Tag Archives: security

I recently came across this research into risk reduction strategies for using Facebook – particularly by teenagers. The main article talks about “Super-Logoff“, but it was a comment below the article that educated me about “Whitewalling“.

This page is left intentionally blankI love this. The simple idea that yesterday’s wall posts are yesterday’s news. Not only may they be irrelevant, but once forgotten who knows how they may come back to bite you? They’re still there, discoverable by other users and of course by the API.

These insights challenge my assumption that the next generation of adults won’t care about privacy. Teenagers may not have quite the same concerns as I do about these issues, but it’s fascinating to see how a website (designed by adults) leaves them to solve their own problems their own way.

Continue reading…

I recently saw this paper: “Facebook Tracks and Traces Everyone: Like This!
(download the PDF)

Short version

Every time you merely visit a site that displays a Like button, data is sent to Facebook which includes the address of the site you are visiting. Assuming you’ve also logged into Facebook, they have all the information they would need to associate these external page views with your Facebook identity.

Continue reading…

Off the back of all the recent Facebook changes I just read the OAuth 2.0 spec – it’s currently in a draft state, and according to this page, Facebook is currently the only implementation in the wild. This new spec attempts to pull together various authentication journeys rather than just the typical web app model. This is a great news – It seems to accommodate many different situations across differing devices with different capabilities, while maintaining a good level of consistency.

You didn’t expect me to have only nice things to say, did you? There are a couple of things I have to question. Continue reading…