[cblconfederate]

Id is already hashed per-app from facebook's side

[nulbyte]

The article points out that this doesn't maintain privacy:

> I discovered that, even though the ID was unique to my FB-app, it was still possible to go to facebook.com/{id} and be redirected to the user’s FB-profile.