As Facebook grew bigger and bigger, so did the issues surrounding it. Perhaps one of the biggest issues that the giant social network has always faced is just how secure it is. Left and right, we continue to hear about privacy issues, and how users have a lot to fear in this regard.
Recently, however, founder Mark Zuckerberg gleefully announced a host of new features that they are rolling out – features that are supposed to ensure the privacy of Facebook users. One would think that this just might put an end to all the concerns – NOT.
Even more recently, news about several popular Facebook applications giving away private information to advertisers. Zynga, the group behind the ubiquitous FarmVille and Mafia Wars, and LOLapps are among the platform developers that have been earmarked for the privacy breach. The official statement is that the leaking of private information was due to “technical details,” and that everything was accidental. Did we really expect them to say otherwise?
To give credit to Facebook, they admitted the breach, and say that they are taking steps to address similar issues coming up. Then again, isn’t this what press releases are for? Are the guys at Facebook really taking serious steps to solve security issues? Will the new features actually make access more secure for the average user?
Here are some of the new features that are supposed to make this so:
- Ability to remotely log out of Facebook: “Under the Account Security section of your Account Settings page you’ll see all of your active sessions, along with information about each session. In the unlikely event that someone accesses your account without your permission, you can also shut down the unauthorized login before resetting your password and taking other steps to secure your account and computer.”
- Temporary passwords: These are to be used when accessing Facebook in unsecure locations. “Simply text “otp” to 32665 on your mobile phone (U.S. only), and you’ll immediately receive a password that can be used only once and expires in 20 minutes. In order to access this feature, you’ll need a mobile phone number in your account.”
Check out Jake Brill’s blog post for more details.
As for the effectiveness of these features, we will just have to see in the coming weeks and months. Personally, I haven’t had the chance to use them!
Photo via pcworld.com.ph
It’s been a couple of years since the height of the “kill IE6″ web campaigns, and it took that long to hold a funeral that finally seals its fate.
Of course, the IE6 Funeral is an arbitrary event held by the Aten Design Group last March 4, and this doesn’t really eradicate the browser on computers that can’t upgrade.
Over at TechCrunch, commenter Jeff Carlson jokes: “So if someone uses IE6 to browse the web tomorrow, will their web browser be a Zomb-ie6 browser?” You could say that. After all, IE6 is way past its expiration date, sucking the brains out of web designers and developers with its buggy, unstable, insecure features from an ugly past.
Even Microsoft acknowledges it’s time for IE6 to go, as it actually sent over flowers and this note:
Thanks for the good times IE6, see you all @ MIX when we show a little piece of IE Heaven. The Internet Explorer Team @ Microsoft
On March 13, Google will end IE6 support on YouTube, following the March 1 pull-out for Google Docs and Google Sites. Gmail and Google Calendar are next on the list, slated by the end of the year.
Combined with the European government security warnings to upgrade browsers, could Google’s systematic phase-out be the final nail in the IE6 coffin, or is this slow death going to take at least another year?
I really hope this is it.
Web standardistas lament the outdated HTML and CSS support by IE6, but the biggest reason you should drop the browser stat is security, security, security. And if the following evidence from Google, the governments of Germany and France, and Microsoft itself do not convince you, I’m not sure there’s much else that will:
- The Chinese cyber attacks on Google (and at least 20 other large companies) got through because the exploited code worked only in IE6, on Windows 2000 and XP.
- The German and French governments have both asked its citizens to upgrade their IE6 browsers to prevent attacks happening to them.
- Microsoft released a security advisory warning against attacks specifically against Internet Explorer 6.
Mashable includes the three items above in its list, but the last one is the most compelling:
This will not be the last massive IE6 security breach: This flaw was unknown before Google’s groundbreaking China announcement. And it’s not the first flaw ever found with the browser — there are at least 142 vulnerabilities in IE6, 22 of which are not yet patched. Would you use armor that had 142 weak spots?
Internet Explorer 6 is a run-down browser with very little support for exploits. It’s more costly for businesses to leave it lying around like a ticking time bomb than exert effort to upgrade their systems.
The good news is, we’re getting bigger institutions stepping up against IE6. Let’s hope their spheres of influence really are that effective. You can’t get much bigger than European governments, Microsoft, or Google.
The Web Standards Project (WaSP) has just announced that members of the Internet Information Security Consortium (I2SecC) have discovered the real purpose of the infamous Conficker Worm, set to wreak havoc on millions of compromised systems on April 1st.
WaSP has also discovered that the best way to fight this malware is to ensure your websites are standards-compliant:
In order to ensure you do not fall victim to the worm’s botnet, I2SecC recommends immediate validation of the markup and supporting stylesheets for any Web site that you maintain and correcting any errors that are uncovered. As yet, it is unclear whether the worm will target sites that make use of non-standard DOM scripting; however, a message found by I2SecC researchers in an online forum believed to be from the worm’s creator or a close associate hints that it will: “your document.all are belong to us.”
April Fool’s! If only we could save the world from malware with web standards!
Conficker is very real, however, so please exercise caution today.
*/
