Secure your Facebook privacy

May 19, 2008

As the BBC’s technology programme Click recently uncovered, Facebook is outrageously open to applications harvesting information that you have classified private. What is more disturbing is that an application installed on a friend’s account can remotely harvest your private data without you even having to install the same application. As the BBC report notes “It certainly seems that Facebook’s standard security settings are not sufficient to protect your personal information, and those of your friends.”

Click the story here and read Click’s advice on how to minimise the risk of exposing your private information here.

From Click’s website, here are the instructions to safeguard against (or at least, minimise the chances of) your private information going public:

OPTION 1: STOP YOUR DETAILS BEING VISIBLE

You can completely stop any of your details from being visible to applications.

Bear in mind that if you use applications, they are all granted access to certain parts of your profile, whether they need them or not. The only way to be sure no one can see your details, and to stop any of your details being seen by friends’ applications is to tell Facebook you do not want to have anything to do with any applications, ever.

Here is how you do it:

• Log in and click on the “privacy” option at the top of the front page, then on the “Applications” option, then on the “Other Applications” tab.
• Here you can select what Applications added by your Friends can see about you.
• Click the option near the bottom marked “Do not share any information about me through the Facebook API”.
• If you cannot click it, it is because you have applications on your profile already. You will need to remove all of them.

Now, your profile will not talk to any applications at all.

WARNING: Confusingly, if you now try and add an application, Facebook will let you. It gives you the standard warning that your details will be shared, but no extra warnings that you are overriding your privacy settings. It will also flip off the button you ticked about the Facebook API, making you visible to friends’ applications again.

OPTION 2: REDUCE THE DETAILS VISIBLE TO APPLICATIONS

Again, bear in mind that if you use Applications, they are all granted access to certain parts of your profile, whether they need them or not.

It is your responsibility to make sure an application is not malicious – although we have no idea how you can tell.

• Log in and click on the “privacy” option, then on the “Applications” option, then on the “Other Applications” tab.
• Select “Share my name, networks, and list of friends, as well as the following information.”
• Here you can select what Applications added by your Friends can see about you.
• Deselect any information you do not want them to see.

 

Majority favours voluntary code on blogging?

May 19, 2008

Nearly half of all internet users would support a voluntary code of conduct for bloggers and online commentators, according to research published in The Guardian recently. The paper noted that a survey by legal firm DLA Piper said 46% of web users think bloggers should sign up to a code that reflected the laws on defamation, intellectual property and incitement. 

There’s been a fair bit of discussion in the SL blogosphere on civility and blogging with at least one group blog (Moju) shut down on account of trolls. As participants at Fifth International Forum on Online Dispute Resolution – Liverpool, England April 19-20, 2007 we agreed to a Statement on Respectful Communication, one of the first voluntary codes of conduct written for bloggers after the infamous Kathy Sierra incident in 2007.

According to DLA Piper, although a code of practice would not change the law it might help to make bloggers and web users more aware of the legal implications of what they post on the net. 

Growing threats against dissident websites

May 19, 2008

When Cyber Terrorism Becomes State Censorship is a recently Forbes.com article that explores the rise of distributed denial of service attacks, that are being used by governments and other actors alike to shut down websites that are opposed to them.

The most well known example is the attack against Estonia last year, but the article also points to Myanmar’s complete shut down of internet and communications infrastructure for a week and other website disruptions as a growing trend on the internet to quash dissident voices. Though the article does not mention it, China also stands accused of cyber-warfare. 

Sri Lanka itself has witnessed a rise in allegations of “hacking”. These allegations, though largely imprecise, nevertheless demonstrate the growing concern the Sri Lankan government could severely disrupt websites critical of government policies given that the regime has openly called for hackers to shut down websites not to its liking.