Sophos Naked Security urges Facebook privacy

Sophos Naked Security urges Facebook privacy

Tags: data privacy Facebook Naked Security Sophos

By Security Asia Editors | Apr 20, 2011

comments

Digg

print

Sophos's Naked Security site has written an

to Facebook, calling upon the social networking giant to address three security issues. Sophos urges Facebook to create a safer environment for its 500+ million users and show its commitment to improve privacy and safety on the internet.

In the open letter, Sophos proposes the following three-point security plan and asks Facebook to commit publically to a timetable for its implementation:

Sophos Naked Security's Three-point plan:

1) Privacy by default - No more sharing of information without your express agreement. Whenever Facebook adds a new feature to share additional information about you, Facebook should not assume that you want this feature turned on.

2) Vetted app developers - Only vetted and approved third-party developers should be allowed to publish apps on the Facebook platform. With over one million app developers already registered on the Facebook platform, it is hardly surprising that Facebook's service is riddled with rogue applications and viral scam.

3) HTTPS for everything - In a welcome first step, Facebook recently introduced an HTTPS option, but left it turned off by default. Worse, Facebook only commits to provide a secure connection "whenever possible". Facebook should enforce a secure connection all the time, by default. Without this protection, users are at risk of losing personal information to hackers.

"Facebook is no stranger to making headlines for all the wrong reasons when it comes to security and privacy. The Sophos three-point plan would turn Facebook into the good guys and also be a real safety step-up for its 500 million users," said Graham Cluley, Sophos Naked Security. "Facebook is popular and successful and is not going away. So it is essential that Facebook takes proper care of its users by making their security and privacy a top priority."

"Our question to Facebook is this - why wait until regulators force your hand on privacy? Act now for the greater good of all," urged Cluley.

comments

Digg

print

Similar

Add comment

Post a Comment

Your name: *

E-mail: *

The content of this field is kept private and will not be shown publicly.

Homepage:

Comment: *

Input format

Filtered HTML

Web page addresses and e-mail addresses turn into links automatically.
Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <a> <p> <span> <div> <h1> <h2> <h3> <h4> <h5> <h6> <img> <img /> <map> <area> <hr> <br> <br /> <ul> <ol> <li> <dl> <dt> <dd> <table> <tr> <td> <em> <b> <u> <i> <strong> <font> <del> <ins> <sub> <sup> <quote> <blockquote> <pre> <address> <code> <cite> <embed> <object> <strike> <caption>
Lines and paragraphs break automatically.
Use  to create page breaks.

Full HTML

Web page addresses and e-mail addresses turn into links automatically.
Lines and paragraphs break automatically.
Use  to create page breaks.

More information about formatting options

Verification Code

This question is for testing whether you are a human visitor and to prevent automated spam submissions.

What is the fifth word in the phrase "oroqe topey avaxim yef bah"?: *

Similar

knowledge_central_tab

Knowledge Central

Accelerating the Deployment of the Evolved Cyber Range

Ixia BreakingPoint creates an Internet-scale cyber range environment from a single 7-inch-high device for arming and training cyber warriors. Learn how BreakingPoint can be used by organizations to defend national interests by assessing, educating, and certifying elite cyber warriors and equipping those forces to harden the resiliency of critical network and data center infrastructures.

A Six-Step Plan for Competitive Device Evaluations

This paper presents a six-step methodology for conducting competitive product evaluations that provide advance insight into the performance, security, and stability of devices within production network and data center environments. Following this will give insights on how to evaluate and select the network or security devices for Enterprise, Federal, and Carrier Infrastructures

A Case Study of Eurograbber: How 36 Million Euros was Stolen via Malware

This is a case study about a sophisticated, multi-dimensional and targeted attack that stole an estimated 36+ million Euros from more than 30,000 bank customers from multiple banks across Europe.

Symantec, Singapore school partner to nurture next-generation security talents

Symantec Corp. and the Singapore Management University will jointly train and equip IT security professionals with the latest knowledge and skill sets in information security.

Site map

Security Asia
About Us
Print/Digital Subscription
Feedback

Security Tips
Expert Opinions
Research

White Papers
Case Studies

Blogs

Topics
Application security
Disaster recovery and business continuity
Identity management and access control
Information security careers, training and certifications

Topics
Network and Internet Security
Security best practices
Security threats
Surveillance and facilities management

Media
Videos
Podcasts
Webcasts

News
Privacy Policy
Terms & conditions

RSS

Questex Asia media brands | Privacy | Terms & conditions
Telecom Asia | Enterprise Innovation | Computerworld Hong Kong | CFO Innovation Asia | Networks Asia | TelecomsEMEA | CRM Innovation | eGov Innovation | SMBWorld | SMB World Asia | Storage Asia | Security Asia | Asia Cloud Forum | Hotel Management Asia | Questex Asia Events

© 2013 Questex Asia Ltd., a Questex Media Group company. All rights reserved. Reproduction in whole or in part is prohibited. Please send any technical comments or questions to our webmaster.