Facebook and Security

21 07 2012

Did you know that if Facebook was a country it would have the third highest population in the world? Why should you care? Well, if you get your privacy settings wrong you could be exposing your personal details, innermost thoughts and candid photographs to a community with more than twice the population of the USA.
Before we get into how you can manage your privacy on Facebook, it’s probably worth spending a little while looking at the ethos behind the company and the ideas of its founder Mark Zuckerberg. Whilst not wanting to put words into his mouth, Zuckerberg’s underlying philosophy is that people should share information about themselves, their interests and their communities. His dream is to create an ‘open information flow’. Whilst that may be commendable, in the early days he drew a lot of flak by making the default settings on Facebook ‘Public’ to help realise that dream. Whilst that has changed in recent months they do occasionally revert to type and bring in new functionality that shares everything with the world again. Not a good place to be if you care about your privacy.
So how do you go about checking what Facebook is revealing about you to the world? Your first port of call is to click on the little downward pointing arrow on the top right of the Facebook screen and to select ‘Privacy Settings’. That brings up a screen with a number of options, so lets work through them one by one.
First things first, set the ‘control your default privacy’ to ‘Custom’.
How you connect – this is the most basic level of connectivity with the Facebook world. Who can see your e-mail address and phone number, who can ask to be your friend and who can send you messages. Each of the options offers you three settings ‘Everyone’, ‘Friends of Friends’ and ‘Friends’. For what its worth I have all three of these set to ‘Everyone’.
Timeline and Tagging – now we’re starting to get a bit more intimite with the community. This is where you start sharing information you post, but also control who can post on your pages (which will also be shared don’t forget). I’m more cautious in this area so I have them set to ‘Friends’, except for the two ‘review’ options which I have turned off.
Adds, Apps and Websites – these are the areas where Facebook moves away from you and your world into a much more commercial arena (with you as the focal point). You are now entering the Marketing space and these people want to get your details. Some want to sell you things, some want your endorsement so that your friends will buy things and some are just plain criminal. Click on the first entry and you will see all of the things that you are allowing to access your Facebook details. Thought you had this tied up in the ‘Timeline and Tagging’ settings? Think again! When you clicked on that fun app which let you do something on Facebook and selected the ‘allow to share’ option (and of course you could not use it if you didn’t), did you realise that you have just exposed a whole heap of your details to an unknown company for them to do with as they wish? Have a wander down that list and delete those which you no longer want to be part of. Also, check the last two entries on this screen ‘Public Search’ and ‘Adverts’. The first reveals how much you are exposing to ‘strangers’ when they search for you via a search engine such as Google. the second is a classic Facebook activity’ “We aren’t doing this yet, but if we were this is what would happen”. I’ve set both of these to ‘no-one’. Back to the main list and the next option allows you to retrospectively limit past sharing activity.
Limit the audience for past posts – this is a ‘nuclear option’ but in essence it means that in one stroke you can remove all of the ‘friends of friends’ or ‘public’ access to historical posts. This can’t be undone in a single stroke though.
Blocked people and apps – this is where you can block the stalkers, or those persistant apps which keep trying to make you join them.
So there you have it. Privacy on Facebook is much more granular than it used to be, but you do need to keep an eye on it, just to make sure nothing has ‘reverted’ since you last checked.
In my next post I’ll dig deeper into the world of Facebook from an information security perspective, looking at steps you can take to protect yourself in your posts and sharing some of the Facebook disasters that continue to appear.
As always, if you have any thoughts or comments then please get in touch.

Until next time, surf safely.





Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: