Social networking has created new ways to communicate and share information. Social networking websites are being used regularly by millions of people, and it now seems that social networking will be an enduring part of everyday life. Some of the most popular among these are MySpace, Facebook, HI5, Friendster, Orkut, etc. Among others, Facebook is much more popular perhaps due to many reasons. Today it's frequent to hear people saying "everybody is on Facebook". You too have been part of its growing world wide addiction. It has become a part of our every day digital life. But, there are some serious threats that can really affect you if not taken seriously.
Security Aspects of all social sites like Facebook, HI5, MySpace, etc
The psychological aspect is the main reason for attack. Since most people access social network sites like Facebook from the comfort and privacy of their home or office, they can be lulled into a false sense of anonymity. Additionally, the lack of physical contact on social network sites can lower users' natural defenses, leading individuals into disclosing information they would never think of revealing to a person they just met on a street, or at a cocktail party.
Your personal information is probably already stored in lots of databases, but what's unique about the set of personal data which is saved in social networking sites like Facebook is that it includes intimate details (like your views on politics, religion and relationships) and that it's tied to a picture of you. This combination of identifying details with a visual image is one of the things that makes these kinds of sites so interesting and compelling, but also so potentially dangerous. Theoretically, someone could find out what town you live in and where you are going to be at a certain hour of a certain day. Using your picture, she/he could show up there and try to convince you she/he is a long lost cousin of yours who's down on his luck and needs some money.
The lack of physical contact makes it easier to build false profiles too, for example you think you are chatting with a CEO from somewhere while you're actually chatting with a completely different kind of person from a completely different place. Some serious incidents occurred with popular sites like Facebook, MySpace, etc. For Example, in July 2008, a Briton, Grant Raphael, was ordered to pay a total of GBP £22,000 (about USD $44,000) for libel and breach of privacy. Raphael had posted a fake page on Facebook purporting to be that of a former school friend Matthew Firsht, with whom Raphael had fallen out in 2000. The page falsely claimed that Firsht was homosexual and that he was dishonest. Similar incident occurred with MySpace where a fake MySpace profile created in the name of Josh Evans by Lori Janine Drew led to the suicide of Megan Meier in October 2006.[
Security Aspects of Facebook
Facebook, now the first social networking site in the world, can be considered to have security problems similar to those of MySpace, but its approach is a bit different. Part of the reason Facebook is so popular is that many users were put off by the anarchy of MySpace and see Facebook as more controlled and conservative, even if this is far from saying that Facebook is absolutely safe.
The Photos uploaded in your Facebook profile remain in Facebook database even when you delete them. This has raised serious privacy concerns since such 'zombie' photos can be later used for unethical use if not by Facebook but by external Hacker. This is very critical issue as Facebook like other social sites has become a photo sharing medium for people. A person alleged a court case on Facebook for holding his deleted photos and Facebook had no answer to it expect to manually delete them from database.
Facebook relies on third party Java applications, so that the user is not only entrusting Facebook with her/his login and password but also must trust the third-party applications that provide tools for Facebook users. There is a potential danger that the code you're running on the site is malicious or points you to a site that contains malicious code. As it has been said, Facebook lets you add applications and tiny programs that run inside Facebook itself. Facebook granted programmers free access to the Facebook platform in May of 2007, meaning that anybody with the necessary skills could create an application, so that the number of Facebook applications has grown impressively. Facebook applications are small programs that work inside Facebook. They're similar to Web browser plug-ins (like video players) in that they let you do something you couldn't do before you installed them. They're easy to install and appear on your Facebook Applications menu. Often Facebook applications are just "humorous time-wasters", like the ones that let you spray-paint graffiti on someone's wall, but there is also an increasing number of more serious, business-oriented applications: Professional Profile, for example, lets you post and edit your resume on Facebook, then track who views it. The downside to using Facebook applications is that you automatically grant the application's developers access to your profile, which poses a security risk.
After Facebook introduced new options and a new privacy interface in 2008, a security expert demonstrated it was possible to exploit security holes and access private details. Then Facebook installed a bug fix to prevent it from happening. This recent Facebook breach puts in evidence how the social
networking world is still evolving and continues to harbor a host of potential threats to personal and sensitive information. Businesses have been worried about social
networking sites ever since they exploded in popularity. As well as expected loss in productivity, there are also worries about employees releasing confidential information.
An example of relatively recent malware appeared on Facebook is "Secret Crush": you receive a fake message saying a friend of yours has secretly fallen in love with you. To discover her/his identity, you're invited to install an application and tell your friends to do the same. The application then sends you undesired ads instead of revealing the identity of the person you were looking for.
Another worm that was detected in 2008 was called "Boface.G". It uses social Facebook and MySpace to spread. This malicious software adds a post containing a link to a fake YouTube video, apparently coming from a known person. If you click on the link, a message containing the same link is sent to all your friends and you are invited to download a Flash Player update to actually see the video. Instead of a Flash update, it is a copy of the worm that attacks all you contacts.
Many attacks now have nothing to do with an exploit and vulnerabilities, they can be classified as "phishing", and they're about persuading people to click a link.
Facebook is increasingly being used by school administrations and law enforcement agencies as a source of evidence against student users. Facebook which is the number one online destination for college students allows users to create profile pages with personal details. These pages can be viewed by other registered users from the same school which often include resident assistants and campus police who have signed-up for the service. It has recently been revealed that some UK police forces are using Facebook to help their crack down on knife and gun crime. It is believed that up to 400 users of Facebook have been arrested as a result of searches of this site revealing users posing with dangerous weapons.
Some Facebook Security Guidelines
Privacy, as was said, is the first concern. People you don't imagine can get access to your profile. If you think only people who live near you or work at your company can view your profile, you're wrong. Hiring managers, parents, teachers, police officers and other folks who are determined to view your Facebook profile can find a way to do so, either by asking a co-worker or friend who is a member of your Facebook network to look up your information, or eventually by getting a court order.
There are some obvious simple advices, such as:
* Don't share your password with anyone.
* After you type your email address and Facebook password into the login page, make sure the "Remember me" check box is turned off before you click the Login button.
* Log out when you're finished using Facebook.
Besides these simple recommendations, in order to keep your private data safe, you can adopt, mainly, three strategies:
1. Try to avoid to put sensitive info on Facebook, choose what kind of information you share with the site and how much. Choose to put just the essential things, for example if you deal with hobbies (music etc.) doesn't add non-essential work information.
2. Customize your privacy settings, as will be explained below in Facebook homepage.
3. If the worst happens, fight back blocking accesses and eventually reporting the violations.
You can make your entire profile off limits to certain groups of people, such as the people in one of your networks. You can also hide specific parts of your profile (like your contact information and which applications you've added) from whole groups of people, such as one of your networks or all your friends. To do so, at the top right of any Facebook screen, choose the "Privacy Settings" item from the "Settings" menu. A "Privacy Overview" page appears, letting you choose among the following privacy related topics:
* Profile: control who can see your profile and personal information. For example, you can decide that your phone number can be seen by all your direct friends, both friends and friends of friends, no one or a customized list of persons.
* Search: control who can search for you (everybody, friends, etc.) and how you can be contacted.
* News Feed and Wall: control what stories about you get published to your profile and to your friends' News Feeds. For instance, you can decide if a single action such as adding a new friend is visible to all your friends or not.
* Applications: control what information is available to applications you use on Facebook. Just to give an example, you can decide applications can't access the information regarding your work history or your relationship status. You can also block some applications completely.
If you're being harassed by another Facebook member, you can take action. The first thing you can do is stop her/him from contacting you on Facebook. If that's not enough, you can go a step further and report the person to Facebook.
Facebook lets you prevent individual members from knowing that you're even on the site. Blocking someone keeps her/him from seeing your profile, finding you with Facebook searches, or contacting you via Facebook. It is possible to block someone in the main Privacy page.
Facebook makes reporting potential violations easy by displaying a "Report" link on every Facebook application page and next to virtually every potentially offensive piece of info members add to the site, from discussion threads to wall posts.
Final Words
This article was just to acknowledge you about the cons of the Social site particularly Facebook due to its wide popularity. This does not mean social sites are useless. They are perhaps the most advanced form of communication the human kind has ever invented. It is the only world where introvert-extrovert, Osama-Obama live together in harmony. It can help many Billu's to find their lost Shahir (just billu barber example) in this modern fast, busy and stay connected even being physically far away. Who knows you might someday find your lost childhood friend in facebook, just search for him/her. With some precautionary measures, you can make a very happy social life experience especially with popular social sites like Facebook where most of your friends and relatives exist.
Thank you and have a happy secure social circle,
Sumit Shresth
