported my 800+ contacts in less than a minute. Then I imported them to Address Book for Mac and used AddressBookSync (http://danauclair.com/addressbooksync/) to grab the facebook profile pictures and add them to each contact.
edit: I mis-spoke. You'd need to request the email address from each user individually. Okay, I admit, that is kindof sucky. That said, I completely understand this move. My guess is that this is to prevent "farmville" from dumping a list of all of my friends' emails, and then spamming them.
About halfway down the page, click the link after the word "friends" for a JSON of your friends and their UIDs. Fetch this and iterate through the IDS for basic info.
Email addresses aren't in there. When I look at my own info, I see a @proxymail.facebook.com email address, which is presumably what an app would use to email me. It's not what you'd want for exporting contact info.
yes: "Getting an access token for a user with no extended permissions allows you to access the information that the user has made available to everyone on Facebook. If you need specific information about a user, like their email address or work history, you must ask for the specific extended permissions. "
I thought you could export all of your Facebook friends email addresses using Yahoo Mail or Hotmail I opened a new Yahoo Mail account last week and did this...did they remove it? I thought that there was a big uproar because Gmail users were not able to do this so Google blocked Facebook from exporting Gmail contacts.
Regardless, this sounds like a great extension and you should not have to open a mail account with Yahoo or MS to export your friends. This is an excellent idea!
Yes but that's only because Yahoo and MS have a deal with Facebook and you don't know how long it will last.
Facebook was explicit in their reply to Google that they feel they can block people exporting their friend's emails. Friend emails are exported by the "export tool" - in fact, you get but a list of names from that.
I would be very interested in looking at the code and noting people's experience with this. One writer was kicked off Facebook for exporting his address two years ago.
I had a friend create a pipe where he synced his fB to Yahoo, and then Yahoo to Gmail to put his contacts in Gmail... I was contemplating writing a Firefox (or Chrome) extension where you input your Yahoo / Google / Facebook account info. and the extension goes off and does the piping for you. But! this looks awesome, need to go test (by reactivating my fB account...)
I'm trying to get all of my friends to use .tel domains. That way they own their data and I can discover all of their URIs dynamically (through DNS) from various apps. It doubles up as a web based "business card", which makes it a slightly easier sell.
How does the privacy features (i.e. restricting access to certain information to certain people) work if the information is embedded in DNS? (Also, how can you use "dig" or similar to extract the information from a *.tel address? Everything I try seems to return the same sort of information I'd get from any other domain.)
Privacy is achieved by encrypting records (1024-bit RSA, PKCS#1.5) and storing them using a sub-domain label known only to the counterpart (your friend). Keys are brokered by a service called TelFriends, and this is the only element of the system that's centralised. However, you only ever use it to make new friends, as your client is supposed to cache keys.
Of course, all of this complexity is hidden behind a pretty interface, so users don't have to worry :)
As for the dig command, perhaps your resolver (DSL router?) is buggy? Try Google's:
$ dig @8.8.8.8 andy.tel naptr (or 'txt' for my text records, and 'loc' for my location).
"In contrast to other top-level domains .tel information is stored directly within the Domain Name System (DNS), within the actual domain name record, as opposed to the DNS simply returning details (such as IP addresses) of the machines on which information can be found."
There should be a red link in the top right corner of your facebook page that says "Export friends!" (right to the left of the "Home" link).
Once you click that, just follow the accompanying instructions and it should work - although be warned it takes a long time, especially if you're doing it for a lot of "Friends".
somebody needs to get the facebook mobile apps and reverse engineer them to figure out how their own apps are able to extract all friend contact info (email, phone #s)
mimicking an official client would be a lot better than this extension which relies on facebook leech detection not noticing the requests and banning you
It's a bit of an alarmist, though accurate, alert: anything which has access to your tabs (ie, anything which can observe / inject into a page) also has access to your "history" as it can see what you're browsing. I'm sure other permissions also trip this, but "tabs" is one of the most common, and I ran across it recently too: http://code.google.com/chrome/extensions/tabs.html
The recently launched OSS project https://sourceforge.net/projects/themycubevault/ is looking for plugin developers to do exactly this kind of data export. I will try and port the JS extension to run there instead.
They don't, however, seem to mention their names anywhere. If Facebook knows the name of the author, they can threaten to ban them from Facebook if they don't take it down (about the only leverage they have to exploit).
However, to get a real name, they would need to get Google to reveal an IP address, and then the user's ISP to reveal account details - hardly a simple process.
Google isn't going to hand over the IP of the authors, so they would need to file a (probably baseless) lawsuit and try to subpoena the names - something Google is likely to fight since the software is in their interests too.
There is a Sony Ericsson application in Facebook which retrieves all your friends' phone numbers and upload it to their servers which then can be synced with any Sony Ericsson phone . Then I can download it as CSV by connecting the phone to the PC. A round about way but it works. So I guess there might be other apps which does this.
wouldn't this be in violation of the tos and/or technically impossible? If not, why can't I write a fb app that syncs all my friends' data to my server?
Fortunately, the binary extension is still downloadable at this URL: fb-exporter.googlecode.com/files/fb-exporter.crx