Facebook Faux Paux Reveals Private Data

Tuesday, January 18, 2011



Changes made to a permissions dialogue box have created yet another risk to privacy for users of the social network Facebook.

Cnet reports the misstep now makes some private data like addresses and telephone numbers available to third party application developers.

An article on the Facebook developers blog reveals that subtle changes were made to the permissions pop-up that appears when users download a third-party application.

Aside from the usual request to access information like the user's name, gender and friends list, the pop-up now includes a request for permission to access the user's address and cell phone number.

The change is subtle enough that most Facebook users are apt to allow the application to access this data without even noticing the additional information has been added to the request.

Privacy advocates worry that bogus applications may be developed solely for the purpose of harvesting this information, which could then be sold to marketers or used for criminal schemes such as identity theft.

Graham Cluely of Sophos writes of the problem: "Wouldn't it be better if only app developers who had been approved by Facebook were allowed to gather this information? Or--should the information be necessary for the application--wouldn't it be more acceptable for the app to request it from users, specifically, rather than automatically grabbing it?"

Cluely recommends users remove some private information entirely from their Facebook profiles.

"My advice to you is simple, remove your home address and mobile phone number from your Facebook profile now."

Zack Whittaker has crafted The Definitive Facebook Lockdown Guide, a collection of fairly simple steps to ensure your Facebook account is not not doing you a great disservice.

The guide covers privacy, applications, authentication, and other security issues Facebook users should be at least mildly acquainted with, lest they be taken advantage of by scammers, identity thieves, or unscrupulous marketers and application developers.

Taking a few minutes of your time to implement guide's recommendations could save you many hours of heartache down the road.

Possibly Related Articles:
Facebook Identity Theft Privacy Application Security Social Media Headlines
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.

Most Liked