Facebook and the never ending talks about privacy

As each day goes by, I see more and more people complaining when it comes to Facebook and privacy:

I’d like to make my friend list private. Cannot.

I’d like to have my profile visible only to my friends, not my boss. Cannot.

I’d like to support an anti-abortion group without my mother or the world knowing. Cannot.

And these are things that get shared while Facebook is being conscious and while their users have previously agreed to this.

It gets even worse. Let’s think of all the information that can get leaked without anybody wanting it, neither Facebook, neither the users. Let’s take a look at the latest publicly disclosed Facebook vulnerability. Yes, livechat sessions potentially exposed to attackers. Friend lists and other personal data that could get compromised. Pretty bad.

You’re not under control, no matter how much you would like to be. Try to imagine for a moment that everything would be perfect. Facebook would have 100% accurate and customizable privacy controls and only your few really good friends will be able to access your phone number or the pictures of how you got drunk during last night’s party. Also, the social networking platform itself would be technically flawless, with absolutely no vulnerabilities. I know, it’s an utopia, but we have to push things to the extreme. Even in this heavenly world where everything is perfect, imagine one of your trusted Facebook friends gets infected and his account gets compromised. From this point, everything that you carefully shared previously can potentially reach any audience. And it’s not even your fault.

The solution is simple. Just delete your account. Problem solved. Simple, huh? Yes, but let’s face it, we’re not going to do this anytime soon. We’ll continue to complain, only to go back home and log-in to Facebook once again.

I propose something different. And I’m always giving this advice to anyone who asks me about privacy and social networks: as long as you have a social networking account, make sure you behave thinking that sooner or later, the things you do online can be seen by anyone. Expect the best, but think of the worst. Don’t upload a picture, don’t post a link or a comment unless you are prepared to take responsibility for your actions. I know it might be hard to decide, but if in doubt, just don’t do it. Don’t do it unless it’s something that you’re ready to share with any person from your past, present or future life. Be honest to yourself first and you won’t have any problems. I think it’s common sense.

Facebook and the never ending talks about privacy

Your email address will not be published. Required fields are marked *



Operation TunnelSnake

A newly discovered rootkit that we dub ‘Moriya’ is used by an unknown actor to deploy passive backdoors on public facing servers, facilitating the creation of a covert C&C communication channel through which they can be silently controlled. The victims are located in Africa, South and South-East Asia.

APT trends report Q1 2021

This report highlights significant events related to advanced persistent threat (APT) activity observed in Q1 2021. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports.

The leap of a Cycldek-related threat actor

The investigation described in this article started with one such file which caught our attention due to the various improvements it brought to this well-known infection vector.

Subscribe to our weekly e-mails

The hottest research right in your inbox