Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Facebook design change left hole in security of user privacy

Sophos : 16 July, 2008  (Technical Article)
Sophos warns of need to protect private data from social networking sites as flaw was revealed in new Facebook design which allowed full access to private user profile data
IT security and control firm Sophos has warned computer users that Facebook accidentally publicly revealed personal information about its members, which could be useful to identity thieves. Earlier this week, the full dates of birth of many of Facebook's 80 million active users were visible to others, even if the individual member had requested that the information remained confidential.

According to Graham Cluley, senior technology consultant at Sophos, a security slip-up by the website during the process of a public beta test of its new design for members' profiles, left birth date information exposed.


'I was shocked to see people's full date of birth revealed, even though I knew they had their privacy set up correctly to supposedly hide the information,' said Cluley. 'It's essential that users of social networks should have confidence that their privacy will be protected - and it's especially important with information like your date of birth, which can be a golden nugget for a committed identity thief.'

Cluley says he informed Facebook as soon as he discovered the flaw, which now appears to have been fixed.

'It's good that Facebook fixed the problem - but can people feel confident that this kind of mistake won't happen again in future?' he asked. 'My advice to Facebook users would be, even if your date of birth is set to be non-visible, change it to a made-up date in case this kind of blunder happens again. Facebook and other social networking websites need to be more careful about protecting their members' data, or risk losing users.'

Sophos recommends that dates of birth on Facebook should not just be hidden, but also fictional.

Sophos noted that birth dates were exposed via the new design that Facebook is trialling for its personal user profile pages. According to the Facebook developer's blog, Facebook will start rolling out the new profile page design to users this week.

Last year, Sophos published results of a identity theft probe into Facebook which uncovered that 41 percent of users, more than two in five, would divulge personal information - such as email address, date of birth and phone number - to a complete stranger.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo