The Increasing Fragility of Social Networks: Protecting Yourself

A couple of weeks ago, I questioned whether or not privacy was available online.  As it turns out, not really.  An almost unending progress of spam, hacks, and loopholes in Twitter and Facebook over the past two weeks may well be steadily eroding away user confidence in these services.  Lately, it seems that the trend is to announce new services and quickly fix whatever has gone wrong – but only after users have been compromised.

Twitter’s Flaws

Last Monday, a Twitter user discovered that if he typed in “accept” followed by a Twitter username, that user would automatically follow him.  Typically, he posted this information on his blog (unfortunately not in English because the man was Turkish).  As a result, thousands of people learned about the bug and began forcing others, especially celebrities, to follow them.

Outcry followed despite the fact that Twitter assured users it was fixing the problem.  They did in fact fix it, but only after resetting hard-earned follower counts to zero for all users temporarily.  I was not on Twitter when it happened, but my account was full of people talking about the issue when I signed back on.  Follower counts are now restored.

Twitter is by definition public, so forcing certain people to follow you is no more than an annoying gimmick anyway.  Calling it a hack is a bit of a joke – posting through others’ Twitter accounts would have been a hack.  But for users who mark their streams as private, this could have been a huge violation and driven those people away from Twitter.

Amusingly, given that most of the fuss was over follower counts temporarily set to zero, we now know for sure that Twitter is mostly considered a popularity gauge.

Facebook’s Hacks

Facebook is getting a very bad rap these days.  Their Open Graph has not been welcomed by users in the least, and the fact that it’s so very difficult to opt out of anything has led to a plethora of how-to posts and general grumpiness on behalf of Facebook users.  A very popular post on Gizmodo gives 10 reasons why you should, in fact, quit Facebook completely, and last Friday May 14^th was the official delete your Facebook account day.

And people are at least trying to find out how to delete their Facebook pages.  If you type “how do I” into Google, “how do I delete my Facebook account” is the fourth suggestion.  Searches for the information have risen sharply since the Open Graph debuted, though no one has statistics for how many people have actually deleted their accounts.

Recent events seem to back these worries up completely.  Facebook’s own staff can’t even prevent their profiles being hacked, as it happened just last week to board member Jim Breyer.  And let’s not forget that a bug recently allowed us to view all the events that everyone, even owner and CEO Mark Zuckerberg, attended.  Yet another flaw was exposed which allowed users to view friend requests and chats of their friends just by attempting to preview their profile in a friend’s view; Facebook had to temporarily disable chat to fix the problem.

That’s not even the end of Facebook’s violations; as it turned out, Facebook’s Open Graph occasionally signed you up for certain websites after you’d visited without your consent.  Visitors were not greeted with the normal black banner offering a “no thanks”, there was simply nothing and no real way of knowing it had happened unless you checked your permissions on a regular basis.  This also has apparently stopped, but it’s very clear that Facebook was not prepared for the Open Graph.  Or, as some suspect, they simply didn’t care.

3 Steps to Protect Yourself

Now we know that nothing is sacred on social networks.  Here are a few tips on how to protect yourself and your data:

1. Don’t post anything on the internet that you don’t want to become public knowledge.  This may sound like a no-brainer, but don’t complain about your boss or your wife and don’t post compromising pictures of yourself or let others do so.  If you use your birthday or anniversary as your bank password, keep that information off social networks and user profiles.  If you wouldn’t tell a stranger you met on the street, don’t tell the internet.
2. On Facebook, don’t use third party applications.  At all. Most of them are simply designed to waste your time and get your money anyway.  Go through and block your friends’ applications from using your data, too, and use one of the many how to guides to close yourself off from the Open Graph. The social features can be useful, but if you’re keen on privacy, why risk it?
3. Pay attention to privacy settings on all websites and take the time to educate yourself about them before you sign up and start sharing.  Research their history and find out if breaches have occurred before.  If you don’t want anyone to find you on Facebook, you can hide from searches on the site and in search engines.  If you want to remain semi-private on Twitter, lock your tweets.  That will be enough to put off normal people, which might be all you need anyway.