News

Facebook list highlights need for education and responsibility, say security experts

Warwick Ashford

Privacy groups are up in arms about the publication of a list of more than 100 million Facebook users, containing their names, unique IDs and links to their Facebook profiles.

The list was compiled and published online by security consultant Ron Bowes, who scanned Facebook profiles to capture data not hidden by users' privacy settings.

Despite the furore, other security experts have pointed out that the collated information was already in the public domain and could be accessed at any time.

Paul Vlissidis, technical director at security consultancy NCC Group, said the incident highlights the need for users to take some responsibility for their own privacy.

Facebook users should ensure that their profile and personal details are suitably privatised so that they cannot be exposed.

Privacy groups are seeking to shift the blame entirely to the social networking site, claiming the incident proves Facebook's privacy settings are still too confusing.

Vlissidis said the publication of the list should serve as a wake-up call to those putting personal information online to take responsibility for keeping it secure.

Richard Turner, chief executive at security firm Clearswift, said the incident demonstrates that there are risks associated with social networking tools.

As business seek to use these tools, there is a real need for them to understand fully how secure information is and what is open to being shared, he said.

"There is a need for need for more knowledge around how the web works, how data that is shared can be seen by others," said Turner.

If businesses are embracing this channel then they need to be leading the way on this process of education, he said.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy