We’ve all seen or known someone that fell victim to the scams or hoaxes on Facebook. So what is Facebook doing to improve its security? Actually, Facebook gives users the option to improve their own security, but, how does that help if users don’t take the time to set those options?
The internet security firm, Sophos, has made some suggestions to Facebook regarding the privacy issues that almost everyone has been victim to.
Sophos basically offered up an open letter to Facebook that highlights three important steps to improving security and privacy.
Sophos tracks all kinds of phishing scams and clickjacking (basically a worm attached to the like button to make it appear as if you like the link and not the Page). Lots of users have been victims to the clickjacking attack; you get a status update saying “The Prom Dress That Got This Girl Suspended From School”, you click on the link and all you get is a blank page with Click here to continue and then that status message is posted to you page. It’s a vicious circle that never seems to end.
Facebook’s reputation for clean servers and login systems is actually impeccable and they have been quite successful in keeping security breaches to a minimum. The problem is all the duplicitous apps that have sprung up.
Sophos recommends three things to combat this problem:
- HTTPS coding should be used for everything and also be the default setting instead of an opt-in
- Privacy should be a default setting instead of an opt-in
- All apps and app developers should be thoroughly examined and approved before being published on Facebook
The approval process for these new apps should have a stricter protocol than what it is now if for no other reason than the ginormous (Yes I know that’s not a REAL word) number of developers out there.
Just adhering to these three steps would make maintaining privacy on Facebook a much easier task. It seems like this should all be common sense, right?