The Dark Face of Facebook

The popularity of networking sites such as facebook (and others of the same kind) is certainly a magnet for people with not-so-kind intentions. For starters, the place can be considered as a gold mine of personal information and ID thieves would love to work overtime to put their stakes on the ground, like in any good old day’s gold-rush.
I do not necessarily oppose the idea of networking sites, moreover I think they can provide a lot of value for most users. However I was intrigued by a comment my wife made about being able to look at pictures of somebody that is not in her list of friends. It looks like the security settings used by most people will allow a friend of a friend to look at your pictures or profile by just sharing a collection of pictures.
I setup my own account to see first hand how it works. I went through the security setups and found the BIG problem with the security in facebook. That is, by default, facebook leaves everything open, you are supposed to go and explicitly forbade the system to share information about you with third parties. This goes against the common-sense approach in security, that is, forbade sharing by default and let the user explicitly share (in an item by item fashion). Although this approach has the disadvantage of being annoying to most people, there is the only way to make sure you don’t end up sharing your dearest secrets with a stranger or maybe even an enemy.
A little bit of Googling around turn out a lot of references of bad thing that can happen: for example, many applications ask you permission to override certain security settings and it looks like the system allow third party companies to write applications. I do not know the process that facebook uses to vet these applications. I will not comment on that.
Below, a scary short video form the BBC, facebook’s answer to it and a bunch of links to keep you aware of the issues.

Here is the answer form facebook

Related and highly recommended
Safety Tips
The danger of facebook identity theft
facebook ignores huge security hole for four months
3 ways to protect yourself from social networking malware
For a Change Spammers get Whacked
The perils of sharing

Advertisements

One Response to The Dark Face of Facebook

  1. Pingback: Dont tell me you didn’t knew « CryptoBlog – Data Security and Information Theory

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: