Image via CrunchBase
There’s a story on this issue on GigaOm, which is worth reading for context.
I don’t think Facebook owns my friends. Do you think they own yours? If you think Facebook should re-enable the “Facebook Friends Exporter” extension, or—better still—simply allow people to use their own contacts as they please, “Like” this posting. Send Facebook a message.
Facebook seems to revel in making the things you want to do as difficult as possible, either by hiding the things you’re interested in at remote and undiscoverable locations, or by moving them around and changing them regularly.
I just caught a message from a friend who couldn’t work out how to remove a “rogue” app she’d managed to pick up. Since I’m certainly expecting to see more and more (and more!) “rogue” apps in the future, I thought it’s be good to lay out how to manage your Facebook apps, since it seems that a lot of people are actually unaware.
Pull down the “Account” menu in the upper-right-hand corner of the screen. Choose “Privacy Settings”.
At the bottom of the “Privacy Settings” screen, toward the left, there’s an “Apps and Websites” heading, with a link to “edit your settings”. Click on that.
Next, you’ll be taken to the page where you can remove and configure apps.
To remove apps, or configure the information they can get at, click the “Remove unwanted or spammy apps”. This will take you to a page where you can remove apps (by clicking on the “X” to the right of the app’s name) or configure them (by clicking on the “edit settings” link).
If you click on “Edit settings” for a particular app—I’ve used Posterous here—you’ll see the information that it can get to, and—for apps which can be configured, anyway—be able to turn on and off specific kinds of access. In the case of Posterous, all the accesses are required by the app, so if there’s anything in there that makes you uncomfortable, you have no choice but to remove it.
I’d strongly consider removing any app, except those which you knew were from trustworthy sources and which you really needed to use.
Did you know how to do this already? Did this help you?
Oh, Facebook: Why Are You Putting Potential Malware On My Wall?
I found something novel on my Facebook wall this morning, but I didn’t realize that it was novel until I clicked on it.
"WTF", indeed!
Now, this looks just exactly like the sort of link that would take you to an internal page in the Facebook.com domain, but it’s not. It takes you to an external site, likeylikey.net, which I have never heard of and certainly have no reason to trust. While I’m probably at relatively low risk for browser-based exploits (I use either Chromium or Firefox, up-to-date versions, not Safari on an up-to-date OS X system or an up-to-date Linux system), someone who runs IE6 on an unmaintained XP box might well run into some serious malware problems here.
Facebook, what the hell do you think you’re doing? Shouldn’t you be making it clearer when links lead off-site, and using some different presentation for them than you do for the pages which are internal to Facebook?
Executive summary: WTF? Anyone else out there seen this?
But Wait! There’s More. [A Saturday Morning Update]
Having posted this just yesterday morning, as of yesterday evening, I’ve got another instance of a friend’s account being hijacked to evidently provide a link to a site I don’t think I want to visit. But this time, it’s in Facebook chat! Check this out:
Now, this isn’t some random person who wandered onto my friend’s list. This is actually a co-worker of mine, not someone I’ve ever chatted with on Facebook, however, and definitely not someone who is prone to using expressions like “awesome ass” as adjectives.
The link is interesting, too. Look at the Facebook preview for that URL (I’ve underlined the more interesting portion in red):
Okay, so not only do I get my “puzzle IQ results” (which, in my opinion should definitely not reach beyond double-digits), but I also get a “mobile content subscription“? Like, “charges that will be added to the bill of the cell phone number which I provided them in order to find out how smart I am”…? I bet it’s going to be more than the “five bucks” Jason was made to appear to offer me.
Wow. Wow twice.
Here’s the Big Problem
Facebook is about sharing. If we find ourselves placed in a position where what’s being ostensibly “shared” with us by our friends is going to cost us money, cripple our computer, or steal our information, then what’s the point of Facebook anymore? It’s increasingly becoming a Bad Part of Town, you can’t distinguish mates from malware any more, it seems.
If I “like” something, or send someone a message in chat with a link, how can they trust that it’s actually me doing the liking or the chatting any more? There’s no indication (other than the dopiness of the chat message) to distinguish it from a legitimate message. If it had been from a friend I chat with, and had been something simpler, like, “Hey! Take a look at this:” with a link, I might well have clicked on it.
From that point, depending on your system and browser all manner of mischief can happen.
This is completely aside from the privacy concerns that are plaguing the site more and more, lately. This is about Facebook’s ability to ensure the security of its users from Facebook itself. I hadn’t really thought seriously about quitting Facebook, it seemed like an overreaction, but that was because I feel like I’m pretty well on top of what I share and with whom.
This is different. This is bad.
