Facebook

How to protect your private information from Facebook’s ‘creepy’ new open graph search

310670770_5f30fb24d0Are you sharing your telephone number on Facebook?

You might be and not even realize it.

A few months ago I signed up for Facebook’s Login Approvals, which required my mobile number. Instantly my number was added and set at my default setting.

If my general privacy setting were “Public”, my number could be one of the 2.5 million phone numbers that Brandon Copley recently harvested from Facebook using the site’s new Open Graph Search.

The app developer from Texas admits that users can use privacy settings to hide their number but still believes this is a violation of users’ trust.

“Facebook is denying its users the right to privacy by allowing our phone numbers to be publicly searchable as the default setting,” Copley told TechCrunch. “This means that anyone with my number knows my Facebook contact information.  I may have not told my future employer about my Facebook account, but if I called them on my cell phone they can now know how to find me on Facebook.”

To make sure your phone number isn’t public, go to your profile and click on “Update Info”. Click “Edit” next to your “Contact Information” then click on the audience icon and select the level of sharing you want. I chose “Only Me”.This isn’t the only privacy surprise you should expect as Facebook’s Open Graph Search begins rolling out to the site’s one billion users

The simplest way to make sure you’re only sharing what you want to share is to use our new Safe Profile Beta app, which scans your profile and lets you know how much you’re sharing and how to lock down your profile. But keep reading for more information about the search and how to prepare yourself.

Open Graph Search will definitely change the way people look at Facebook. You can sign up for the waiting list here: http://www.facebook.com/about/graphsearch

Your friends and their friends will be able to search your information in ways you may not expect. And this tool will likely become the “Google” of social—meaning people will go to it first to discover the people based on interests and location, which could get a bit “creepy.”

Some suggest this tool will make it easier for criminals to find information for phishing attacks or repressive governments to crack down on dissidents. You can see some examples of how married people who “like” prostitutes and government employees who “like” racism here: http://actualfacebookgraphsearches.tumblr.com/

However, the good news is that it’s restricted by your privacy settings most of your friends use Facebook pretty sanely, right?

“90% of users get the basics right and the other 10% are hopeless,” F-Secure Security Advisor Sean Sullivan told me. “When the 90% meets the 10%, de-friend the boneheads. Because soon they will reflect on you.”

Since you will not be able to opt out of Open Graph Search, you might want to take a few more steps to make sure you don’t end up on the bad end of a disturbing search made by a friend, family member or potential employer.

Here’s what to do now:

(If you’re one of the 90% of the Facebook users who gets how to use the site, you can skip to step three for tips that relate specifically to Graph Search.)

1. First of all, never post anything you wouldn’t want to end in your mom’s newsfeed.
This will save you from most embarrassment. This means, no pictures, videos or status updates you wouldn’t want to see on the cover of your hometown newspaper. If you do this, you’ll avoid most—but not all trouble that could result from being on Facebook or in its search.

2. Check your privacy settings and unfriend anyone who doesn’t seem to use the site responsibly
You can get fancy and restrict certain things to certain people, but Facebook’s basic privacy settings are “public” or “friends.” We recommend friends, unless you want to open your profile to end up in the search results of anyone in the world.

Find the lock near the upper right hand corner, click on it and select “See more settings” at the bottom of the menu that pops up.

Change every option for “Who can see my stuff?” and “Who can look me up?” pick “friends”.

3. Scrub you history
You can (and should) limit all of your old posts to just your friends. Once you do this, you cannot undo it. But you can go back and adjust each posts individually.

Click at the top right of any Facebook page and select Privacy Settings Find “Limit the audience for posts I’ve shared with friends of friends or Public?” and click Limit Past Posts. Click ”Limit Old Posts”.

4. Check your likes!
This is where Graph search gets “creepy.” Let’s say you liked a band three years ago or your competitor at work or a boy band as joke. Graph  Search doesn’t get the joke. What you’ve liked on Facebook is now much more important. And just as you unfriend anyone who worries, go through your likes and unlike any page you don’t want to be associated with. Unfortunately you need to do this page by page.

Go to your profile, click on “Likes.”

They’re organized chronically, so go back in time and unlike away.

5. Turn on “tag review” and take control of your wall.
The most annoying thing about Facebook is that people can tag you in photos you don’t want to be associated with. You can turn on “tag review” and prevent the photos from showing up to your friends but the tag will still be on the photo unless you “report/remove tag.”

Here’s how to turn on “tag review” so photos you don’t approve don’t show up on your profile.

Click on the wheel in the right-hand corner, click on your privacy settings and then click on Timeline and Tagging on the left menu.

Most people want to allow friends to post on your wall but if protecting your images is your priority, you may want to make it available only for you. Either way, it’s a good idea to select “friends” for “Who can see what others post on your timeline?” This will prevent strangers or even potential mates or employers happening to catch your page right as a friend posted some hilariously sick image on your timeline.

We recommend you turn on “Review posts friends tag you in before they appear on your timeline?” This won’t stop your friends from tagging you in something embarrassing but it will stop it from showing up on your wall if they do.

We definitely recommend you enable “Review tags people add to your own posts before the tags appear on Facebook?” This so called tag review will keep you from being in ridiculous tagged pictures or posts that show up in search results. Instead of just popping up on your wall the posts will show up in your activity log where you can approve a tag or asked for it to be removed. To get to your “Activity Log” to approve your tags, go to your profile by clicking on your name on the top navigation. Then click on “Activity Log”

Here’s a Facebook video on how to “report/remove” photos or videos you don’t want to be tagged in.

6. If you want to prevent your friends and family from being associated from you, hide them.
On your profile/timeline page, click “Friends”. In the new screen you’ll see an edit button.

Select “Only Me”.

To hide your family, click “About” below your name, work, school and hometown on your timeline. Under “Relationships and Family” select “Edit” and select “Only Me.”

7.       If this is too much work, consider moving somewhere you’ll have lots of privacy—Google+.

[Photo by Milica Sekulic]

More posts from this topic

Mikko Hypponen What Twitter knows

Your favorite breakfast cereal and other things Twitter knows about you

At Re:publica 2015, our Chief Research Officer Mikko Hypponen told the main stage crowd that the world's top scientists are now focused on the delivery of ads. "I think this is sad," he said. [youtube https://www.youtube.com/watch?v=pbF0sVdOjRw?rel=0&start=762&end=&autoplay=0] To give the audience a sense of how much Twitter knows about its users, he showed them the remarkable targeting the microblogging service offers its advertisers. If you use the site, you may be served promoted tweets based on the following: 1. What breakfast cereal you eat. 2. The alcohol you drink. 3. Your income. 4. If you suffer from allergies. 5. If you're expecting a child. And that's just the beginning. You can be targeted based not only on your recent device purchases but things you may be in the market for like, say, a new house or a new car. You can see all the targeting offered by logging into your Twitter, going to the top right corner of the interface, clicking on your icon and selecting "Twitter Ads". Can Twitter learn all this just based on your tweets and which accounts follow? No, Mikko said. "They buy this information from real world shops, from credit card companies, and from frequent buyer clubs." Twitter then connects this information to you based on... your phone number. And you've agreed to have this happen to you because you read and memorized the nearly 7,000 words in its Terms and Conditions. Because everyone reads the terms and conditions. Full disclosure: We do occasionally promote tweets on Twitter to promote or digital freedom message and tools like Freedome that block ad trackers. It's an effective tool and we find the irony rich. Part of our mission is to make it clear that there's no such thing as "free" on the internet. If you aren't paying a price, you are the product. Aral Balkan compares social networks to a creepy uncle" that pays the bills by listening to as many of your conversations as they can then selling what they've heard to its actual customers. And with the world's top minds dedicated to monetizing your attention, we just think you should be as aware of advertisers as they are as of you. Most of the top URLs in the world are actually trackers that you never access directly. To get a sense of what advertisers learn every time you click check out our new Privacy Checker. Cheers, Jason

May 15, 2015
BY 
Internet Communication

What Clicking Tells Online Trackers

The Internet is first and foremost a communication medium. Every link that people click, every character they enter, and every video they watch involves an exchange of information. And it’s not just a two-way conversation between a person and their computer, or a person and someone they’re chatting with. There’s more people than listening in, and because computers use languages that people don’t necessarily understand, it’s logical to infer that many people may not be fully aware of what they’re actually saying. F-Secure launched a new Privacy Checker to help pull back the magic curtain that hides online tracking. A lot of online tracking is about employing passive data collection techniques – techniques that allow observers to monitor behavior without having any direct interaction with the people they're observing. Such passive data collection techniques are pervasive online, and websites are often designed to facilitate this kind of tracking. The prevalence of these technologies lends credence to the idea that control is becoming ubiquitous online, and represents a substantial threat to digital freedom. Do you ever read “top 10” articles or other types of lists on websites that require you to “turn pages” by clicking a button? Clicking those buttons lets online trackers know how far you go in the article before you stop reading (not something that can be done reliably when content is on a single page). That’s how passive data collection works. The Privacy Checker works by checking the information stored in web browsers, and then generates a report about what it’s learned. It can usually deduce where you’re located, what language you speak, whether or not you were directed to the checker from Google or another website, what device and operating system you’re using, and whether or not you allow your browser to use tracking cookies. If you think about this as a communicative event – an interaction in which information is exchanged – simply clicking a button has told the Privacy Checker all of this information. So if you were to breakdown the result from a check I ran as an interaction, you could say I told the Privacy Checker the following: “I am in Helsinki, Finland”. “I speak English”. “I use Google.fi to find things online”. “I use a mobile device with Android 4.4.2”. “I allow my browser to accept cookies”. The Privacy Checker responded by explaining what I told it when I pushed the “Check Now” button. The Privacy Checker also provided me with some information on how companies use the things I tell them to make money. The Privacy Checker is probably the only online conversation partner that you’ll ever have that provides you with this transparency. Many people don’t know or aren’t interested in constantly sharing this information, and many websites are designed to help their administrators make money from this data. And this is a key threat to online privacy: more and more technologies are being developed to capture, store, and analyze your data without your knowledge. This blog post emphasizes the significance of the threat by pointing out that huge investments are being made in companies and technologies that monetize your data. The author even refers to it as information about "pseudo-private" behavior – a label that really underscores how much value some of these companies place on privacy. The Privacy Checker sheds some light on this to help people understand what they’re really saying when they click around the web. It’s free to use and available on F-Secure’s new Digital Privacy website, which contains more information about online privacy and the fight for digital freedom. [ Image by geralt | Pixabay ]

May 15, 2015
BY 
Freedome for Mac

Freedome Comes to Mac

F-Secure launched Freedome for Mac this week (click here to get a free trial) to help Mac users enjoy the private, premium web experience that’s already being enjoyed by over 2 million Android, iOS, and Windows PC users. Freedome is a user-friendly VPN that’s filled with features to help people enjoy themselves online, and it’s a great way for Mac users to start taking back control of their online privacy and digital freedom. Macs have a reputation for being more secure than Windows PCs, but as Micke recently posted out in a blog post, this is somewhat misleading. And this has important implications for online privacy – Macs are just as susceptible to online snooping as their PC counterparts. People have the same privacy needs, regardless of what devices or operating systems they use to help them access the Internet. So Freedome makes sense for Mac users. Its attractive one-button interface lets Mac users turn the app on and off with just a quick click, and offers them an easy way to do things like encrypt their communications, protect themselves from malicious websites, and select different virtual locations so they can bypass regional locks on web content. But Freedome is also a great way to get involved in the fight for digital freedom. People have become more aware of the ways their privacy is being violated when they do things like browse the web or go online shopping, but they don’t really know what to do about it. Using Freedome sends a message to criminals and companies that someone’s choice to use the Internet does not automatically mean they consent to having their private lives invaded or controlled by others. Freedome for Mac is now available for a free trial, and subscriptions can be purchased for a small fee. You can also get multi-device subscriptions that can be used to cover different combinations of your Mac, Windows PC, Android, iOS, and Amazon Fire devices.

May 7, 2015
BY