Social Apps: The Devils in Disguise?
Article date: Thu, 19 Jan 2012 11:18 GMT
Social network applications are leaving an open door to our most personal of details.
Tending to the crops on your virtual farm, finding out who views your profile and sharing your favourite movie trailers may seem like harmless ways to use social networks but oblivious users are accepting application requests without considering who they are allowing to access their personal data.
Having 'apps' connected to your Facebook, LinkedIn or Twitter profiles provides an open-door for the third party behind the app to access your profile and all of your personal data within.
UKFast technical director Neil Lathwood explained the risks that this security flaw poses for social networkers: "Having all of these apps to entertain us is great, but many people do not realise that by using these apps they are effectively inviting people to use their personal data in whichever way they want . We really need to start considering the consequences of having all of our data readily available to unknown third parties.
"Facebook acts as a narration of our lives and with the introduction of the new Timeline feature, more people are filling the gaps in their profiles, adding illnesses, significant events and employment details to name a few. This information is incredibly valuable to identity thieves and cybercriminals."
As revealed by UKFast's security experts last year, the information that we share on social sites provides cybercriminals with the clues that they need to guess passwords and break into online accounts - from social media to online banking.
Lathwood continued: "With Facebook predicted to pass the 1 billion users mark this August, the site is a prime target for criminals to mine data from. Users must be more savvy with whom they are sharing their personal data or risk cybercriminals accessing more than just their Facebook or Twitter accounts."
Facebook launches its latest innovation this week - Timeline Apps - which has caused further security concerns. The permissions protocol linked to the apps, 'frictionless sharing' says that apps only need initial approval to post on your timeline and profile. This means that the app can continue to make posts on your behalf without asking for permission.
UKFast has issued the warnings as part of the build up to European Privacy and Data Protection Day on January 27, an annual event designed to raise awareness of data protection and online security.
Lathwood said: "Data Protection Day is the perfect time to raise awareness of the risks that we inadvertently take online. We can monitor the apps that have access to our profiles using websites such as http://mypermissions.org/ which take you directly to the permissions page of the site where you can manage these apps."
print this article.Return to Press Releases