Webmonkey posted an interesting article on https vs. http. The premise of the article is based around why https isn’t being used more broadly across the web. Sites pretty much run https for purchases and high-level information, but not so much for login pages. Those that do, like facebook, don’t force the https address–you have to make sure you type it in manually.
You may wonder why you should care. As long as you can log in, isn’t that the most important thing? You should care, because when you log in to any site and the address doesn’t start with https://, then it’s much easier for people to snag your user name and password.
Read the article: HTTPS Is More Secure, So Why Isn’t the Web Using It?
Facebook announced changes to their system that will make your information a lot less private to other sites and it’s causing an uproar. PC Weekly wrote a great article outlining breaking down changes. Some of the new features are very interesting and the integration between Facebook and external sites is exciting in a geeky, I have the online world at my fingertips, sort of way. I can have Pandora pull in my favorite songs from Facebook automatically or have Yelp show content from my Facebook friends.
The question is, with all this great interactivity between Facebook and third-party sites, what personal information is being made public and how do I stop it? The article does cover how you can turn off some of the settings and how it will work long-term which you probably haven’t seen highlighted much on Facebook. I highly recommend you take a look if you haven’t heard or don’t understand how the changes will affect your online security.
Some interesting highlights:
“Facebook’s new features are making it easier to build your Facebook profile and share online articles and other items with your friends. But like anything Facebook-related there are some serious privacy implications to consider.” – Ian Paul
“Before this week’s announcements, whenever you signed in to a third-party Website such as Colbert Nation or NBC.com using your Facebook login credentials, those external Websites were allowed to store your Facebook data for only 24 hours. Facebook recently changed that requirement, and now those Websites can store your Facebook data indefinitely.” – Ian Paul
“At first glance, most of this customization sounds similar to the new plugins Facebook offers, but the difference is that sites using Instant Personalization will also have access to your publicly available Facebook information the moment you land on their Webpages, while signed in to Faceboo [sic]. So when you go to Yelp or Pandora, for example, these sites can access your name, profile picture, gender, current city, networks, friend list, likes and interests, and your fan pages.” – Ian Paul
“It’s also important to note that opting out of Instant Personalization will not completely stop Instant Personalization sites from accessing your information. If any of your Facebook friends visit these sites, the Instant Personalization feature can access that person’s friend list and all the publicly available information for each friend. So if you’re Facebook friend Suzy visits Yelp, even if you’ve opted out of Instant Personalization, your publicly available information will be shared with Yelp simply because you are on Suzy’s friend list.” – Ian Paul
What do you think about these changes?