re F.C.C. Chairman Spams - and Facebook promptly violates own privacy policy disclosing it,

[Dave Farber <dave () farber net>]

Begin forwarded message:

> From: Ethan Ackerman <eackerma () u washington edu>
> Date: December 31, 2009 8:44:10 PM EST
> To: dave () farber net
> Subject: Re: [IP] F.C.C. Chairman Spams - and Facebook promptly  
> violates own privacy policy disclosing it,
> Reply-To: eackerma () u washington edu

> Greetings Dave,
>
> Facebook's actions in discussing this seems pretty clearly a violation
> of its own privacy policy  (http://www.facebook.com/policy.php   " We
> share your information with third parties when we believe the sharing
> is permitted by you, reasonably necessary to offer our services, or
> when legally required to do so." )
>
> Unless I'm missing something and there's a setting in the facebook
> privacy panel titled "disclose when your account is likely
> compromised" that can be set to "everyone" or "the new york times"
> this is an unauthorized sharing.
>
>
> Sure, it's not a 100% secret as Mr. Genachowski’s friends may have
> known about it, but say the NYT had run an article with a confirmation
> statement from Facebook that yes, in fact Mr. Genachowski’s
> relationship status had changed.
>
>
> (To spread the blame, several Web companies lately seem to have played
> fast and loose with their privacy policies in confirming 'celebrity'
> compromises - see DynDNS's confirmation of Twitter's DNS account
> breach - http://www.securityfocus.com/news/11569  )
>
>
>
>
> On Thu, Dec 31, 2009 at 8:21 PM, Dave Farber <dave () farber net> wrote:
> > Begin forwarded message:
> >
> > From: Simon Higgs <simon () higgs com>
> > Date: December 31, 2009 7:35:08 PM EST
> > To: David Farber <dave () farber net>
> > Subject: Whoops! F.C.C. Chairman Spams Facebook Friends
> >
> >
> > http://bits.blogs.nytimes.com/2009/12/31/whoops-fcc-chairman-spams-facebook-friends/
> >
> > December 31, 2009, 3:20 pm
> > Whoops! F.C.C. Chairman Spams Facebook Friends
> > By BRAD STONE
> >
> > Update | 3:27 p.m. Adding statement from Facebook at the end.
> >
> > Facebook scam artists have closed out 2009 by snagging a prominent  
> > victim: Julius Genachowski, chairman of the Federal Communications  
> > Commission.
> >
> > On Friday morning at around 10:30 a.m., Mr. Genachowski sent his  
> > Facebook friends this puzzling message: “Adam got me started makin 
> > g money with this.” It was followed by a link to a Web page that i 
> > s no longer active. The message blitz indicated that Mr. Genachows 
> > ki’s account had been taken over by a malicious program that was u 
> > sing it to send out spam.
> >
> > As of Friday afternoon Mr. Genachowski’s Facebook profile was no l 
> > onger visible on the site. A Facebook spokesman, Larry Yu, said th 
> > e company learned of the problem this morning and suspended the ac 
> > count, as it routinely does in such cases. An F.C.C. spokeswoman d 
> > eclined to comment.
> >
> > The chairman is by no means alone in getting inadvertently  
> > embroiled in social networking scams that can be embarrassing. I  
> > wrote about such scams earlier this month, noting that the  
> > humiliation sown by these attacks is usually just a byproduct of  
> > spammer efforts to get people to click on various links.
> >
> > It’s not clear how Mr. Genachowski’s Facebook account was  
> > compromised; perhaps he or a family member clicked on a malicious  
> > link, allowing his account to be taken over.
> >
> > The most important question: Who the heck is Adam?
> >
> > Update: Facebook sent this statement, which indicates that if Mr.  
> > Genachowski wants to continue to use Facebook, he will have to get  
> > some education about the safe use of this particular form of  
> > communication.
> >
> >    We take security very seriously and have devoted significant  
> > resources towards helping our users protect their accounts.  We’ve 
> >  developed complex automated systems that detect and flag Facebook 
> >  accounts that are likely to be compromised (based on anomalous ac 
> > tivity like lots of messages sent in a short period of time, or me 
> > ssages with links that are known to be bad).  Because Facebook is  
> > a closed system, we have a tremendous advantage over email.  That  
> > is, once we detect a phony message, we can delete that message in  
> > all inboxes across the site.
> >
> >    We also block malicious links from being shared and work with  
> > third parties to get phishing and malware sites added to browser  
> > blacklists or taken down completely.  Users whose accounts have  
> > been compromised are put through a remediation process, where they  
> > must take steps to re-secure their account and learn security best  
> > practices.  This is what happened with Chairman Genachowski’s acco 
> > unt.
> >
> >    To combat these threats, however, we need users’ help too.  You 
> >  can protect yourself by never clicking on strange links, even if  
> > they’ve been sent by friends, and by being wary of sites that ask  
> > you to download or upgrade software.
> >
> >    We educate people about online security through our Facebook  
> > Security Page, which has well over one million fans.
> >
> > ###
> >
> > --
> > Best Regards,
> >
> > Simon Higgs
> >
> > Archives



-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com