Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Sophos Warns On Rogue Facebook Application

Sophos : 18 January, 2011  (Technical Article)
Application on Facebook is able to recover home addresses and telephone numbers from user profiles warns Sophos
IT security and control firm Sophos is advising users of Facebook to remove their addresses and phone numbers from the site, after the social network plunged itself into controversy by announcing to developers that users' off-site contact details will now be accessible programmatically.



In a move that, in the opinion of a Sophos security expert, could herald a new level of danger for Facebook users, third party application developers are now able to access your home address and mobile phone number.



"This change isn't as drastic as it might first appear, because users will need to give permission for third-party Facebook applications to access this data," explained Graham Cluley, senior technology consultant at Sophos. "But it still sounds like a recipe for disaster, given the prevalence of rogue scam applications already on Facebook - all of which benefit from apparently being blessed by the Facebook name and brand."



Facebook is already plagued by rogue applications that post spam links to users' walls, point users to survey scams that earn them commission - and sometimes even trick users into handing over their cellphone numbers to sign them up for a premium rate service.



Now, rogue app developers will find it easier than ever before to gather even more personal information from users.



Sophos believes that Facebook should be making a more publicly visible effort to eliminate rogue application providers first, before opening up such valuable and easily abused personal information to its developer community.



"Facebook told its alleged one million app developers how to ask users for permission to access this newly liberated data late on Friday night, but we already know many users don't bother reading the small print and just click the button without thinking of the consequences," continued Cluley. "What they've failed to do is explain how Facebook will become more safety-conscious now that it has taken this controversial step."



Suggestions are flying around Twitter that users should change their mobile number to that of Facebook's US customer service line, thus ensuring that any misuse of this new feature ends up paining Facebook.



Sophos advises that all Facebook users do the following:



* Remove your address and phone number from Facebook immediately. If Facebook doesn't have this information, it can't let it fall into the wrong hands. And you can't be accused of deliberately giving false information.



* Review all your Facebook privacy settings.



* Join the Sophos facebook page for ongoing information about security risks and how to avoid them.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo