Skip to main content

Security and Privacy in Social Networks

Image
By

The popularity of social networking sites has increased at astonishing levels. Social Networking websites such as Facebook, Twitter, MySpace and LinkedIn have been growing rapidly within the past few years with now over two billions users. Almost every computer literate person has at least one social network account, and they spend a large amount of their time on social networks each day.
Social networks can be described as web applications. People may use social networking services for different reasons: to network with new contacts, reconnect with former friends, maintain current relationships, build or promote a business or project, participate in discussions about a certain topic, or just have fun meeting and interacting with other users. Some services, such as Facebook and Twitter, have a broad range of users, while others cater to specific interests. For example, LinkedIn has positioned itself as a professional networking site—profiles include resume information, and groups are created to share questions and ideas with peers in similar fields. On the other hand, MySpace is known for its emphasis on music and other entertainment. There are also social networking services that have been designed specifically to reconnect former classmates.
With these social network characteristics and the more aggressiveness of attacker’s methods, privacy and security issues in social networks has become a critical issue in the cyber world. Therefore, this paper will present a survey on privacy and security issues that occur in online social networks. The next section of the paper will present different privacy and security issues in online social networks. The issues include privacy issues, identity theft issues, spam issues, malware issues, and physical threats issues.

What Information is Public? 
There are two kinds of information that can be gathered about a user from a social network: information that is shared and information gathered through electronic tracking.

  • Information a User Shares

    Information a user shares may include:
  • Photos and other media.
  • Age and gender.
  • Biographical information (education, employment history, hometown, etc.).
  • Status updates (also known as posts).
  • Contacts.
  • Interests.
  • Geographical location.
This information becomes public in a variety of ways:
  • A user may choose to post information as “public” (without restricting access via available privacy settings).
  • Certain information may be publicly visible by default.  In some situations, a user may be able to change the privacy settings to make the information “private” -- so that only approved users can view it. Other information must remain public; the user does not have an option to restrict access to it. 
  • A social network can change its privacy policy at any time without a user’s permission. Content that was posted with restrictive privacy settings may become visible when a privacy policy is altered.
  • Approved contacts may copy and repost information – including photos – without a user’s permission, potentially bypassing privacy settings.  
  • Third-party applications that have been granted access may be able to view information that a user or a user’s contacts post privately.  
Social networks themselves do not necessarily guarantee the security of the information that has been uploaded to a profile, even when those posts are set to be private. This was demonstrated in one May 2010 incident during which unauthorized users were able to see the private chat logs of their contacts on Facebook. While this and other similar bugs are usually quickly fixed, there is great potential for taking advantage of leaked information.

  • Information Gathered Through Electronic Tracking

Information may also be gathered from a user’s actions online using “cookies” (short strings of text stored on one’s hard drive).   Some of the purposes of cookies may include:
    • Tracking which websites a user has viewed.
    • Storing information associated with specific websites (such as items in a shopping cart).
    • Tracking movement from one website to another.
    • Building a profile around a user.In fact, a 2009 study conducted by AT&T Labs and Worcester Polytechnic Institute found that the unique identifying code assigned to users by social networks can be matched with behavior tracked by cookies. This means that advertisers and others are able to use information gleaned from social networks to build a profile of a user’s life, including linking browsing habits to one’s true identity. 
Some fraud techniques to watch out for include:
  • Illegitimate third-party applications. These rogue applications may appear similar to other third-party applications but are designed specifically to gather information. This information may be sold to marketers but could also be useful in committing identity theft.   These applications may appear as games, quizzes or questionnaires in the format of “What Kind of Famous Person Are You?”
  • False connection requests. Scammers may create fake accounts on social networks and then solicit others to connect with them.  These fake accounts may use the names of real people, including acquaintances, or may be entirely imaginary.  Once the connection request is accepted, a scammer may be able to see restricted and private information on a user’s profile.

Malware
Malware (malicious software) is a term that describes a wide range of programs that install on a user’s computer often through the use of trickery. Malware can spread quickly on a social network, infecting the computer of a user and then spreading to his or her contacts.  This is because the malware may appear to come from a trusted contact, and thus users are more likely to click on links and/or download malicious programs.  

Some common techniques used in spreading malware include:
  • Shortened URLs, particularly on status update networks or newsfeeds.  These may lead the user to download a virus or visit a website that will attempt to load malware on a user’s computer.
  • Messages that appear to be from trusted contacts that encourage a user to click on a link, view a video or download a file.
  • An email appearing to be from the social network itself, asking for information or requesting a user click on a link. 
  • Third-party applications that infect computers with malicious software and spread it to contacts.  
  • Fake security alerts – applications that pose as virus protection software and inform the user that his or her security software is out-of-date or a threat has been detected.  

Anonymity on Social Networks
Many users of social networks choose to mask their real identities.  This may be done via anonymity (providing no name at all) or pseudonymity (providing a false name).Some people who may prefer an anonymous or pseudonymous persona include, but are not limited to:
  • Individuals with medical conditions who want to discuss symptoms and treatment without creating a public record of their condition
  • Bloggers and activists engaging in political discourse, especially on controversial issues
  • Teachers and childcare workers
  • Medical professionals, including mental health professionals
  • Law enforcement agents, prosecutors, parole and probation officers,  judges, and other court employees
  • Victims of stalking, sexual assault, and domestic violence
  • Children and youth
  • Jobseekers

General Tips for Using Social Networks

§     Delete cookies, including flash cookies, every time you leave a social networking site.
§     Don’t publicize vacation plans, especially the dates you’ll be traveling. Burglars can use this information to rob your house while you are out of town.
§     Be aware that your full birth date, especially the year, may be useful to identity thieves.  Don’t post it, or at a minimum restrict who has access to it.
§     Don’t post your address, phone number or email address on a social network.  Remember scam artists as well as marketing companies may be looking for this kind of information. If you do choose to post any portion of this, use privacy settings to restrict it to approved contacts. 
§     Use caution when using third-party applications.  For the highest level of safety and privacy, avoid them completely.  If you consider using one, review the privacy policy and terms of service for the application. 
§     Take additional precautions if you are the victim of stalking, harassment or domestic violence.
§     In the event that your social networking account is compromised, report it to the site immediately and alert your contacts.  You will need to change passwords, but proceed with caution because your computer security may have been 
§     If you are using a social networking site that offers video chatting, pay attention to the light on your computer that indicates whether or not your webcam is in use. This will help you avoid being "caught on camera" by accident.
§     Be sure to log off from social networking sites when you no longer need to be connected.  This may reduce the amount of tracking of your web surfing and will help prevent strangers from infiltrating your account.
§     Remember that nothing that you post online is temporary.  Anything you post can be cached, stored, or copied and can follow you forever.
§     Check your privacy settings often.  Privacy policies and default settings may change, particularly on Facebook.
Labels:

Comments

Post a Comment

Popular posts from this blog

Team Work - Meaning and Tips for better Team Work

By
A single brain is not always capable of making key decisions on its own. To come up with an efficient solution, an individual requires the help and advice of others. A team is established when individuals get together on a common platform with the common goal of completing a task. To guarantee optimum compatibility, team members should ideally come from similar backgrounds and have a single aim. To provide their best, the team members must complement each other and function as a single unit in tight cooperation. "There is no I in Team Work," as the saying goes, and each member must put the needs of his team first. Personal interests must take a second seat. Any team's performance is directly proportionate to the relationship between its members and their combined efforts. What is the definition of teamwork? Teamwork is defined as the sum of each team member's efforts toward the fulfilment of the team's goal. In other words, any team's backbone is its ability t
Post a Comment
Read more

Scientists discover a new theory / The fundamental property of light – 150 years after Maxwell

By
Light plays a vital role in our everyday lives and technologies based on light are all around us. So we might expect that our understanding of light is pretty settled. But scientists have just uncovered a new fundamental property of light that gives new insight into the 150-year-old classical theory of electromagnetism and which could lead to applications manipulating light at the nanoscale. It is unusual for a pure-theory physics paper to make it into the journal Science. So when one does, it’s worth a closer look. In the new study, researchers bring together one of physics' most venerable set of equations – those of James Clerk’s Maxwell’s famous theory of light – with one of the hot topics in modern solid-state physics: the quantum spin Hall effect and topological insulators . To understand what the fuss is about, let’s first consider the behaviour of electrons in the quantum spin Hall effect. Electrons possess an intrinsic spin as if they were tiny spinning-tops,
Post a Comment
Read more

19 Types Of Content Writing Services For Your Business

By
  It’s hard to know which type of content writing service is the best for your business.  There are so many  different types of content writing services  out there that it’s easy to get confused. You end up wondering if you’re choosing the right one for you. In this post, we’ll get rid of this confusion, once and for all. I’m going to list out the different kinds of writing services you could use.  By the end of this article, you’ll know whether you need a copywriter, a content writer, or a social media marketer and how they can help you achieve your business goals. This post is also useful for writers who want to hone their writing skills in a specific area. Let’s dive in and learn what types of content writing services exist and when you should use them. (Bonus – if you want to  hire the top 1%  of writers, go to the bottom to learn how). Types of Content Writing Services As we go through the list of content writing services, you will find that many of them overlap. That’s perfectly
Post a Comment
Read more