I recently co-authored an article with Jennifer Leggio from ZDNet on the Fifteen significant social media & security events of 2009. Be sure to check it out as there were *many* high profile attacks on social networks and their users this year. The article also provides a preview of what we might see in 2010. Thanks again to Jennifer for putting this article together!
Facebook Privacy & Security Guide Video Released
I finally got around to recording and editing the video walkthrough of the Facebook Privacy & Security Guide.
The video clocks in at about 18 minutes. I also included information about email/text alerts, how applications work, Facebook Ads, and how to hide your friends list from public searches. Stay tuned for other guides and videos for MySpace, Twitter and LinkedIn.
Want to help with these guides and videos? Join the volunteer mailing list or send me an email at feedback [At ] socialmediasecurity.com.
Facebook Privacy & Security Guide v2.0: Updated with New Privacy Changes
I have updated and released version 2.0 of the popular Facebook Privacy & Security Guide. Version 2.0 reflects the recent changes that Facebook made to it’s privacy settings. In addition, I added a new section titled “Blocking and Creating Friend Lists” and expanded on how your Name, Profile Picture, Gender, Current City, Networks, Friend List, and Pages are now publicly available information.
Download the new version of the Facebook Privacy & Security Guide here.
You can also get to the guide from: and from the top of Socialmediasecurity.com under “Guides”.
Can you remove public access to your friend list?
One tip I didn’t have room for in the guide around these new changes is the following. You can remove the ability for your “Friend List” to be viewed in public searches by selecting the Edit “pencil” in the Friends box on your profile page and unchecking the box. Here is a screen shot of this. Unfortunately, this control is all or nothing but the good news is your Friends can still see your friends list. You may also want review your application settings so application “boxes” are not showing on your public profile as well. More information can be found on Facebook’s blog post about these issues (hat tip to @mubix for pointing this out).
Like before please send any feedback on the guide to feedback[ aT ]socialmediasecurity.com. The companion video is being worked and should be up shortly as well.
New Version Released: Facebook Privacy & Security Guide
Facebook has made some changes to the privacy settings for Facebook profiles since the last time I updated the Facebook Privacy & Security Guide which was back on it’s original release (October 2008). As with all things on the web…we want to keep this guide as current as possible so users of Facebook know how to configure each of the privacy settings in their profile. Updates in this version (v1.1) include:
- News Feed and Wall settings have been updated. Facebook removed settings such as “time and date” and streamlined other settings
- I have provided more information on how Facebook applications work and how you should configure your application privacy settings based on if your friends install an application
- Updated information about Facebook Ads, Facebook Connect settings and Beacon websites
Click here to download the new version of the Facebook Privacy & Security Guide (v1.1)
(if you are downloading this to your browser, be sure to clear your browser cache prior to downloading as you may have the old version in your cache. Better to do a “Save Link As…”)
As usual, please send any feedback about the guide to feedback[aT]socialmediasecurity.com or post a comment below. As a supplement to this guide, stay tuned for a video walk through which we plan to post on YouTube and also make it available for free download. If you have any other suggestions for user awareness guides, articles, video’s etc…consider joining our mailing list.
Vote for Inherent Dangers of Real-Time Social Networking panel at #SXSW
We were happy to see that one of the panels up for selection at the South by Southwest (SXSW) Interactive Festival next year (March 12-16, 2010) is a panel about the security of social networks called “Inherent Dangers of Real-Time Social Networking”. The way panel selections work st SXSW is that they are up for open voting which ends on September 4th. Basically the voting works like this (from the SXSW site):
“SXSW is a community-driven event. So, knowing what kinds of topics you want to hear at the event next March is extremely important to us. Your voting accounts for about 30% of the decision-making process for any given programming slot.
Also important is the input of the SXSW Advisory Board, which is a group of industry professionals from across the US and around the world. The final part of the panel decision-making equation is the input of the SXSW staff.”
So yes, you have a big part in the selection process! This panel includes the following participants:
Jennifer Leggio (@mediaphyter), ZDNet
John Adams (@netik), Twitter operations and security incident response team
Damon Cortesi (@dacort), security consultant at Sevicron, founder of TweetStats, Twitter app developer
Mike Murray (@mmurray), CISO of Foreground Security
Awesome, awesome group for this panel. Here is the description of the panel (from the SXSW PanelPicker site):
“There’s plenty of chatter about social media and security issues, from social engineering to the naïveté of users. This panel of experts will explore how cyber criminals are taking advantage of socnets flaws and lack of user awareness, and what both individuals and companies can do to help protect themselves.”
Since this is one of the biggest media conferences of the year, we highly encourage you to vote for this panel. This will be one not to miss if selected! What are you waiting for? Go vote now!
Sex Offenders in IL Banned from Social Networking Sites
There was an interesting post on Mashable today about a new law that was just passed in Illinois by the governor Pat Quinn. Basically, it bans sex offenders from using social networking sites. The problem is that social networking is so loosely defined that this could mean any news site or blog. Think about Facebook Connect or anything that shows a profile picture with media links and/or text. In addition, how would this stop a sex offender from using an alias and/or fake name on these sites (if you can even define what these sites are)?
There is some interesting conversation brewing around this one especially around the fact that just by peeing in public you are considered a sex offender in 13 states!