Printer-friendly version
Author:
Taxonomy upgrade extras:
This is a general warning to everybody out there using facebook particularly if connected to your computer and mobile phone.
These is a fishing scam doing the rounds where a site that looks very like Facebook appears on your puter when you seemingly log into facebook.
They garnish your password then use it to hack into any other sites that might have your same password.
My advice is to stop using Facebook until they improve their security, though God knows when that will be, and then change all your passwords!
Beverly.
Comments
FB Security
Facebook seemingly believe that everyone wants to share everything they do with everyone else. It is possible to restrict which users can see your profile, unfortunately many FB applications are notorious for using data from your profile they should have no business viewing (i.e. information not actually needed to use the application), and even if you have your profile clamped down using the privacy settings, apparently to someone in the know, it's very easy for them to obtain your name, profile picture, email address and friend list. And of course with many websites offering authentication via OAuth to Facebook, the possibilities for miscreants to get hold of your password are numerous (just provide a fake FB OAuth button and fake FB login page). I'd assume though that if you check your browser's address bar, you'd be able to tell if the URL is a genuine FB one or some other site.
And for fairly obvious reasons, it helps if you use a different password for each site you visit, although not many people can easily remember dozens of different passwords. If you're happy enough to take the tiny risk of a third party holding your passwords (albeit in 256-bit encrypted form), there are password manager plugins available for most browsers, which only require you to remember a single master password (which in itself is encrypted before sending onto the website) while having unique randomly generated passwords for every site you visit; which makes life easier. Although it's still a good idea to put a copy of the encrypted password database file and the software on a USB flash drive, just in case something untoward happens to the password manager's website...
Phishing is one of the few areas FB are actually taking seriously - apparently they're rolling out allowing you to use One Time Passwords to access the site... but only if you live in the USA and have given them your mobile phone number (so they can text you the OTP). I imagine in time that will be rolled out across other countries, as/when they can do deals with the various international mobile networks.
There are 10 kinds of people in the world - those who understand binary and those who don't...
As the right side of the brain controls the left side of the body, then only left-handers are in their right mind!
Parsley or mint
My own solution has been, and will be, to avoid FB completely.
Having two geeks as sons (and being somewhat of the persuasion myself) I was warned right back at the start what the likely evolution might be. The course seemed clear even then.
Firstly, a company intent on accumulating every byte of data in the world and indexing it had stopped - or rather redefined (more heinous IMHO) - "not doing evil" and taken commerce's shilling. Secondly, another well-known company, aggressively commercial from the outset, had long demonstrated that when your impetus for writing software is money and you lust after 100% market penetration, malefactors gather at your gates. So if the model failed, there was no point, and if it succeeded I did not want to be part of it. I like privacy and some control over my personal life.
BTW - there is an interesting use of the word "garnish" here. It is grammatically accurate but perhaps shows too much of life immersed in commercial (maritime?) law?
I would have used "garner", but "garnish" made my day: I immediately imagined a GoogleDoodle version of my password decorated with Mint and Parsley!
Or parsley sage rosemary or thyme
ecommerce sites and yahoo email are bad enough so why would I want to share my life with all the rest of the world through somebody who says 'trust me'? There's no free lunch in this world has always been the standard I live by and farcebook is just another scam.
Kim
FaceBook smacked me
2 weeks ago with touching a friend's Facebook page, and a keystroke logger spyware was hidden in a cookie, which I later found through scanning, that had enabled someone to hack my World of Warcraft account. No more Myspace or Facebook pages for me to touch ever!!!
Sephrena
Wormy Facebook and other sites
I have two FB accounts; one I let non-Muslim friends see, and the other, yep you guessed it. I never talk about T things on either. Yet, they have mysteriously become "connected". My Yahoo Mail account was recently "wormed" and it caused many people who know me a huge inconvienence. This morning, I see that my google account has the same problem, so both accounts now have 14 character passwords.
FB and I are now anathema.
Gwendolyn
Games
I only use it to play games. But it is kind of annoying that everyone can see your private information.