A consumer group in Germany has alleged over Facebook App Center about violating privacy laws.
According to the Washington Post, the Federation of German Consumer Organisations has given Facebook one week to stop automatically giving user information to third-party applications without explicit consent.
Legal action is possibly to Facebook, if these solutions are not met to fix privacy flaws, by September 4, 2012.
According to the New York Times about two week ago, “The company’s use of analytic software to compile photographic archives of human faces, based on photos uploaded by Facebook’s members, has been problematic in Europe, where data protection laws require people to give their explicit consent to the practice.”
Officials say this investigation and alleged charges are related to the Google Street View investigation, and similar actions can be taken, if necessary, to resolve the problem.
For the App Center, it’s put in place, some speculate, to help the Facebook mobile market and increase revenue for the company. With its competition against Apple or Android stores, it’s trying to gain attention quickly as an app store itself.
What makes governments and privacy experts nervous, is when Facebook developers make users opt-out, instead of opt-in. This means that new, potentially problematic, features are turned on by default. This requires too much work on the user, and an unfair advantage for Facebook.
- Facebook given one week to stop breaching privacy laws (nakedsecurity.sophos.com)
- German consumer group sets Facebook privacy ultimatum (reuters.com)
- Facebook’s new app bazaar ‘violates’ punters’ privacy – lobbyists (go.theregister.com)
There are continuing stories repeatedly of nude photos being stolen from celebrities through hacks and other leaks across the internet. What the problem is, it reveals immorality maybe, but also violates the privacy of the celebrity.
It’s none of anyone’s business but the celebrity itself, on why they decided to post nude photos on the insecure internet. Whether you believe it or not, celebrities reveal way too much personal data too, except in different ways.
Of course, you’ll rarely get to access a celebrity’s Facebook account, or friend them. Now, seeing a Twitter account of a celebrity is probably more likely, but it’s probably not a personal account.
Personal social networking accounts for celebrities are unlikely to be public, and unlikely to be noticed, also! So, at least they know how to handle themselves in social networking. After all, it could cost them their job, for involvement in social networking.
Back on topic…Let’s example Scarlett Johansson’s situation, where Christopher Chaney was held guilty for hacking/leaking the nude photos of this celebrity. Even the same hacker got Mila Kunis’s photos as well.
Now, according to media reports, prosecutors have filed documents at the US District Court in California, calling for 35-year-old Chaney to spend 71 months in prison, and pay over $150,000 in restitution.
To avoid this situation, celebrities listen up: secure your email account with a better password!! End-of-story.
Google Now is another one of those applications that worry security experts, like the recent Facebook issue for mobile tracking. Google Now is the latest upgrade in the new release of the Android Operating System. What’s worrisome is that its searching techniques put businesses at risk.
As a competitor for Apple Siri (voice-based service anyway), Google Now uses searching history, calendar, Google Maps usage, and location to deliver useful information to you ahead of time. Privacy ouchie! But anyway, maybe you want to know when and where the next bus will stop, or when a storm will hit…Google Now has all the information you need without your asking!
Now, this is not enabled by default, you have to opt-in. What it lacks is a management platform, for companies to be able to manage it and keep their employees on task/schedule. What would be best is for secure browsers to be deployed on these mobile platforms, which can enable the ability to disable such apps, particularly distracting ones.
Many companies rely on the privacy of all of their company’s data, and cannot have Google services indexing sensitive data to deliver crazy results in Google Now. Even more so, companies are worried for their employees’ personal data being at risk, as well!
Google will have to make a way for better management techniques before the use of this app gets out of hand (and it can do so very fast).
AD: Centrally manage your backups with NovaStor Central Management Console for 5 users.
Facebook launched a new feature this past Sunday, which was a location tracking feature that allowed users to see which of their friends were nearby. This feature has been quickly removed, after quick evaluation. The executive team at Facebook seems to not have their head on straight, or maybe the risk platform is too high right now, but it’s time to get the act together in thinking about the security and privacy of every human user of Facebook.
The feature, like all other strange features, turned itself on by default. Which means anyone and everyone would be vulnerable. This type of feature can easily broaden the range of stalkers and make it easier for people to track your location.
Or let’s see it in Facebook’s eyes: “We’re always testing new features”. IS THAT THE KEY TO YOUR BUSINESS PLAN? For what it’s worth, Facebook, there are a lot better ways to stretch your business without hurting the privacy of others. WHY does every new feature have to do with privacy? Hello! The target of social networking is to bring people closer mentally/emotionally (already connected public friends), but not physically closer.
Some of the biggest computer security issues in the coming weeks of the Summer include (no specific order):
- Olympic games, possible terrorism involvement. Also, look out for scammy/spammy emails, including different issues – such as: Watch Olympic results online now, or even Win Free Tickets to the Olympics. Websites that allow broadcasting for the Olympics are going to be highly targeted. Look out for issues, especially when a lot of people from a lot of different countries want to check it they’re team won.
- Your Summer Vacation, may be the time where you lose your smartphone or laptop or tablet, etc. Be careful not to take too many gadgets…after all, the more you have with you, the more you have to keep track. If you’re commonly irresponsible or less careful, then try to take only one-to-two devices at maximum. Also, don’t be announcing to Twitter, Facebook, FourSquare, etc. that you are leaving your home for a while. This produces a great home security risk, mainly for people whom know where you live.
- Politics and cybercrime don’t mix well! Expect trouble in your inbox, pasted all over advertising, etc. about the upcoming Presidential Election. Don’t click on ads in different websites, or in spam emails about politics. It’s a bunch of propaganda, FUD, and mindless brainwashing…that’s just half. The other half: malware of course! 😀
- Black Hat & DefCon conferences are this Summer. Expect no less than a wild ride for vulnerabilities, strange new malware, and lots of fancy code to look at. But seriously, don’t fall for vulnerabilities. Keep your computer secure by following the ad below. It’s an ad you SHOULD click on!
In order to protect your computer against these types of threats, it is recommended to have a good Internet Security suite, that protects your computer against malware and protects your inbox against spam attacks:
BOUNTY HUNTERS: PayPal is offering sweeter deals!!
PayPal Chief Information Security Officer, Michael Barrett said on the PayPal Blog:
Today I’m pleased to announce that we have updated our original bug reporting process into a paid “bug bounty” program. The experience from other companies such as Facebook, Google, Mozilla, Samsung and others who have implemented similar programs has been very positive. I originally had reservations about the idea of paying researchers for bug reports, but I am happy to admit that the data has shown me to be wrong – it’s clearly an effective way to increase researchers attention on Internet-based services and therefore find more potential issues.
The bug reporting program has many different steps:
- Bug reports are submitted by researchers.
- The report is then categorized by the following criteria: A. Cross-site scripting (XSS), B. Cross Site Request Forgery (CSRF), C. SQL injection, D. Authentication bypass.
- Severity and priority is determined.
- Researcher is paid in their PayPal account.
See more information, if needed, on the PayPal Blog.