Although companies make privacy of users their stated goal, achieving it is easier said than done. People have blown their careers for a careless remark or a confidential bit of information, stashed on the internet, becoming public. Social networks, in particular, and internet, in general, have upended the notions of privacy and led a rethinking on that.
Worrying Leaks Recently:-The security firm Symantec claims millions of Facebook users' personal information has been leaked to third-party companies. The information includes profiles, chat logs, and photographs. In a similar incident, there were two cyber attacks on Sony's PlayStation Network and Sony Online Entertainment services recently. Hackers stole the security details of 100 million users, including emails, birthdates, addresses, and phone numbers.
Data Breach on Facebook:-Writing on Symantec's official blog, the researcher Nishant Doshi, says, "Third parties, in particular advertisers, have accidentally had access to Facebook users' accounts including profiles, photographs, chat, and also had the ability to post messages and mine personal information. Fortunately, these third-parties may not have realized their ability to access this information."
How the Breach Took Place? The breach occurred through Facebook applications, which are web applications that are integrated onto the Facebook. Nishant Doshi continues, "Symantec has discovered that in certain cases, Facebook IFRAME applications inadvertently leaked access tokens to third parties like advertisers or analytic platforms. "We estimate that as of April 2011, close to 100,000 applications were enabling this leakage. We estimate that over the years, hundreds of thousands of applications may have inadvertently leaked millions of access tokens to third parties." Access token are like ‘spare keys' and allow the applications to access the profile information and change it. Users allow the applications to gain access so that they can post, modify, or change their and their friends' profiles. By handing these keys to third-parties, application developers gave advertising and analytics companies a peek into users' profile information.
How It Can Be rectified? "There is no good way to estimate how many access tokens have already been leaked since the release [of] Facebook applications back in 2007. We fear a lot of these tokens might still be available in log files of third-party servers or still being actively used by advertisers. "Concerned Facebook users can change their Facebook passwords to invalidate leaked access tokens. Changing the password invalidates these tokens and is equivalent to ‘changing the lock' on your Facebook profile," Nishant Doshi explains in his post.
Be Warned:-There is also a contradiction of sorts here about posting all the intimate details: everybody knows that at one time or the other the information you post can be accessed by somebody, or can be hacked into, or made public by the websites. Yet people post all sorts of things, and make a hue and cry when those details pop up in unlikeliest nooks and crannies of internet. In her article ‘What the Internet Knows About You,' Jessica Rose Bennett quotes Nicholas Carr, the Author of The Shallows: What the Internet Is Doing to Our Brains, as saying: "Most people are still under the illusion that when they go online, they're anonymous. But every move they make is being collected into a database."
Quick Tips to Cover Your Tracks
• Block cookies
• Don't divulge details for trivial reasons
• Be careful with Facebook applications and know what they do exactly
• Fix your privacy setting on social networking sites
• Shut down your old accounts on social networking sites
{ 0 comments... Views All / Send Comment! }
Post a Comment