Skip to content

Posts tagged ‘Facebook’


Pic of the Week: Assange vs Zuckerberg

Stumbled across this picture this week, and although it’s quoting Bill Hader playing as Julian Assange in the Saturday Night Live skit below, I feel the message still makes a point. It’s probably worth reminding people that Assange was voted for Person of the Year by the readers of TIME magazine. In that same vote Zuckerberg came in at a lagging 10th place. I know… how Zuckerberg got it confused me too.

[Update] Here’s an Assange/Zuckerberg mashup picture of the quote above:


Plugin to Disconnect: Regain Browsing and Search Privacy

Ex-Google employee Brian Kennish has been developing a web browser plugin dubbed ‘Disconnect‘, which aims to restore users’ web browsing and searching privacy on a number of major sites. The plugin, which current supports Google, Facebook, Digg, Twitter and Yahoo, blocks uniquely-identifying cookies which are used to track individual users’ browsing activity and searches. Brian also created ‘Facebook Disconnect‘ which prevents Facebook from tracking you on any website that uses the Facebook Connect functionality.

Both of these plugins de-personalize your normal browsing and searching, whilst allowing you to continue using services like Google and Facebook normally. You can see which cookies are being blocked in real-time, and unblock any that you may want. Note that the search de-personalization currently only works on the domain (not local country domains).

At the moment these plugins are only available for Chrome and RockMelt (a new social media-embedded browser I just heard of), but a Safari extension and Firefox add-on are on the way!


Facebook Announces Centralized Messaging

Facebook LogoI was tempted to title this post “How Mark Zuckerberg Reads Your Email”, but never mind…

Facebook today announced that they have developed centralized messaging functionality, which will allow people to communicate over a variety of different mediums ‘seamlessly’. Soon you’ll be able to send your friend a text message, who will receive it as an email (or chat, or message, etc). Facebook have basically created a mechanism where any text-based communication media to or from an individual will be organized into a single thread.

In theory I find this to be a great idea. Seamless messaging is something that would solve many problems, and make life a bit easier. Unfortunately there are a few issues that I can see:

  1. Centralized Messaging: By virtue of this service’s actual design, I’m concerned about storing absolutely all of one’s communication in one place. Currently if someone can get into your email, they can read your mails; if they can get into your Facebook, they can read your messages and chats; if they can steal your phone, they can read your SMS. If someone adopts Facebook’s approach to centralized messaging, all of their correspondence is in one place. This means that if your account, or Facebook itself, is compromised, the entirety of your correspondence is compromised.
  2. Non-synchronous Communication: Let’s face it… if I want to chat to someone, I will knowingly use a chat client. Why? Because I’m prepared for that style of short and quick communication. Email, on the other hand, is not as agile. Although it’s not uncommon to rapidly exchange several emails in the space of five or ten minutes, you wouldn’t want to have a full conversation using that medium. The issue here is that people who prefer chat or SMS, will attempt to communicate with people who prefer email or messages. Each medium invokes a different behaviour and expectation.  As a result, an email user will receive tons of really short chat-style one-liners filling up their inbox (with subjects as “(No Subject)”), and SMS users will (somehow) be receiving long-ass messages from email or message users.
  3. Perpetual Storage: At the moment if I send someone an SMS, I know that message will probably get deleted eventually when they choose to prune their texts. I also have a tiny bit more faith that SMS isn’t as easy to intercept, and generally only the person with access to the corresponding phone will be able to read it (as opposed to email where anyone with the username/password or able to intercept the network traffic can read them). If I send someone a message on AIM or some other IM, that message will usually only be logged on their local machine (if at all). In this new model, Facebook users, as well as non-Facebook users corresponding with Facebook users, would be delivering their conversations to Facebook for perpetual storage (they advertise this as a feature). Note that it’s not yet possible to delete an individual message from a conversation – you’d have to delete the entire conversation.

I want to like this feature, and to be honest centralized messaging in some form (not necessarily Facebook’s) is the future. Unfortunately that will mean entrusting much of our correspondence to some entity, and that entity (be it Google, Facebook, or someone else) will undoubtedly come under fire for having such a dangerous amount of insight and monopoly over the way we communicate.


Facebook Game Producer Sued for Privacy Infringements

Facebook LogoZynga, developers of many popular Facebook games including Farmville, Mafia Wars and Texas HoldEm, are being sued (class-action style) in Federal Court for supposedly transmitting sensitive personally identifiable information about their users. Zynga users are forced to provide information such as name, gender and address when registering. Passing this personal information onto a third party is a violation of Facebook’s own ‘privacy policy’, as well as certain state and federal laws. The Wall Street Journal recently carried out an investigation into Facebook’s privacy practices, and found that many Facebook apps transmit personally-identifying information.

If the lawsuit is successful, Farmville users will be compensated with three cows and a donkey each. *snicker*


Facebook Introduces One-time Passwords and Remote Log-out

Facebook LogoHot on the heels of my last post about Facebook’s Suspicious Login Tracking,the social networking site has just introduced two additional authentication/session security mechanisms. The first news item is the introduction of one-time passwords, with the aim of increasing account security for those who log into Facebook on public or shared computers.

The proposed one-time password mechanism would require you to register your mobile phone number with Facebook. You would then be able to text “otp” to 32665 (currently U.S. only), and Facebook would send back a single-use password for your account that expires after 20 minutes. This feature will become available in the coming weeks.

Although it’s a good idea in theory, and helps mitigate against malware or key loggers, it also makes targeted attacks more easy to perform. It is easy to lose one’s phone, or even leave it unattended. If an attacker can get to your phone for a minute, they may be able to get a one-time password for your account. How Facebook actually implements this remains to be seen.

The second feature they introduced, available now, is the ability to remotely sign-out a session. Remember that time you logged in to Facebook at your friend’s house, and forgot to log out, resulting in a slew of embarrassing posts and images being posted on your behalf? With this feature you may have been able to prevent that by logging in to Facebook and then killing that session. I think this is a great feature, and would be useful in other long-session-based services such as Gmail.

Facebook Remote End Session

You can find this by going to Account -> Account Settings ->Account Security. Your current session will be showed under ‘Most Recent Activity’. If you see anything under ‘Also Active’ that you don’t recognise, just click ‘end activity’ and Facebook will delete the server-side session ID for that session.


Disable Facebook Places – or – Location-Stalking for Fun and Profit

In a direct strategic offensive on Foursquare’s service and a long-term plan for world domination, Facebook recently introduced their own service dubbed Places. These two services allow users to ‘check-in’ to virtually any venue/event, thus sharing their location with friends (or the world). This introduced an awesome new sport known as Foursquare stalking where one could follow the check-ins of known or random people (eg. by searching for on Twitter Search), call up the venue they are currently at, and ask to speak to the person… and then doing this for every location they check-in to. Tremendous fun. The guys at PLA Radio had fun prank-calling people using this, with amusing results.

Apparently the bald fat guy below just got home. Since he is kind enough to post the actual location of his domicile, all a thief has to do is wait until he checks-in somewhere far away, and then proceed to leisurely rob him of all his stuff. Sorry baldfatguy… didn’t mean to pick on you but you were at the top of the list.

Foursquare Tweet

Surely Facebook’s entry into this domain will allow for more stalking goodness. Another interesting perspective is using Places to create an alibi by spoofing one’s GeoLocation. Anyway, onto the essentials. At least most of us can just avoid using services like Foursquare… but if you have a Facebook account, it’s yet another privacy setting you will have to set yourself.

To Disable Places: Log in to Facebook and go to the Privacy Settings. Click on Customize Settings at the bottom, and then modify the Things I Share settings (you will need to select Custom from the dropdown menu in order to choose Only Me). These settings are only important if you do actually use Places.

Facebook Places Settings

Next go down to Things Others Share, and uncheck Friends can check me in to Places.

This one is particularly important as it prevents trigger-happy privacy-ignorant friends (you know, the ones who take photos of everything at a party only to upload them the next day and tagging everyone) from checking you into every location you ever go to in their presence.
Friends can check me in to Places
Facebook have provided a video which explains how to control your Places settings.