Search Blog

Jun 7, 2011

New Sheriff in Town

So, it's been around eight months since I last addressed FaceBook privacy settings. Today I noticed a new value in the mix and thought I'd explain it; then also it seemed prudent to explain some of the things I've done lately regarding security.
The new setting can be found in the main Privacy entry. It is a checkbox entitled, "Let friends of people tagged in my photos and posts see them." This does sound relatively innocent, and it is - but there are loopholes to consider.
What this does it overrides the album security for a photo where people are tagged. Of course, most people's first thought is yes, I want those I tag to see this picture; yes, I want all of those to be exceptions. But hold on, this isn't the WhiteHouse where party-crashers are welcome; this is your Facebook page! You probably have your photos set to allow friends to tag them or suggest tagging as well. I'll have to verify where those parameters live. Anyway, the point is if someone else is empowered to tag others in your photos, then they can make an exception to your security without your permission. Maybe this is fine with you; maybe it's not. But I bet Senator Wiener wished he'd have thought about that.
Moving on to my current privacy ideas. Many of you know, I blocked everyone from even seeing my wall at all for a while. Mainly, this was in response to several wall-posting viruses that ran around recently. Who wanted that big baby anyway? However, today I've opened things up again.
However, the first and foremost best new security feature added is the HTTPS setting. I highly recommend it, and it's located in "My Account Settings" under "Account Security." Now it is still technologically possible to hi-jack and redirect through HTTPS. However, the hacker will have to be using an HTTPS setting on the malicious app server. To have that, the HTTPS must be registered through a third-party verifier like Verisign or Thawte. Again, not impossible, but it makes things better audited and offenses more likely to be least for now. I imagine there are rogue third-party certifiers out there, but they probably don't last long before being black-listed from the internet's ROOT routers....uh...non-techies, just set it!
While still in the Account Security section, let's consider the other options there. Login Notifications is a great idea. If you use cyber-cafes, it might not be so handy, but if you primarily use only your phone or PC, then this is wonderful. Anytime a different device (or you restore your PC way back) successfully logs into your account, a user-defined name for the device must be given. This alone stops several simple scripts and malwares out there. However, after defining it, an email is sent to the email address with which you use to login. This means if you get an email telling you that you've just logged in from a new device (when you didn't) - then you know something's up. With one further step, you can require a code be approved for that new device. You can see this is handy for both automated mischief and former girlfriends alike.
Going back to my wall settings, I can't stress using Friend Lists enough. Think about how you want to group people together, who likes what, who gets offended by off-color jokes, and who of your friends (like me) might cross the line on your thread. Make lists based on logical groupings for yourself. These lists can be designated as the only ones to see a post, album, note, whatever - or a whole group can be blocked too. Just use the Custom setting on the little lock next to the Share button. It's intuitive, but contact me directly if you need tutelage.
Be careful how you set your default security value. This is what is used from interfaces where security cannot be set, like text message status posts. So, if you post pics from the strip bar and have "everyone" as your default then perhaps you too can be a Senator. But I digress.
Further, you use those lists to control who can see almost every setting. In my case, I've created a "Call See Wall" group. Only people in that list can see my wall at all because FB only permits those in the default security setting to see your wall. While my posts may still go to their news feeds (security-pending), people not in that list are unable to cull back through the history of my every statement. This is *my* default security setting found as "Posts by me" in the "Things I share" section. This also means if I want to push my status to others outside this list, I have to override it with the lock icon - and texts and the FB Droid app will be limited. I use an app called Poof to post things with security; I recommend it for Droid users. It also allows auto-expirations of items. Very important if you're dumb enough to drink with your smart phone handy.
Finally, in the privacy setting to find "Friends can post on my wall" in the "Things others share" section. This is how you shut off your wall to others. Uncheck it and no one can see your wall. However, using that default "Can See Wall" group as the default and checking this setting, then only those in the list can post as well. Because while all friends can post to it, only those who "Can See Wall" have the "Share" box available. So, this is how we can get around the perceived all-or-nothing rule of wall-posting.
Taking this one step further, I decided even friends who know each other probably don't need to see or comment on wall-postings from other friends. So, I set "Can See Wall posts by friends" to "Only Me." This way only the person who can see the wall post is the account that put it there. Similar to a private message. This could be widened to a "Best Friends" group or something, based on personal preferences. But remember if you widen your viewing privileges, then it also applies to those historical wall posts by friends and might be researched by the nosy and the bored - for what that's worth.
Anyway, there it is. My latest class on FaceBook. Student enrolled at OU, you just earned 3 hours credit for reading this blog. I'll expect at least one Pokes-bashing joke back in the comments now.