funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Facebook account security

From: "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rMslade () shaw ca>
Date: Sat, 15 May 2010 12:23:29 -0800
Date sent:              Thu, 13 May 2010 21:42:15 -0800
From:                   "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rMslade () shaw ca>


http://blog.facebook.com/blog.php?post=389991097130


OK, I've just had yet another "friend" request, so I decided to log on to Facebook 
and deal with it.

Lo and behold, this "security" option isn't optional: facebook now seems to 
demand that you "register" your computer.  There does not appear to be any way 
to get at your Facebook account otherwise.

Oh, and I had a look at the Privacy settings, which, the other day, weren't 
settable.  They were today, and I tightened them up, some (even though I never 
have put a lot of info on Facebook), and came across an interesting one, dealing 
with applications.  Not what applications can know about me (that still seems to 
be the default "everybloodything," and is not settable), but what information is 
made available about me when one of my "friends" uses an application:

"When your friend visits a Facebook-enhanced application or website, they may 
want to share certain information to make the experience more social. For 
example, a greeting card application may use your birthday information to 
prompt your friend to send a card."

So, anybody who is a "friend" with me, and who is stupid enough (despite all I tell 
them) to use any application on Facebook *OR ON ANOTHER SITE THAT HAS 
A DEAL WITH FACEBOOK* gets to access *my* info?

(I have unchecked everything ...)

======================  (quote inserted randomly by Pegasus Mailer)
rslade () vcn bc ca     slade () victoria tc ca     rslade () computercrime org
If you're not failing every now and again, it's a sign you're not
doing anything very innovative.                        - Woody Allen
victoria.tc.ca/techrev/rms.htm blog.isc2.org/isc2_blog/slade/index.html
http://blogs.securiteam.com/index.php/archives/author/p1/
http://twitter.com/NoticeBored http://twitter.com/rslade
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: