Social networking and the security issues surrounding it.
BY: JahnDaBaptist
Remember the times when technology, in its infancy was some video game systems like Nintendo, Atari, and SEGA was what you and friends would gather around and share gossip while playing a few games or when you would go to the park and play sports with friends and that was the meeting place to chat and share gossip. Sending paper notes back and forth in school as a youngster to friends and you would fold then seal them a certain way. Many people know what I’m talking about. Computers were rarely in the home and internet, huh, are we talking internet? I mean come on internet, was something no one really had any idea about let alone the Ideas of one day having this thing be a mass communication network full of all the wonders of the world, something circulating through any and almost every electronic device now. Even house hold appliances like refrigerators, stoves, and microwaves. Well people welcome to the NWO (New World Order). Oh how the times have changed. Computers in every home, internet, social media, social networks, we have become people of the NET. We put everything out here for the world to look at or marvel over or comment on. Information sharing has become very easy with the invention of Facebook, Twitter, Myspace, Blackplanet, and LinkedIn, the social networks that allow us to connect with friends abroad and even to make new friends across the world. We post pictures for family and friends to see that are not within close proximity using photo sharing sites like, Flickr, photobucket, and photospace just to name a few. All this information about ourselves accessible to those whom we want to make know our triumphs of life. But I pose this question when is enough, enough and how to we make sure that the information we do post doesn’t work against us in manners that could be detrimental to our life style. There are definitely security risks involved and there is an ongoing and ever going task to constantly make sure that information is not being used in a malicious manner. I want to expose some of the questions posed about security of information as our world is so ever evolving into the NET as I say.
Social Networking
Social networking sites such as Facebook, Twitter, and LinkedIn have grown in popularity in an astronomical level. There is no arguing that these sites can be very useful in that they can be used to keep professional contacts and networking. Used as a tools to advertise and produce sales revenue. They can also be used as a tool to keep the public informed, to keep up with contacts, old and new. Also to reconnect with contacts otherwise deemed lost. We all have that friend that we lost contact with and wonder sometimes “hey I wonder what Jimmy has been doing all these years” Social networking sites are good for pulling together groups of people with similar backgrounds or interests.
There is also another side to social networking, a security side to be aware of. With social networking and the posting of this information we must keep a security conscious mind to the possibilities of what I call the new social engineering frontier. Social engineering by dictionary definition is “the art of manipulating people into performing actions or divulging confidential information. “ So I ask why manipulate when people readily put information out here for the world to see? How that information gets used depends on the intentions of those using it. It's simple, for example, to set up a phony ID on any of these sites to gain the trust of people in a company--particularly a large company where no one can possibly know everyone else. From there, it's as simple as setting up a phishing scheme driven by the person everyone assumes is a colleague. It works every time. Personal data on social networking sites can be manipulated by attackers.
People readily make post about their daily life and the things they are doing some of which are harmless and some of which in the wrong hands could be potentially dangerous. Some common post which people are known to do
- “Cant wait to go on vacation next week, will be gone the whole week wooohoo.”
- “I came home from work and my dog dug a hole in my back yard, this sucks. Bad doggy Crujo”
Looking to these statements does anyone see the issue with this? I’ll point out one prime issue with the first statement, you have just let the world of friends know and friends of friends and anyone who may somehow see you post that you will leave your home, absent from there for a week. That’s equal to posting a billboard stating “Empty House” for all passersby to know. Even if you have some security measures in place you have still created the temptations for the evil doers. The second comment you leave the door open for anyone to know information about you, like your dog’s name which can be a question that’s commonly used as a security question for websites when you sign up there and you have forgotten your password. For thieves this is easily manipulated into identity theft. With friends and family through general conversation these things might be revealed but posting for the whole world to see, there would definitely be a concern for security and safety.
There are also many add-ons and applications which accommodate some of the social networking sites, many of these which are harmless but some contain malicious content which can increase the chances of viruses, malware, botnets, and other things which may corrupt your computer or open up backdoor channels for Trojans . Things in which could be stealing your information and posting to an unknown source which then uses the information in an unauthorized or malicious way. Keep aware of the hoaxes associated with these sites, SPAM mail, botnets and others which may be malicious. Sometimes there may be messages which contain information that seems to be legit and come from a legit source but may have attachments or links which when clicked on could possibly cause you more harm. On Aug. 7, researchers at Sophos published information about an attempt by hackers to infect Facebook users by spreading messages with malicious links. According to Sophos, messages are left on Facebook users' walls that urge them to view a video that portends to be hosted on a Google Web site. Clicking on the link leads users to a site that tries to entice them into downloading an executable to watch the movie. The executable is the Troj/Dloadr-BPL Trojan horse, which in turn downloads malicious code detected as Troj/Agent-HJX and displays an image of a court jester poking out his tongue We have all seen the ones with the links looking something like this (http://tinyurl.com/yk52m or http://bit.ly/)Be aware of the risks and how to possibly try to protect yourself as we enter the NWO of information.
While there are many more security risks with social networking I believe we have touched on some main stream common ones that will start you on your way to a security conscious mind when it comes to social networking.