Facebook-Open-Graph

Here’s how Facebook’s Open Graph search could get you in trouble

cautionHave you played with Facebook’s Open Graph search yet?

Facebook’s new search tool is now available to all American users. The rest of the world still has to request its preview here.

Your search bar is now much more prominent in the interface and you should expect it to start playing a much bigger role in how people use the site. The tool mixes a little bit of fun with a little bit of creepiness. And while it’s definitely more useful that Facebook’s old search, it could get you in some trouble.

The good news is that the search respects your privacy settings. The bad news is a lot of people don’t seem to be that careful with their privacy settings.

We tested out these searches and were shocked by how many many profiles actually came up:

Screen Shot 2013-07-09 at 5.51.30 PM

Screen Shot 2013-07-09 at 5.53.44 PM

Screen Shot 2013-07-09 at 5.55.00 PM

How do you know if you’re protected from embarrassing searches?

We’ve made it easy to check. You can use our Safe Profile Beta app and get your privacy score and recommendations now.

Or you can check manually by clicking on the lock on the upper right corner of any Facebook page for “Privacy shortcuts”.

Screen Shot 2013-07-10 at 4.41.22 PM
Click on “Who can see my stuff?” then “What do other people see on my timeline?”

You’ll see what’s available to the “Public” your “Friends” or a specific person could find as they search for you.

If you’re not happy with anything that may come up, here’s an excellent guide for locking your profile down.

Open Graph search makes the information on your “About” page as well as the privacy settings of your “Friends”, “Photos” and “Likes” more important than ever. So be sure to check out the first four sections of this guide.

And — to be extra safe — I’m going to remind you to run Safe Profile beta, again. And if you do, let us know what score you got in the comments.

Cheers,

Jason

[Image by Eugene Zemlyanskiy via Flickr.com]

 

More posts from this topic

dune_tracks

You’re Being Tracked Wherever You Go – Here’s How to Fight Back From Your PC!

You're searching online for a baby gift for a friend's newborn, and then for a while you're followed by diaper ads on practically every site you visit. Ever notice something like that happening to you? Yes, the web can be an eerie place. Intelligence agencies and criminals aren’t the only people who may be tracking your online behavior - there’s a lot more to your browsing session than meets the eye. Take, for example, this F-Secure Labs study that found that of the 100 most popular URLs in the world, only 15 percent are actually accessed by real people. The other 85 percent are third-party sites that are accessed behind the scenes of your browsing session, by the sites you visit. And over half of these third-party sites are tracking-related. They are helping build up an online profile of you and your browsing habits. Why? So marketers can better target you with ads that meet your interests and preferences - or at least try to, in the case of the diaper ads. How does it work? When you visit a site with ads, you'll be tracked by the marketing company behind the ads on that site. And one marketing company may be working with a huge network of other websites. So whenever you visit another site that also has a relationship with that marketer, the marketer captures more and more data about you and your online behavior. All this data goes into an extensive profile that is being built up about you. If that sounds a little creepy, rest assured that you can regain control of your digital privacy. There’s an easy way to block advertisers from tracking you everywhere you go. Last year we launched F-Secure Freedome to stop tracking on your mobile device (to date, Freedome has already blocked over 900 million tracking attempts globally). And now there's good news - today we're unveiling Freedome for your Windows PC! Freedome for Windows has the same privacy features as the mobile versions, protecting you from trackers and hackers. It's got the same VPN technology to protect your browsing session from snoops while using public Wi-Fi. In addition, it also includes a new Private Search feature that offers tools so you can get your search engine results without the tracking. Since the Snowden revelations, we as consumers have become more and more aware that we may be revealing the most intimate details of our lives through our connected devices. According to a recent study by the Pew Research Center Internet Project, 91% of adults in the survey agree that consumers have lost control over how personal information is collected and used by companies. If you're concerned too, download a free 14-day trial of Freedome for your Windows PC. And let us know what you think!   Banner image courtesy of Filip Goc, flickr.com  

Jan 21, 2015
BY 
David Cameron

Why David Cameron’s comms promise is foolish

British Prime Minister David Cameron has announced that, should the Conservatives win the general election in May, they will ban forms of communications which can’t be accessed by law enforcement if they have a warrant. It appears that messaging apps which use encryption will be banned in the UK. There are a number of reasons why this idea is a flawed knee-jerk reaction to the tragedies which happened in Paris. Here, F-Secure looks into them… Il n’est pas Charlie Each terror attack and paedophile ring which is busted gives the Government an opportunity to introduce laws which curtail the British people’s freedom and privacy. This is not the sentiment which has been shared across the world in the past two weeks, as people stood together against the massacre at Charlie Hebdo’s offices in Paris. Without civil liberties, Charlie Hebdo would not be allowed to exist. Self-censorship would ensue Knowing that your communications could be read by the Government would lead to self-censorship, possibly unconsciously. This could gravely affect activist groups and NGOs whose purpose it is to hold the Government to account. The Universal Declaration of Human Rights Article 12 states: No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks. If that wasn’t enough, mass surveillance also contravenes Article 8 (the right to respect for private and family life) and Article 10 (the right to freedom of expression) of the European Convention on Human Rights. The European Court of Human Rights has repeatedly stated that surveillance, if conducted without adequate judicial oversight and with no effective safeguards against abuse, will never be compatible with the European Convention. Ultimately, international law does not support Cameron’s intentions. Who will regulate open source encryption services? It is one thing to demand a large company, such as Facebook, abides by the law, but who will they approach for open source standards which have no single owner, such as OpenPGP? How do you regulate peer-to-peer communications app such as FireChat? What about mesh networks? This technology has not been widely adopted yet, but it has been available for some time and is bound to gain users if Cameron’s plans go ahead. Already used in Barcelona, Greece and Baghdad, mesh networks wirelessly connect computers and mobile devices to each other without the need for a service provider (such as an ISP). With this direct form of communication, there is no one to serve a warrant to. It can’t be monitored It is still unclear how Cameron expects to implement a ban. How will he stop people downloading software from outside Britain? Will resources (which could be spent on, say, targeted surveillance of people on the Government’s watch lists) then be spent on policing innocent people using encrypted communications? The British economy would suffer Start-ups wanting or needing to use end-to-end encryption are likely to avoid Britain as a base, taking their taxes and jobs with them. The Government would suffer The Government uses encryption for communications too. Will it be one rule for them and a different one for businesses and the public? It would wipe Britain off the technology map Take any number of services which could be affected by this law – WhatsApp and iMessage probably being the most widely used. These are not British companies bound by British laws. As such, are they likely to re-write their privacy source code or will they simply pull out of the market? When a new technology is launched, Britain is usually one of the test-beds before global roll-outs. Making Britain unviable for such programmes would see it fall behind its western competitors, bringing all the economic woes attached to it. So much for Cameron’s ‘Digital Britain’. It puts Britain in bad company Cameron is not the first to try this. He would be following Russia, Syria and Iran. All of whom have struggled to implement it. A warrant from the Home Secretary won’t help with end-to-end encryption It appears that Cameron is unaware that, with end-to-end encryption, the users hold the encryption keys, not the service provider. Turning up at, for example, the WhatsApp offices with a warrant for access to a specific user’s communications would be pointless. WhatsApp don’t hold the encryption keys, so wouldn’t be able to provide the unencrypted data. Did Cameron really mean what he said? The Prime Minister is not a technology expert, neither is his speech writer. Did this cause confusion? It is possible that Cameron’s intent is to make anonymity-enabling encryption abnormal, so that those using it are suspicious? It gives the authorities a tip on who to be watching. If we all use encrypted communications, they don’t have this advantage, so they would prefer it remained in fringe technology. Will it even happen? The plan has been called everything from ‘crazy’ to ‘cloud cuckoo land’ by security experts who understand the complexity of what Cameron intends. There is every chance that a ban on encrypted communications will not happen. However, the Government has shown its intentions. Not content with the mass surveillance being conducted by GCHQ (with no judicial oversight), they have also introduced the Regulation of Investigatory Powers Act (RIPA) and the Communications Data Bill. The message is clear, the British Government wants to unilaterally invade the British people’s privacy. Britain as a surveillance state is becoming a reality.

Jan 20, 2015
New MERCEDES

In what color would you like your new Mercedes?

A new Mercedes. Nice. Or maybe an Audi R8? That would be cool. But hold it! Don’t sell your old car yet! Liking and sharing that giveaway campaign on Facebook will NOT give you a new car. Those prizes doesn’t even exist. They are just hoaxes. Internet and Facebook is full of crap, junk, rubbish, nonsense and gibberish. Nobody knows how many chain letters there are spreading some kind of unbelievable story. False celebrity news, bogus first-aid advice, phony charity campaigns and this kind of giveaways. We tend to think about these chain letters as hoaxes, pretty harmless jokes that doesn’t hurt us. But that’s not the full story. A hoax can be harmful, like the outright dangerous first aid advice that some people keep spreading. But a car giveaway is probably a harmless and safe prank, even if it’s false? No, not really. These chain letters are actually not traditional hoaxes, they are like-farming scams. There’s no free lunch, you don’t pay for Facebook with money but with your private data. The like-farming scams work in the same currency. You will not lose any money even if you like the page and share it. Instead you will participate in building a page with a lot of supporters, which is valuable and can be sold later. Needless to say, you will not get any of that money. Here’s how it works. Any business has a problem when starting on Facebook. An empty page without likes isn’t trustworthy. So the scammers set up a page containing anything that can go viral. A promise to get a luxury car works well. They just have to tell everyone to like the page and to share it as much as possible, to keep the chain reaction going and get even more likes. The scammers wait until there’s enough likes before they clean out the content, rename it and start looking for a buyer. The price is in “$ per k”, meaning dollars per 1000 likes. A page with 100 000 likes could sell for over $1000. So sharing the page can make quite a lot of money for the scammers if you have a lot of gullible friends, who in turn have a lot of gullible friends, and so on … The downside for you is that the likes stick even if the page is redesigned for some totally different purpose. Your face will be an evangelist for the page’s new owners and show up next to their brand. And you have no idea about what you will be promoting. I have friends who are anti-fur activists. You can probably imagine what one of them would feel when discovering that she likes a fur-coat designer! And finally some concrete advice. Review your list of old likes regularly. Remove everything except those things you truly like and want to support. When you encounter a giveaway post like this, check the involved brand’s main page in Facebook by searching for the brand name. You will in most cases notice that the giveaway is a totally different page that just is named similarly. That’s a strong scam indicator. Use common sense. From the above you get an idea about what likes in Facebook are worth. Does it make sense to give away luxury cars for this? Don’t participate in scams like this. It might feel tempting, but remember that your chance to win is exactly zero. Spread knowledge every time you see a scam of this kind. Comment with a link to this post or the appropriate description on Hoax-Slayer or Snopes.   Those sites are by the way fun and educating reading. I recommend spending some time there getting familiar with other types of hoaxes too. Read at least these two articles: Facebook car giveaway on Snopes and Facebook like-farming scams on Hoax-Slayer .   Safe surfing, Micke  

Dec 16, 2014
BY