I was really taken aback when I read this news this week that the Facebook CEO says "Privacy is no longer a concern" and that "sharing information online is the new social norm"! I'm shocked and I'm not sure if he really thought of anything more than running his own business successfully. I think the reality is "social networking is the new norm and privacy is becoming a concern more and more. Facebook/Orkut should ensure privacy of the information".
That said, I do not under-estimate the complexity of the problem they have on hand. It is not as easy as it sounds (if it did). Bringing up literacy on -- privacy of confidential information, the way the data leaks, do's and dont's, is more than difficult in reality. The fundamental problem as I said earlier in one of my posts is that, the users are mostly common men. No one can blame them; there are many such cases in real life. I still drive my car without knowing how a Common-Rail-Diesel-Engine (CRDI) works -- but there I never had/have to. Hmm, that's not the case with the Internet.
I see so many issues around with more and more social networking platforms coming up with more and more vulnerabilities. Sure, the social networking sites provide a means to collaborate and share info; but how many of us ensure that the info we share reaches "only" the people we intend to share with!! and that's where the problem is. There is so much private info shared all over these sites, that I bet, you can unlock one (out of say 200) of your friends' mailbox using 'forgot password' feature just by visiting their profile. We can't blame the email providers, as if they go any stricter than this, the actual user doesn't remember them too to recover his own password! Still, the email providers are forced to come up with more and more security options. If this is the case with a mailbox, imagine banking!! omg! Don't be surprised if you are asked with a security question like 'who is the best friend of your father-in-law's second sister's husband?' ;)
People are so happy to have more and more online friends. The "count" is all that counts. What they don't think about is that, people whom they don't know are also going to be treated equally with their best friends in terms of sharing info. Sure, the websites offer granularity and options to group friends and control the privacy settings. But how many know it / use it? Not many. Apparently, the ones who are consciously handling the privacy settings are the ones who share the least already! And all this does not happen consecutively for someone to remember. I might add 5 friends this week and I might end up sharing a confidential information after 6 months. I may not remember that I had those totally "online" (and possibly virtual) friends, but they now have the info that I don't want them to know. In spite of the websites (like facebook/orkut) warning the users, it is difficult to enforce this. Users are mostly in a hurry to share and go read what others have shared. At some point, the users only look for an easy way to get rid of that popup and get back to business -- unfortunately defeating the whole idea of those warnings!! but that's reality. Sometimes I feel really odd when I see the privacy setting for 'friends of friends' -- this doesn't make sense to me at all. In spite of you being extra careful on sharing info, this might just screw up the entire deal. To me, a friend of my friend should belong to 'Everyone'. In security, one should consider the worst case as default.
I've read and also realized that there is a lot of encroachment happening into the privacy of the individuals without they knowing about it. It seems there is a concept catching up called 'virtual friends' wherein, bots (computer programs) try to create friendships with unknown people. There was also a study that says many people have the tendency to accept unknown online friends. I can tell you that recently the number of friend requests that I get on both orkut/facebook have increased and believe me, I don't know most of them. With more and more real people having funny names on their profiles, it is obviously getting easier for bots to deceive us. I might have rejected some real friend requests because they sounded abnormal. Maybe someone (or many) somewhere is making the grounds; silently gathering info; or waiting to.
and someone out there says privacy is no longer a concern!! hmmm...
That said, I do not under-estimate the complexity of the problem they have on hand. It is not as easy as it sounds (if it did). Bringing up literacy on -- privacy of confidential information, the way the data leaks, do's and dont's, is more than difficult in reality. The fundamental problem as I said earlier in one of my posts is that, the users are mostly common men. No one can blame them; there are many such cases in real life. I still drive my car without knowing how a Common-Rail-Diesel-Engine (CRDI) works -- but there I never had/have to. Hmm, that's not the case with the Internet.
I see so many issues around with more and more social networking platforms coming up with more and more vulnerabilities. Sure, the social networking sites provide a means to collaborate and share info; but how many of us ensure that the info we share reaches "only" the people we intend to share with!! and that's where the problem is. There is so much private info shared all over these sites, that I bet, you can unlock one (out of say 200) of your friends' mailbox using 'forgot password' feature just by visiting their profile. We can't blame the email providers, as if they go any stricter than this, the actual user doesn't remember them too to recover his own password! Still, the email providers are forced to come up with more and more security options. If this is the case with a mailbox, imagine banking!! omg! Don't be surprised if you are asked with a security question like 'who is the best friend of your father-in-law's second sister's husband?' ;)
People are so happy to have more and more online friends. The "count" is all that counts. What they don't think about is that, people whom they don't know are also going to be treated equally with their best friends in terms of sharing info. Sure, the websites offer granularity and options to group friends and control the privacy settings. But how many know it / use it? Not many. Apparently, the ones who are consciously handling the privacy settings are the ones who share the least already! And all this does not happen consecutively for someone to remember. I might add 5 friends this week and I might end up sharing a confidential information after 6 months. I may not remember that I had those totally "online" (and possibly virtual) friends, but they now have the info that I don't want them to know. In spite of the websites (like facebook/orkut) warning the users, it is difficult to enforce this. Users are mostly in a hurry to share and go read what others have shared. At some point, the users only look for an easy way to get rid of that popup and get back to business -- unfortunately defeating the whole idea of those warnings!! but that's reality. Sometimes I feel really odd when I see the privacy setting for 'friends of friends' -- this doesn't make sense to me at all. In spite of you being extra careful on sharing info, this might just screw up the entire deal. To me, a friend of my friend should belong to 'Everyone'. In security, one should consider the worst case as default.
I've read and also realized that there is a lot of encroachment happening into the privacy of the individuals without they knowing about it. It seems there is a concept catching up called 'virtual friends' wherein, bots (computer programs) try to create friendships with unknown people. There was also a study that says many people have the tendency to accept unknown online friends. I can tell you that recently the number of friend requests that I get on both orkut/facebook have increased and believe me, I don't know most of them. With more and more real people having funny names on their profiles, it is obviously getting easier for bots to deceive us. I might have rejected some real friend requests because they sounded abnormal. Maybe someone (or many) somewhere is making the grounds; silently gathering info; or waiting to.
and someone out there says privacy is no longer a concern!! hmmm...
Gerald,
ReplyDeleteYou have hit the nail on the head when you said 'friends of friends' belong to everyone, because if you do not know them you don't care if they are your friends' friends. It is a way these social networking sites are making their own lives complex.
Orkut is a tad more secure, I daresay, than Facebook. Facebook sucks big time. If I comment on your photo then that would appear on my wall and anyone who doesn't know you can see this photo via the message on the wall! How much more ridiculous can it get?!
But the bottomline is "If you are in two minds, don't do it whatever you were thinking of doing." I follow this many times and I guess this is what you were doing when rejected those friend requests (even though many would've been genuine).
Like people don't care to see the options presented to secure themselves, this post is not going to help many who have already decided that they aren't worried either. What a pity!