The Mis-Adventures in Technology of an Old Dog Learning New Tricks…

Posts tagged ‘Social Network’

How Facebook Design Is Tricking You Into Sharing Info

A Great Must Read Article for Boing Boing and Gizmodo about Facebook Privacy.

You already know that Facebook and privacy don’t really get along, but many “improvements” to the service are making it easier and easier to share everything without even knowing. Avi Charkham rounded a bunch of these tricks up over at TechCrunch, and they’re as subtle as they are sketchy.

Some of the changes seem to play on psychology, like swapping out the old pair of “Allow, Don’t Allow” buttons for just one that says “Play game” that you either click, or don’t. Others, are sort of flagrant once you’ve noticed them. One Charkham describes as the “The Tiny Hidden Info Symbol Trick” is of those ones. From TechCrunch:

In the old Design Facebook presented a detailed explanation about the “basic” information you’re about to expose to the apps you’re adding. In the new design they decided to hide that info. If you pay careful attention you’ll see a tiny little “?” symbol and if you hover over it you’ll discover that this app is about to gain access to your name, profile pic, Facebook user ID, gender, networks, list of friends and any piece of info you’ve made public on Facebook. Quite a lot of info for a 20×10 pixel tiny hidden info symbol don’t you think?!

Facebook is a free service so you are the product; none of this should really come as a surprise. Still, its interesting—if also a bit scary—to see the design choices intended to make you part with your personal information. [TechCrunch via Boing Boing]

The Resurrection of MySpace – MySpace Adds 1 Million New Users

According to a comScore report the site has signed up one million new users and is adding an average of 40,000 new users each day. The site has been recovering since adopting new owners last June.

Facebook and Apple race to $1 trillion?

Breakingviews editors discuss the social network‘s and iPod maker’s respective valuation trajectories.

They Like Me! They Really Like Me! – Facebook Sued Over ‘Like’ Ads

Facebook is facing a lawsuit over how they do advertisements using “likes” and friends on the social networking site.

Mark Zuckerberg Hacked; Private Photos Leaked Because of Facebook Glitch

Mark Zuckerberg‘s Facebook page was hacked in the latest privacy breach on the social networking site. A series of 14 personal photos were posted on the website Imgur under the heading ?It?s time to fix those security flaws, Facebook.? They include one picture of the Facebook CEO holding a dead chicken. Facebook says the glitch resulted from a bug in one of its tools that lets users report inappropriate images and that the site was vulnerable for only a short period of time. The breach comes a week after Facebook reached a settlement with the Federal Trade Commission, agreeing among other things to make sure that the privacy of users? information is protected.

Brazilian security researcher discovers how to “friend” anyone on Facebook within 24 hours

(ars technica) If there’s any doubt how social networks have presented hackers with a wealth of social engineering tools, a Brazilian security researcher recently demonstrated how he could “friend” even allegedly more wary Facebook users in less than 24 hours. At the Silver Bullet security conference in São Paulo, UOLDiveo chief security officer Nelson Novaes Neto showed how he leveraged LinkedIn, Amazon, and Facebook to convince a target—a Web security expert he called “SecGirl” using social engineering.

Novaes created a fraudulent Facebook account, “cloning” the identity of the manager of the target. He then sent friend requests to friends of friends of the manager from the cloned account—sending out 432 requests. In just one hour, 24 of those requests were accepted, even though 96 percent of them already had the legitimate account of the manager in their contact list. He moved on to 436 direct friends of the manager, using his connections from LinkedIn—getting acceptances from 14 of them in an hour. Seven hours into the experiment, his cloned account’s friend request was granted by SecGirl.

With the information obtained by friending someone, it’s possible, Neto said, to then take over a legitimate Facebook account using Facebook’s “Three Trusted Friends” password recovery feature. Through the password recovery tool, a hacker can change both the password and the contact e-mail address for an account. The hacker could then use that hacked account for social engineering attacks on other accounts.

In an interview with Brazil’s UOL Noticias, Neto said, “People have simply ignored the threat posed by adding a profile without checking if this profile is true. Social networks can be fantastic, but people make mistakes. Privacy is a matter of social responsibility.”

A Facebook spokesperson told Ars Technica by email that Neto’s approach is a clear violation of the company’s policies, and that Facebook encourages users to report any account they think may be using a false name. “When a person reports an account for this reason, we run an automated system against the reported account,” the spokesperson said. “If the system determines that the account is suspicious, we show a notice to the account owner the next time he or she logs in warning the person that impersonating someone is a violation of Facebook’s policies and may even be a violation of local law.” The warning also requires the user to confirm his or her identity “through one of several methods, including registering and confirming a mobile phone number,” the spokesperson said; if they fail to respond within a certain amount of time, the account is automatically disabled. Facebook’s spokesperson also said that “Trusted Friend” system includes safeguards that lower the probability a recently friended person would be chosen as one of the friends used for password recovery.

By  / ars technica

original article appears here

Newest WikiLeaks release are ‘spy files’ which show global surveillance industry

WikiLeaks founder Julian Assange launched the website’s new project Thursday, the publication of hundreds of files it claims shows a global industry that gives governments tools to spy on their citizens.

Tag Cloud

%d bloggers like this: