facebook security Tag

The Evolution of Social Network Security

Picture 3-20-2014There’s an odd conflict in the world of social networks regarding privacy. Although social networks tend to be an arena for users to share information with everyone that they know, no matter if these are truly friends or mere acquaintances, the overall privacy of these social network profiles is constantly a hot-button issue. People want to be able to share private information with other Facebook users that they befriended after meeting them once in a bar, but are up in arms if that same information is accessible by strangers or the government. Though this split is a little bit silly in some ways, there are some genuine concerns to be had here and it is generally believed that Facebook and other social networks are doing what they can to protect what their users might consider private information.

The fact of the matter is that social networks are ripe for security breaches. Considering many social network users do not think about if the information or pictures they are posting might be made public, it has not been difficult for hackers (or even government agents) to access potentially damning information about social network users. The NSA has been confirmed to use fake Facebook servers to install malware on computers so that they have an easier time monitoring unsuspecting social network users.

It’s not just Facebook that’s been ripe for privacy breaches. Twitter and Snapchat have had issues with leaked usernames and passwords, which Snapchat responded to at the beginning of the year with privacy updates to its iOS and Android apps. It has been stated that Snapchat has added internal restrictions that make it more difficult for hackers to access private information such as usernames and passwords and Snapchat has also added security features allowing Snapchat users to opt out of the ‘Find Friends’ feature that uses their cell phone number.

Facebook has recently made their work on security a little bit more public so that Facebook users can see exactly what is being done in order to keep their own information private from hackers, government agents, and anyone else that might try to breach security. Some, however, do not trust Facebook regarding its relationship with privacy, and believe that Facebook’s acquisition of WhatsApp will lead to a lack of privacy in the popular messaging application as well.

One social networking and messaging application, Wickr, is already well-known for its impressive security and encryption features. The company has found a way to monetize their ‘Security Suite’ by offering it for sale to other social networks that wish to implement the level of privacy that is currently offered by Wickr, which has never sold user data or allowed any user data to be accessed by others. Wickr’s ‘Security Suite’ could be the wave of the future when it comes to social networking privacy.

Recent Security Breaches for Social Networks

Picture 1-2-2014In early December, it was revealed that there had been yet another massive breach in social network security, as 2 million passwords were stolen in a hack that affected accounts for Facebook, Google, Twitter, Yahoo, LinkedIn, and more. The hackers, who are believed to have originated from the Netherlands, were using a virus that allowed them to access information for more than 93,000 websites, including many major social networks.

More recently, it appears that the security of Snapchat has also been compromised. A recent hack resulted in information regarding 4.6 million accounts getting posted on a website known as SnapchatDB.info. Though the site has since been suspended, the hackers were able to get information regarding phone numbers and passwords for all of these individual accounts.

According to the people behind Snapchat, the hole that allowed for this security breach has been sealed. However, some people believe that Snapchat’s response to the hack is evident of their existence as a very young startup company. One particular issue is that a group of ‘white hat hackers’ – people who find holes in security so that companies can prevent these kinds of breaches – had explicitly told Snapchat that there were holes that could be exploited. Yet Snapchat ignored this and didn’t even admit to their mistake in not listening when they released a brief statement regarding the breach.

Though these breaches in security have been unfortunate for a lot of people, one website is trying their hardest to help people find out whether or not their account has been compromised. The website ‘haveibeenpwned‘ allows people to enter their e-mail addresses that are used for these accounts to find out if theirs are among the accounts that have been compromised by any of these recent breaches. The website checks Adobe, Snapchat, Stratfor, Gawker, Yahoo!, Vodafone, Pixel Federation, and Sony accounts.

Personal Data from Millions of Facebook Accounts Published in Torrent

Up until recently, concerns over Facebook’s privacy settings and policies have been largely hypothetical, but that all changed today when Ron Bowes, an internet security consultant, uploaded a torrent to the web with personal information on 100 million users. Facebook has come under severe scrutiny in recent months for holes in their privacy settings and policies, and this recent divulgence of data exemplifies the amount of personal information that many Facebook accounts make readily available.

It should be noted that Bowes simply used information that was already open to the public by only including searchable Facebook profiles. So the information in his list could be acquired through a simple search engine query. The purpose of releasing the information was to raise people’s awareness of how much personal information they make available online, Bowes said.

(more…)