Twitter, Facebook Hacks Last Week Good Reminders Of Socialmedia Identity Security–Ugggh not Ugg Boots

Taken from CIO Ugggh….last week we were reminded of how social media platforms are vulnerable to identity security problems. Two colleagues of mine were hacked in the twitter and an add was posted to my facebook account via cross-posting feature in Facebook (I love uggh boots, I just didn’t plan on advertising them on my Facebook account.  More about this later).  One of the powerful aspects of social media sites is the extended conversation that users can have with their friends, colleagues and communities that participate.  However, if social media sites don’t work more aggressively to thwart security holes in their platforms they will undermine the credibility and trust they have worked hard to gain with the mobile IT generation.  This is not a new problem. 

The twitter hack is not a new one and in the short term can be rectified by changing one’s password immediately.  However, with the simplicity of being able to acquire the password there seems to be a problem that the twitter team needs to plug immediately.  I have severely restricted my link clicking activities as a result of these vulnerabilities and tell family members not to click links when possible.  However, this takes the fun out of getting access to content quickly or participating in events that are happening immediately (e.g. conferences, concerts, etc.).  

As for the cross posting via Facebook, first let’s talk about what constitutes cross-posting.  Cross-posting is a great feature if used properly.  It is a way for you to post to wider groups of people and this is useful as communities sometimes do not always overlap. Simply put, it is where a bot or user puts a comment in a blog that has been posted to Facebook or other social media site. Because a trust relationship has been established between the post and social media site comments are "retweeted" to the social media site it has been published. 

I have three options to ensure that this does not happen in the future.  One, do not post/share blog entries on Facebook; two, remove the trust relationship from Facebook to my blog; three, review all comments before allowing to be published to my blog. All of them are not good options.   I will probably choose the third because it allows me to still share my blogs with my friends on Facebook but yet maintain some level of control over what is "retweeted" to my friends.  Each of the blogging platforms allows a different level of control and easy access to the social media platforms so investigate and determine which is best for you.

Lastly, here is a quick overview of the top 8 social media hacks as of August, 2009 by Michael Eggebrecht from CIO Zone (thanks for the great picture top left).  He outlines the top 8 social media hacks so far (e.g. Koobface, Twittercut, Best Video, etc.).  If you are not reading Mashable  already then I suggest taking a peruse as they have great coverage of different events and issues associated with this emerging space.

This entry was posted in Access Management, Identity Management, Personal, Security News. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s