Facebook users need 'greater discretion'

By Eileen Yu, ZDNet Asia
Tuesday, January 08, 2008 07:23 PM

Facebook users are advised to exercise caution before downloading applications on the social networking site, after an application has been identified to download adware into a user's PC.

According to IT security vendor Sophos, the discovery of the Secret Crush application underscores the need for Facebook users to be careful about the kinds of third-party applications they install.

Secret Crush application

The application invites unsuspecting Facebook users to find out which of their friends have a secret crush on them. After installing the application, however, users are instead directed to an external Web site inviting them to download applications such as MyWebSearch, which allows for pop-up advertising.

Facebook has since removed Secret Crush from its database.

Graham Cluley, Sophos' senior technology consultant, however, is calling for caution.

"Facebook users must show greater discretion about how they use the site, and which applications they install," Cluley said. "These third-party widgets are not written by Facebook, and can mean that you are carelessly sharing your personal information with strangers or risking your computer's security."

He noted that "thousands" of third-party applications have been developed and made available for Facebook users, and it is "obviously proving impossible" for the social networking site to police them.

"The message from Facebook to its users appears to be, 'add third-party applications at your own risk," he said.

On its site, the social networking site outlined that it will not be held responsible for any loss or damage incurred by its users through "any user content or third-party applications".

In a statement released Monday, Facebook said it is committed to ensuring user security but asked for its users to "employ the same precautions" while downloading applications from the site, as they would when downloading software on their PCs.

A Sophos study last year found that 41 percent of Facebook users were willing to reveal their personal information to a complete stranger, and 84 percent divulged their full date of birth.

Cluley urged companies to establish proper user policies if they do decide to allow their employees to access social networking sites during office hours.

"It's vital that they do not put their personal and corporate data at risk... If your users are installing third-party Facebook applications in the office, they could potentially be bringing adware, spyware and malware into your organization at the same time," he said.

1

20 votes

Save to My Library

Talkback 0 comments

There are currently no comments for this post.

Reply to story

Tech Jobs Now!

TechGuides

Specials
News and Interviews
Whiteboard

UOB banks on economic downturn
Singapore bank's IT chief Susan Hwee explains how financial crisis offers new opportunities to reengineer
Play video
Domino's Pizza keeps customers eating
CEO Don Meij discusses strategy to grow customer base
Play video

As Sun acquisition closes, Oracle outlines new vision
Touts "complete, integrated, engineered systems"
Play video
Apple introduces the iPad
Apple CEO Steve Jobs unveils tablet type device
Play video

Cost Effective, Secure and HA Server Infrastructure for SMBs
Alan Wan from Dell illustrates how small and medium businesses can build a high availability IT infrastructure without requiring heavy investments on skills and resources.
Play video
Enterprise 2.0
Vince Casarez, vice president of product management at Oracle, explains how Web 2.0 technologies, such as tags, wikis, and mash-ups, can be applied within an organization.
Play video