Facebook says 400 million users have it. But are they well-protected from unwanted ads, scammers and prying eyes?
Not according to CSO (Chief Security Officer) founder Joan Goodchild online.
She says that your anonymity is much more likely to be violated than you know when you sign on to the social network site because of technical gaffes or the company’s marketing practices.
The fire on Facebook was shot last week when 15 data protection and consumer protection groups filed a petition to the Federal Trade Commission requiring the site to circumvent anonymity settings for private purposes, among other issues, in the hopes of making personal information available to users. Several Facebook users find their private conversations on their contact list open to everyone— a major security breach that many people doubt how secure the network is.
On Saturday morning’s “Early Show,” Goodchild discussed five risks that Facebook users often do, without being aware of:
- Your information is being shared with third parties
- Privacy settings revert to a less safe default mode after each redesign
- Facebook ads may contain malware
- Your real friends unknowingly make you vulnerable
- Scammers are creating fake profiles
Below is an edited interview transcript.
Is Facebook a secure platform to communicate with your friends?
Here’s the thing: Facebook is one of the world’s most famous sites. Security holes are regularly found. It’s not as safe as people think as they sign in every day.
There are certainly growing pains. Facebook is a young company and has been around a couple of years. It still figures this out. You’re so young, you’re still trying to figure out how you will make money. It is difficult to compare this to others; we never had this phenomenon before in the way [ so many ] people communicate — just e-mails come closer.
The crime threat is real. The Internet Crime Complaint Center reports that in 2009 victims of Internet related crimes lost $559 million. That was 110% more than last year. When you are not careful about using Facebook, if you share data with a dangerous person you think is actually “a friend,” you look at the potential for identity theft or even an attack. Recently, one British police agency has reported that the number of crimes it has responded with Facebook in the last year has increased 346percent. These are real threats.
Lately, a week doesn’t seem to have passed without some reports about a Facebook security issue. TechCrunch discovered a security hole earlier this week that enabled users to read the private chats of their friends. Facebook has fixed it since then, but who knows how long it had been? It might have been like that for years, others suggest.
Investigators from the VeriSign iDefense group found out last month that a programmer sold Facebook usernames and passwords to a website for anonymous hackers. It was estimated that he had about 1.5 million accounts-and traded between $25 and $45.
And the website is continuously being targeted by hackers who want to harass or obtain data from these 400 million users or run such scams. Yes, there is a lot of criticism in the Facebook security community. That the most irritating thing is that the company rarely asks inquiries.
Do people really have privacy on Facebook?
No. There are various ways in which third parties can view the data. For example, you may not know that you play the popular games on Facebook, like FarmVille or taking those popular quizzes-each time, you require an application that provides third-party details about that you you have never subscribed to to be downloaded to your profile.
Does Facebook share info about users with third parties through things such as Open Graph?
Open Graph is a new Facebook project that it introduced at its F8 conference last month. It is essentially a way to share the information in your profile with a range of third parties, such as advertisers, so that they get a better idea of their interests and what you are talking about, so that Facebook, as shown, can “make it a more personal experience.”
The theory behind Open Graph–even if it has not implemented it–is its whole business model, isn’t it?
That’s the business model — Facebook wants you to share as much information as possible so that it can make money by sharing it with advertisers.
Isn’t it in Facebook’s best interest to get you to share as much info as possible?
That is absolutely true. The goal of Facebook is to get you to contribute as much information as possible so that it can be shared with advertisers. The more information you share, the more deals you can make for advertisers.
Isn’t there also a security problem every time it redesigns the site?
Each time Facebook redesigns the site [ usually ] a few times a year, it returns the anonymity of your account to a default, which essentially makes all of the knowledge public. You, the customer, have the responsibility to check the security settings to decide what you want and what you don’t want.
Facebook will not [ necessarily ] notify you of the changes and automatically update your privacy settings. You will find out through friends many times. Facebook does not alert you of these updates, it simply informs you that the website has been updated.
Can your real friends on Facebook also can make you vulnerable?
Yes. Clearly. Your protection is only as strong as the health of your mate. If someone in your friends ‘ network has a weak password and their profile has been hacked, they can, for example, actually give you ransomware.
There is a common fraud called a 419 scam, where somebody hacks your profile and sends messages with your buddies asking for money, saying, “Yeah, I’ve been in London, I got mugged, wire my money, please.” People believe that their good friend wants help— and eventually wear money to Nigeria.
A lot of Web sites we use display banner ads, but do we have to be wary of them on Facebook?
Absolutely: Facebook couldn’t view all its advertising. It has not done an excellent job of ensuring which advertisements are secure and not safe. As a consequence, when you search around a day that includes malicious code, you can get an ad in your profile. Yes, last month a ransomware ad asked people to download virus software that was a bug.
Is too big a network of friends dangerous?
You meet people with a lot of followers – Facebook’s 500, 1,000 friends? What is the likelihood that they’re all real? In 2008, a study concluded that 40% of all Facebook profiles were false. They were generated by bots or impostors.
If you have 500 friends, there is undoubtedly a percentage of people you really don’t know and you share lots of information with them, such as when you are on vacation, the pictures of your family, the names of their children. Do you really want that information to people you don’t even know?
No comments:
Post a Comment