Categories
Security

More On Facebook Places Privacy

Via NY Times:

“I like Foursquare because I can actually pick who sees where I actually am, compared to Facebook, where I have 1,200 friends,” she said. “I don’t want 1,200 people knowing where I am.” Facebook does let users pick a smaller subgroup of friends who can see location updates, but MS. Lovelidge said it would be too much trouble to set that up.

Emphasis mine. This isn’t lost on Facebook. Zuckerberg himself said: “But guess what? Nobody wants to make lists”.

The problem is that for every MS. Lovelidge who at least acknowledges the risk and avoids it, there will be 10 others completely oblivious to the risks.

One great lesson here is that you can’t change the paradigm and assume an old security model, in this case the “friends” network will continue to work. This is the equivalent to turning a store into a private residence without bothering to replace the open store front with a more traditional door.

Categories
Security

Sharing Location With Strangers Via Facebook Places

Twice in a weeks time [1, 2] I’ve suggested that teens in particular have more “friends” than friends. AOL apparently did some of the research for me regarding the prevalence:

…more than half of the children surveyed (54%) don’t personally know all of the friends…

54% of teens surveyed don’t know all their “friends”. Facebook defaults the privacy settings on places to “friends”. 54% of children surveyed will likely be sharing their current location with people they don’t personally know. Places will catch on, especially once the check-in games start coming up and it becomes more fun and competitive. Half will likely share their location with people they don’t know.

Think about this for a second. Just a few years ago society would have found the idea of teenagers revealing their current location to people they don’t even personally know to be insanity.

It’s easy to fix, just setup a group and include/exclude as desired. The problem is awareness of the problem is low. Also problematic is the desire and patience to sort through several hundred “friends” and bucket people.

It would also be easy for Facebook to fix by forcing users to either select specific groups or individuals rather than just defaulting to the overly broad “friends”. They have the UI, and it’s actually pretty good (I’ve got some gripes, but they don’t apply to 99.9% of the population) they just don’t make users go through it for the sake of simplicity.

I don’t really like this.

Categories
Security

More On Facebook “Friends” And Privacy

Last week when I wrote about the risks of Facebook Places I specifically said:

Decisions on who qualifies as a friend may have been made a few years ago when the risks were different and content being exposed was much less harmful. Letting a stranger see your obnoxious status update is different than letting them know where you are.

MG Siegler at TechCrunch just realized this himself and cut the number of friends he had in half. To quote:

Facebook is mutating. The problem is that the original social graph isn’t built for this mutation. And we’re going to see that very clearly with things like this new location element.

I’d argue MG Siegler is brighter and more in tune to this sort of thing than 90%+ of Facebook users. Perhaps 99%. If he just realized this now, it’s going to take a long time for the more casual user to catch on.

As I wrote last week, the term “friend” has been grossly distorted over the past few years. I strongly suspect the most at risk users are the ones who distorted it the most. Defaulting things like Places to “friends” isn’t good enough.

You’ll be seeing more about this in the press over the coming several months. This is going to get messy as people leak information they didn’t intend to.

Categories
Security

The Real Risks Behind Facebook “Places”

Facebook made some peculiar decisions in the privacy rules for Facebook Places. The problem is hardly just a technical limitation, it’s endemic of the way social media has altered society and technology must help the user be aware and workaround it.

Categories
Security

Facebook “Simplistic” Privacy Settings Coming Soon

I’d be nothing but a jerk if I didn’t post this considering I’ve spent a fair amount of time criticizing Facebook’s privacy policies. Facebook head of public policy Tim Sparapani as quoted in Wired:

“Now we’ve heard from our users that we have gotten a little bit complex,” Sparapani said in a radio interview Tuesday. “I think we are going to work on that. We are going to be providing options for users who want simplistic bands of privacy that they can choose from and I think we will see that in the next couple of weeks.”

I can deal with public defaults provided it’s clear in the UI that the defaults are public and the user has an easy way to adjust privacy. What isn’t addressed is this policy of resetting things when changes are made. No comments on that as far as I can tell.

Categories
Around The Web Funny

Victoria Secret – You Like This

Victoria Secret "Like" Limited EditionI couldn’t resist posting this one. Apparently Victoria Secret has a free “limited edition” (with store purchase of course) panty with “you like this” printed on the back with a thumbs up, an obvious homage to Facebook.

Countdown to sexual harassment for unwanted “clicking” or “liking”? I’m sure some genius will get into trouble for that.

We could of course get into a debate over if it’s objectifying women, or just make jokes about how it’s “social” and “viral”. The parallels to privacy debate, etc. But as Sigmund Freud allegedly said “sometimes a cigar is just a cigar”1.

Before someone email’s me: yes, I posted the image and yes you can click for a full-sized one (you’re welcome). For the person who questions my judgment: It’s really no more mature than anything you’d see at a pool or beach. Grow up. For the person who is guaranteed to email asking where the original coupon is: you can find it here or here. Lastly, no, this isn’t the first time a butt has graced this blog, it’s the second time just this year.

[Hat Tip: Center Networks]

1. It’s attributed to him, but there’s no evidence he actually said it as far as I’m aware.

Categories
Internet Security

Why “The Geeks” Are Upset About Privacy

Pete Warden on why everyone should pay attention to “the geeks”:

So why are the geeks so upset? They’re looking down the road and imagining all the things that the bad guys will be able to do once they figure out what a bonanza of information is being released. Do you remember in the 90’s when techies were hating on Windows for its poor security model? That seemed pretty esoteric for ordinary people because it didn’t cause many problems in their day-to-day usage. The next decade was when those bad decisions about the security architecture became important, as viruses and malware became far more common, and the measures to prevent them became a lot more burdensome.

I’d recommend reading the entire article.

That might be the best argument I’ve seen in a while for people who just don’t get it. When you spend enough time dealing with data you’re forced to understand the threat models that can impact your work. You become very tuned into what the potential exploits are and how it can be used to everyone’s advantage, and disadvantage. Despite surveys that show people are “concerned” about their privacy, and some “use privacy settings” I’d venture very few, likely less than 10% actually understand what harm any piece of data can have, and how exactly it’s being handled and shared.

There’s a reason the industry is so focused on this lately. There’s a reason why I’ve now dedicated a majority of recent blog posts to it.

Categories
Google Internet

Google Should Use Google Wave Against Facebook

Help me Google; you're my only hopeGoogle should use Google Wave against Facebook.

It’s not as crazy as it sounds. I will be the first to say I was unimpressed by Google Wave from a user point of view. I should note Google Wave was pitched as an email alternative, and it’s not great at that job. The technical perspective was pretty impressive. It is however a potentially killer distributed social media network. It will take slight retooling to adjust it for the task, but it is already better suited to compete against Facebook than against email.

It’s actually a pretty good alternative if the UI were better tuned to the task. Allow me to explain:

It’s close feature wise

I won’t go into point after point, but Google Wave can carry out many of the same things that Facebook can. It’s a good way to communicate in an open or closed fashion and each wave can already be granular in terms of privacy. It can be used to share much more than text. It can be used for the purposes of photos or video. It can be extended by third parties utilizing its API. It already has chat support. It’s built on XMPP. It can easily parody Facebook in almost every way already. It can be extended to do what it can’t today. Profiles are the biggest thing it lacks. I suspect that wouldn’t take much to add in. I’m thinking an extendable XMPP vCard from the technical side.

It’s distributed

Google Wave is hosted by Google, but it’s also an open protocol and Google’s releasing chunks of their implementation. That means they can partner with other large companies (AOL, Yahoo, Microsoft, Apple etc.) who can federate and let their users all instantly be part of one huge social network. Users already have “friends” via their address books for email. Importing from other sources is easy, just look how Facebook did it. If Google got AOL, Yahoo, or Microsoft to partner join them they would overnight reach a huge chunk of the Internet population via their e-mail users.

For those who are going to try and argue that Facebook users don’t have email addresses, yes they do. It’s a primary method of notifying users of things other than SMS and is required to signup for an account.

This also means you can host yourself, or use the provider of your choice. Your not subject to Facebook deciding your fate, or any one company.

It would be more private

One of the primary gripes against Facebook is its privacy measures are inadequate. Facebook has motives to force people to be more public. There’s little incentive to help you stay private, since the alternatives are slim. With Google Wave being hosted by several providers they will need to give you more control, or you will just move to a provider that will give you the controls you want. Just like with email. By using your own domain to point to a provider you would have portability of your identity. Once again Google Wave by design is more granular than Facebook. It’s based already around the concept of sharing data. What Google Wave really needs is a robust profile implementation with granular permissions and the ability to bucket contacts to make permissions more manageable.

Despite its UI and marketing pitch, it’s a surprisingly close Facebook competitor.

It would be a healthier ecosystem

Like I mentioned before, Google Wave has a fairly decent API already. What is great about it is that providers would be pressured to provide a robust enough API so that the killer apps exist on their platform. Again, no more reliance on a single source. By standardizing at least a subset of the API developers can target multiple providers and implementors. It also means providers will need to allow for more granular controls over privacy settings for third-party apps or once again, people will be switching.

Google wins too – keeps them in the center of the universe

Google likes to be the center of things, especially information. By doing this Google would still be able to organize a users information in meaningful ways for them, which is really what Google Wave’s main goal for Google is. Google has a major win. Anyone a user trusts to index their information can do so. If the user is paranoid, they can keep totally private. If you really want to be private you could run it on your own private server. If you don’t trust Google, you can avoid them but still join the party.

It would be more permanent

Facebook is still not guaranteed to be around in 10 years. Email however is overwhelmingly likely to still be around. Just like newsgroups and IRC still have their place, even if they aren’t as mainstream anymore. Why? Because they are all open standards and not tied to one companies profitability. I can still find and read old newsgroup posts from over 20 years ago. Feel that confident about Twitter? Facebook? foursquare? How much time do you invest in them?

What about dispora or _______?

diaspora is a clever effort and a noble one getting a lot of press today. It really is. But I think it’s to complex for real widespread adoption, especially in the era of easy to use web apps. It’s true that users flocked to P2P apps despite complexity but that’s because of no alternatives with less overhead. I’d give most of these efforts a 5% chance of any real success.

StarWars is copyright Lucasfilm

Categories
Security

What Facebook Apps Know About You

The ACLU put together a clever quiz on Facebook that lets you see what a Facebook application knows about you.

I doubt most people realize how much they are giving an application, and how unnecessary the information is to the application. There is no legitimate need for something as simple as a quiz to require that much information. And yes, if your friend takes a quiz, your information is shared too.

I mentioned the other day that that Facebook changed the data retention policy. So this gives a little more context regarding what is actually at stake here.

I’ve been unable to confirm if Facebook gives applications the same data for minors (those under 18) as they do for adults. I know they restrict information shared via the website, but not sure if that extends to the API level. If anyone has a minor child and can shed some light on that, I’d be interested to see how they treat privacy of children in Facebook applications. I’m also not sure if they adjust what data is shared for users, in particular children in other countries where laws may be different. If you know, please share. If you can share a few screenshots of what’s revealed contact me (I won’t share unless you explicitly say so).

Yes, I know this is my third Facebook related blog post in a week. I promise to go back to ignoring them soon enough, but the privacy implications of their applications is pretty interesting to say the least. This is especially true if online privacy and security have long interests of yours.

Categories
Security

On Facebook Permitting Longer Storage Of User Data

Previously the rules only permitted storage of some data for 24 hours. Notice I said “rules”. The truth is that there is no technical means of enforcement that I can find. This is done on the honor system. Facebook in theory could look at usage and wonder “how are they doing this without refetching data?”, but monitoring all the apps in that way seems highly impractical. You’d need good knowledge of how the every app actually functions to make that decision. That still doesn’t cover the case of not deleting data when a user removes the application or changes privacy settings.

I’m sure there are some shady application vendors who have forever ignored this requirement. I’m sure some have also captured data they weren’t supposed to store. It seems naïve to think otherwise. That’s not to say everyone does it, or even a sizable number. I suspect most companies are honest and follow the rules. The change to remove the limit is actually more honest and straight forward. It is a step closer to reflecting reality.

Facebook should really have some sort of audit policy for apps over X number of users, or make it clear that there’s no real technical means limiting what an application can store once you share data with it. They don’t know for certain that just because a user deleted an application that the application has purged the data. There’s no technical means behind it, and that’s not something that’s easy to fix.

This is an important thing to clarify. Just because they had a policy of a time limit, that doesn’t equate to a technical solution. This is akin to passing a law that says “no identity theft”. It’s a novel thing to do, but it doesn’t prevent theft. It simply clarifies the official position on the activity. If this method worked, we wouldn’t need law enforcement or a legal system, just a few clever people with pens to write laws.

Facebook can obviously shut down anyone who it feels violated their policies, and can likely take legal action against such parties. I’m pretty sure they shut down applications, I’m not sure about legal action.

Bottom line: only share data if you’re willing to accept this risk. Their clarification of warning dialogs before you authorize an application is a good step in this direction.