I recently came across this research into risk reduction strategies for using Facebook – particularly by teenagers. The main article talks about “Super-Logoff“, but it was a comment below the article that educated me about “Whitewalling“.
I love this. The simple idea that yesterday’s wall posts are yesterday’s news. Not only may they be irrelevant, but once forgotten who knows how they may come back to bite you? They’re still there, discoverable by other users and of course by the API.
These insights challenge my assumption that the next generation of adults won’t care about privacy. Teenagers may not have quite the same concerns as I do about these issues, but it’s fascinating to see how a website (designed by adults) leaves them to solve their own problems their own way.
Read more…
I recently saw this paper: “Facebook Tracks and Traces Everyone: Like This!”
(download the PDF)
Short version
Zuckerberg's 'open' and 'connected' world
Every time you merely visit a site that displays a Like button, data is sent to Facebook which includes the address of the site you are visiting. Assuming you’ve also logged into Facebook, they have all the information they would need to associate these external page views with your Facebook identity.
What are they actually doing with this data? Possibly nothing, but I don’t see any statement saying “Don’t worry, we don’t store web page URLs you view, even though we could“. The usual guff about ‘anonymized’ data and cookies being required for functionality doesn’t quite cut it with me. This is Big Brother stuff, and they need to be crystal clear about what they could do and what they are doing. Read more…
Two related events happened yesterday, which caused me to write this post.
1. Facebook announced their new messaging system. Project Titan, ‘Gmail killer’, etc..
2. A series of fake Twitter accounts sprung up, offering invites to Facebook’s new system.
Read more…
Off the back of all the recent Facebook changes I just read the OAuth 2.0 spec – it’s currently in a draft state, and according to this page, Facebook is currently the only implementation in the wild. This new spec attempts to pull together various authentication journeys rather than just the typical web app model. This is a great news – It seems to accommodate many different situations across differing devices with different capabilities, while maintaining a good level of consistency.
You didn’t expect me to have only nice things to say, did you? There are a couple of things I have to question. Read more…