[doosra]

The problem feature "allows users to quickly find out whether people they know are on Facebook and invite them to become a friend by uploading a .txt or .csv file of email addresses."

Facebook would reveal alternate email addresses of a user if at least one matched the .txt list. This bug was fixed.

The feature can still be used to validate email addresses, for example by spammers. Further, many social networks display limited information about the user, which can be useful demographic information to a spammer, if the email address is known (guessed correctly).

This feature is very useful and is critical in quickly expanding one's social network. Unfortunately, it seems it can be easily exploited. How would one prevent misuse? Limiting the number of email addresses checked in the .txt file may be one partial solution.