There’s a new service called Stalkbook that allows you to stalk people on Facebook even if you are not friends with them on the social network. Before you get all interested thinking that we are going to introduce ways to stalk people online, you should know that stalking is not cool and is against law.

Even the Stalkbook site says “Stalking is considered to be morally wrong. Why don’t you try talking to the person instead.”

So what is Stalkbook? It’s a service that lets you view a person’s profile, photos, contact info, etc. by using other Facebook user’s credential who is a friend of the person you want to stalk. Or bluntly put, it’s an MIT graduate’s solution that helps you stalk people.

The man behind the service Oliver Yeh explains how Stalkbook works: “Whenever a person signs on to the application, not only does he reveal his own information but he also compromises all of his friends’ information. So for example, if I sign on to the site, then my friend Trevor would also be signed on to the site because I’m friends with Trevor.

With my credentials, I can see Trevor’s information. Now, everyone on the Internet can also see Trevor’s information by using my credentials. And as more people sign up to Stalkbook, you get this network effect, in which you only need perhaps 10 percent of Facebook to join to compromise 80 to 90 percent of Facebook”.

But how do you get other people’s information? “With Facebook API, which is software that Facebook developed so that third-party developers can access Facebook’s information, I can access to my friend Trevor’s information.

And what Stalkbook does is it goes through all of a user’s information and all of the friends of the user’s information and stores a cache copy on the website. When somebody else visits Stalkbook, he will  now have access to a cache version of Facebook’s data, even though he doesn’t have permission to access Trevor’s information.”

Stalkbook is not available for the public yet. So what’s standing against Yeh? Stalkbook is in violation of Facebook’s terms of service which says “You will not solicit login information or access an account belonging to someone else.”