More Facebook trouble afoot?
From vnunet.com 25.03.08
Security researchers claim to have uncovered a new wave of attacks in which profiles on Facebook are used to post images of child torture.
The attack was reported by Chris Boyd, director of malware research at FaceTime Communications.
"I am still trying to process this, but one of my close contacts has confirmed there is someone going around either hijacking, hacking or phishing user accounts on Facebook, then randomly uploading pictures of child torture to their funwall," he wrote.
I really wanted to put the series of Facebook-related posts to bed by now. It seems like I've been blogging my feelings about the social networking site and other news stories relating to it all too frequently in the last few months. That said, there's a lot that merits discussion when it comes to the darker side of Facebook.
Regarding this latest story, account hijacking is always a big risk for any large site with sign-in facilities. When you get so many users, trouble often ensues: you become a bigger target for hackers, users still insist on choosing insecure passwords, 3rd party applications often bring in unwanted security threats etc. Still, Facebook just seem to be making a bad name for themselves. What with Facebook's plan last year to sell their users' personal information and the multitude of privacy issues that I've highlighted previously on law actually, here's to hoping that the millions of users that flock to Facebook everyday, soon wake up and smell the coffee.
With so many applications being written for Facebook now - coupled with users' propensity to litter their pages with them - it was only a matter of time before trouble reared its head. And let's face it: Facebook is a potential hotbed for all kinds of malware and vulnerabilities to thrive; a digital ambush just waiting for the millions of FB users around the world to sign in and join the party. Arguably, Facebook should be doing more to actively guard against vulnerabilities that its users are subjected to. It would be much better for security purposes if all Facebook apps needed to go through a strict verification process and be 'signed' by Facebook before release. Creativity and freedom for developers must sometimes take second place behind ensuring a safe and secure experience. For instance, what Apple have elected to do with 3rd party applications for the iPhone - since recently announcing they would officially release an SDK for developers - is a credible paradigm that Facebook would do well to mimmick.