Facebook’s new profile is now being rolled out to all users. The new design has already given some an artistic new way to express themselves. But to the millions of us who rely on Facebook even more than email for digital communication, any change on Facebook leaves us wondering: What’s the catch?
The new profile doesn’t create any NEW privacy problems. However, it does take one existing privacy problem and make it more annoying.
Here’s what you need to know now:
1. Your privacy settings haven’t changed. But you should check out how your new profile looks.
The same people can see the same things. However, certain information—your birthday, education and professional experience—and the pictures you’re tagged in will be much more prominent in your new profile.
You can quickly hide these photos and information, or, with a little effort, adjust your settings so only you can see them. But once you have the new profile, you should go to Account > Privacy Settings> Under “Connecting on Facebook” click “View settings”> Click on “Preview My Profile” to see how most people see you.
2. Facebook’s photo and video tagging is annoying. And now that is more obvious.
The only way to stop a Facebook friend from tagging you in a photo is to unfriend that friend. With the old profile, you probably didn’t notice or care about this feature. You’d get an alert that you’ve been tagged in a photo and that a photo you were tagged-in had received a comment. Some users tag their friends in an image they are not in just to get them to look at and comment on said image. Some users tag friends in silly or gross images as a joke. Basically it’s an unsecured feature that is easily hacked for fun/mockery.
And the potential annoyance of this tagging tool wasn’t a big deal until Facebook put tagged photos at the top of your profile. Now, one funny or chemically imbalanced friend can decorate your profile with ridiculous images.
So now you have three choices:
a. BEST CHOICE: Only friend those whom you really trust.
b. Customize your privacy settings for “Photos and videos I’m tagged in” to “Only Me”.
To do this go to Account > Privacy Settings> Click on “Customize Settings”> Under “Things other share” and “Photos and videos I’m tagged in”, click “Edit Settings”> Under “Who can see photos and videos I’m tagged in” select “Customize” then “Only Me”. You can also exclude certain friends. But if you do that, you may end up having to find this stupid setting again.
c. Use Facebook Groups. But this is complex and not foolproof.
Allowing users to tag their friends is a unique feature that has helped Facebook become the world’s largest photo sharing site. This feature will probably never be eliminated. However, Facebook could make opting out of it much simpler. A good model would be what Facebook did with Facebook Places. The first time a friend tagged you in a Place, Facebook asked if you wanted to allow friends to tag you. (Another method would be to allow users to block certain friends from tagging them in photos or videos. But this is again complex and not foolproof.)
3. Your birthday is now more obvious, so please do not use it as a password ever for anything.
Facebook has taken one of our prime identifying pieces of personal information and made it a minor holiday. Even if you don’t allow anyone but friends to see your birthday on Facebook, your birthday messages may show up on your profile and in friends of friends’ Top News—especially if you and your friends broadcast your activity.
So, fine. People know when you’re born. That would be fine, if there weren’t potentially millions of people using their birthdays as PIN numbers for their ATM cards. Here’s a simple system for creating and remembering strong passwords.
4. You may want to hide your work and education experience.
Your “experience” is now at the top of your profile. If for any reason you would like to keep this professional information from being so prominent in your online life, you need to change your sharing settings to “Friends Only” in general go to Account > Privacy Settings> Under “Connecting on Facebook” click “View settings”> Under “See your education and work” you select “Customize” then “Only Me”.
5. Facebook is taking on LinkedIn (and possibly another new Google social network.)
You don’t have to be THE social media guru to figure out Facebook’s master plan. Not only do they want to integrate Facebook into every aspect of the web, they want your Facebook profile to be your ONE profile on the web.
To make your profile central to your web identity, Facebook has stay ahead of potential competitors like Google (the search engine giant is rumored to be launching some sort of direct Facebook competitor and 2011) and to replace (or absorb) any existing sites that might offer an alternative to Facebook.
Now that MySpace lost, it seems Facebook’s next target is LinkedIn. LinkedIn is a virtual resume/business networking tool for about 50 million people around the globe. Facebook’s new profile seeks to make your profile into more of a business card—not quite a résumé, yet. But it’s clear that Mark Zuckerberg and his crew recognize the value of making Facebook valuable to your professional needs, and Facebook’s audience is getting a little older (and more professional) every day.
Facebook’s new profile emphasizes Facebook’s dominating strength— photos—while revealing its strategy for the future. If you’re going to keep using Facebook, as a half a billion “friends” do, it’s always worth spending a little time thinking about how Facebook sees you.
Look out for those tagged photos,
Many of you have seen them. And some of you have no doubt been victims too. Malware spreading through social media sites, like Facebook, is definitively something you should look out for. You know those posts. You raise your eyebrows when old Aunt Sophie suddenly shares a pornographic video with all her friends. You had no idea she was into that kind of stuff! Well, she isn’t (necessary). She’s just got infected with a special kind of malware called a social bot. So what’s going on here? You might feel tempted to check what “Aunt Sophie” really shared with you. But unfortunately your computer isn’t set up properly to watch the video. It lacks some kind of video thingy that need to be installed. Luckily it is easy to fix, you just click the provided link and approve the installation. And you are ready to dive into Aunt Sophie’s stuff. Yes, you probably already figured out where this is going. The social bots are excellent examples of how technology and social tricks can work together. The actual malware is naturally the “video thingy” that people are tricked to install. To be more precise, it’s usually an extension to your browser. And it’s often masqueraded as a video codec, that is a module that understands and can show a certain video format. Once installed, these extensions run in your browser with access to your social media accounts. And your friends start to receive juicy videos from you. There are several significant social engineering tricks involved here. First you are presented with content that people want to see. Juicy things like porn or exposed celebrities always work well. But it may actually be anything, from breaking news to cute animals. The content also feels safer and more trustworthy because it seems to come from one of your friends. The final trick is to masquerade the malware as a necessary system component. Well, when you want to see the video, then nothing stops you from viewing it. Right? It’s so easy to tell people to never accept this kind of additional software. But in reality it’s harder than that. Our technological environment is very heterogeneous and there’s content that devices can’t display out of the box. So we need to install some extensions. Not to talk about the numerous video formats out there. Hand on heart, how many of you can list the video formats your computer currently supports? And which significant formats aren’t supported? A more practical piece of advice is to only approve extensions when viewing content from a reliable source. And we have learned that Facebook isn’t one. On the other hand, you might open a video on a newspaper or magazine that you frequently visit, and this triggers a request to install a module. This is usually safe because you initiated the video viewing from a service that shouldn’t have malicious intents. But what if you already are “Aunt Sophie” and people are calling about your strange posts? Good first aid is going to our On-line Scanner. That’s a quick way to check your system for malware. A more sustainable solution is our F-Secure SAFE. Ok, finally the poll. How do you react when suddenly told that you need to download and install software to view a video? Be honest, how did you deal with this before reading this blog? [polldaddy poll=9394383] Safe surfing, Micke Image: Facebook.com screenshot
Today is Safer Internet Day – a day to talk about what kind of place the Internet is becoming for kids, and what people can do to make it a safe place for kids and teens to enjoy. We talk a lot about various online threats on this blog. After all, we’re a cyber security company, and it’s our job to secure devices and networks to keep people protected from more than just malware. But protecting kids and protecting adults are different ballparks. Kids have different needs, and as F-Secure Researcher Mikael Albrecht has pointed out, this isn’t always recognized by software developers or device manufacturers. So how does this actually impact kids? Well, it means parents can’t count on the devices and services kids use to be completely age appropriate. Or completely safe. Social media is a perfect example. Micke has written in the past that social media is basically designed for adults, making any sort of child protection features more of an afterthought than a focus. Things like age restrictions are easy for kids to work around. So it’s not difficult for kids to hop on Facebook or Twitter and start social networking, just like their parents or older siblings. But these services aren't designed for kids to connect with adults. So where does that leave parents? Parental controls are great tools that parents can use to monitor, and to a certain extent, limit what kids can do online. But they’re not perfect. Particularly considering the popularity of mobile devices amongst kids. Regulating content on desktop browsers and mobile apps are two different things, and while there are a lot of benefits to using mobile apps instead of web browsers, it does make using special software to regulate content much more difficult. The answer to challenges like these is the less technical approach – talking to kids. There’s some great tips for parents on F-Secure’s Digital Parenting web page, with talking points, guidelines, and potential risks that parents should learn more about. That might seem like a bit of a challenge to parents. F-Secure’s Chief Research Officer Mikko Hypponen has pointed out that today’s kids have never experienced a world without the Internet. It’s as common as electricity for them. But the nice thing about this approach is that parents can do this just by spending time with kids and learning about the things they like to do online. So if you don’t know what your kids are up to this Safer Internet Day, why not enjoy the day with your kids (or niece/nephew, or even a kid you might be babysitting) by talking over what they like to do online, and how they can enjoy doing it safely.
The European Union is preparing a new data protection package. It is making headlines because there are plans to raise the age limit for digital consent from 13 to 16 years. This has sometimes been describes as the age limit for joining social media. To be precise, member states could choose their age limit within this range. Younger kids would need parental consent for creating an account in social media and similar networks. We can probably agree that minors’ use of the internet can be problematic. But is an age limit really the right way to go? It’s easy to think of potential problems when children and teenagers start using social media. The platforms are powerful communication tools, for good and bad. Cyberbullying. Grooming. Inappropriate content. Unwanted marketing. Getting addicted. Stealing time and attention from homework or other hobbies. And perhaps most important. Social media often becomes a sphere of freedom, a world totally insulated from the parents and their silly rules. In social media you can choose your contacts. There’s no function that enables parents to check what the kids are doing, unless they accept their parents as friends. And the parents are often on totally different services. Facebook is quickly becoming the boring place where mom and granny hangs out. Youngsters tend to be on Instagram, WhatsApp, Snapchat, Periscope or whatnot instead. But is restricting their access to social media the right thing to do? What do we achieve by requiring parental consent before they sign up? This would mean that parents, in theory, have a chance to prevent their children from being on social media. And that’s good, right? Well, this is a flawed logic in several ways. First, it’s easy to lie about your age. Social media in generic has very poor authentication mechanisms for people signing up. They are not verifying your true identity, and can’t verify your age either. Kids learn very quickly that signing up just requires some simple math. Subtract 16, or whatever, from the current year when asked for year of birth. The other problem is that parental consent requirements don’t give parents a real choice. Electronic communication is becoming a cornerstone in our way to interact with other people. It can’t be stressed enough how important it is for our children to learn the rules and skills of this new world. Preventing kids from participating in the community where all their friends are could isolate them, and potentially cause more harm than the dark side of social media. What we need isn’t age limits and parental consent. It’s better control of the content our children are dealing with and tools for parents to follow what they are doing. Social media is currently designed for adults and everyone have tools to protect their privacy. But the same tools become a problem when children join, as they also prevent parents from keeping an eye on their offspring. Parental consent becomes significant when the social media platforms start to recognize parent-child relationships. New accounts for children under a specified age could mandatorily be linked to an adult’s account. The adult would have some level of visibility into what the child is doing, but maybe not full visibility. Metadata, like whom the child is communicating with, would be a good start. Remember that children deserve s certain level of privacy too. Parents could of course still neglect their responsibilities, but they would at least have a tool if they want to keep an eye on how their kids are doing online. And then we still have the problem with the lack of age verification. All this is naturally in vain if the kids can sign up as adults. On top of that, children’s social media preferences are very volatile. They do not stay loyally on one service all the time. Having proper parent-child relationships in one service is not enough, it need to be the norm on all services. So we are still very far from a social media world that really takes parents’ and children’s needs into account. Just demanding parental consent when kids are signing up does not really do much good. It’s of course nice to see EU take some baby steps towards a safer net for our children. But this is unfortunately an area where baby steps isn’t enough. We need a couple of giant leaps as soon as possible. Safe surfing, Micke Image by skyseeker