There are some things on Facebook you just can't hide — and it appears your list of friends is among them.

The social network allows you to set the visibility of your friends list, so if you want to keep that list private, you can do so by setting the list visibility to "Only Me." The problem is that other users can still see some of your friends even if they can't access the full list, and while Facebook explains some of this on the privacy setting screen, the "Only Me" setting doesn't actually limit your friends list to only you.

For starters, you can see if you have mutual friends with another user even if that user's friends list is set to private. That means that you are able to see a sampling of that user's connections even if they've changed the privacy setting to "Only Me."

Users can set their Facebook friends list to private, but parts of the list are still available to others.

Facebook alerts users of this on the friend list privacy settings screen, but you may not notice unless you pay special attention. The warning reads:

Remember: Your friends control who can see their friendships on their own timelines. If people can see your friendship on another timeline, they'll be able to see it in news feed, search and other places on Facebook. They'll also be able to see mutual friends on your timeline.

What this means is that your friends list is really only as safe as the privacy settings used by your friends.

CyberInt, a group focused on information security and cyber warfare, demonstrated how a hacker (or really anyone with time on their hands) could take advantage of this privacy issue to piece together a user's entire friends list.

You are able to view the mutual friends of any two users on Facebook, so long as one of the two users shares his friends list publicly.

For example, Facebook CEO Mark Zuckerberg does not share his friends list with the public. Chris Cox, longtime Facebook employee and current head of product at the company, does. By using the URL template below and inserting the respective user names into the brackets, you can see the mutual friends between the two users, even if you are not friends with either person.

https://www.facebook.com/profile.name[Hidden Friends Profile]/friends?and=second.profile[Public Friends Profile]

We tested this URL with Zuckerberg and Cox, and found 248 mutual friends. In other words, we identified 248 of Zuckerberg's Facebook friends, even though he is keeping his friends list private.

https://www.facebook.com/zuck/friends?and=chris.cox

Users can't identify any mutual friends between two users who both have their friends list set to private (e.g., mutual friends between Zuckerberg and Facebook COO Sheryl Sandberg). They could, potentially, use the strategy above to piece together a larger portion of Zuckerberg's friends list.

By using the 248 mutual friends as a foundation, a user could compare Zuckerberg's friends list to any of these 248 that share their list publicly. It may not return every Facebook friend Zuckerberg has, but it's highly likely your knowledge of his friends list would grow dramatically using this system.

A sampling of mutual friends shared by Mark Zuckerberg and Chris Cox.

CyberInt even wrote a program intended to automate this process; they shared the code to Github last week.

A Facebook spokesperson sent Mashable the following statement regarding the friends list privacy setting: "While you can control who sees the full list of your friends on your Timeline, there may be other ways for people to find out who your friends are on Facebook. For example, even if you’ve limited who can see your friend list, people can still see the friend lists of your friends if they are in the audience for those lists.”

It's true that Facebook warns users about the transparency of their friends list, but it's also true that language used in the privacy settings is slightly misleading. Facebook wants to facilitate connections between its users, not hide them, which is why it makes mutual friends accessible. The more you are connecting on the service, the more useful it becomes and the more time you'll ultimately spend on the site.

That mission, however, means that some elements of your Facebook life, including your friends list, will never be fully private.