Email: 
Blog contents mailed once daily if updated.
Your email address is never shared
Thanks for visiting! If you're new here, you may want to subscribe to our RSS Feed. This blog posts regular updates about my personal insights, covering about me; my relationships, businesses, finances - whatever you can read about me! Go ahead, subscribe to our feed now! You can also receive updates from this blog via email (more RSS Subscription Options above).

Top 5 Risks You Don’t Know About Facebook May Be Harming You!

November 18th, 2007 by Wai Loong (6 Comments)

Just last week, I was hooked onto Facebook. In case you’re living under the stone, you’ve probably heard a lot of stories of Facebook all over the Web. The key I’m trying to point out, is that this baby is lightning fast to becoming one of Singapore’s hottest and biggest social networking portal in history.

If you’re reading this skeptically, I’m confident to tell you that there are at least 1 to 3 Singaporeans are being signed up every minute.

Even ping.sg has recently added a Facebook application for all her users (more about Facebook applications and the untold risks later).

Here are some statistics I’ve scanned from Alexa:

Facebook Alexa Traffic Estimate 2004 - 2007
>>> Click image to see a bigger view

Facebook Current Ranking - 01

Noticed Facebook is now ranked #8 in Singapore. Interestingly, Facebook is the #1 web site in Canada, with our neighbor Malaysia fast catching up. It’s not vey popular in China though (which means it may explode in China anytime soon!).

If you’re a stock trader, business owner, advertiser or social guru, this can get you sit upright and get really excited!

Facebook Current Ranking - 02

Social networking tools have served me satisfactory well over the years.

Personally, I don’t use friendster or MySpace, thought I’m quite happy to maintain birthday updates from Hi5.

When I first came to play around on Facebook (just last week!), I instantly recognized the tremendous advantages I can derive out of this tool!

You can use it as a very powerful and interactive weapon to keep in contact with actively networkable friends and colleagues.

Other ingenious use includes, but not limited to, email, messaging with close friends or colleagues, maintain birthday alert contacts, compete in games, syndicate your blog posts – you name it!

Facebook has a relatively short history on the Web.

It started out in year 2005 by Mark Zuckerberg, former member of Harvard university. A joint venture and later some investments took off and brought it to what it is today.

You can read the complete detailed history of Facebook on Wikipedia.

Even giant organizations like Google and Microsoft wants to buy over the business. I did a little spying on Facebook domain name and found the following traces:

How Facebook.com Looks Like Long before
Mark Zuckerberg bought over
the domain name:

Facebook before 2005 Jan 01

Facebook Back in 2005:

Facebook Back in 2005
>>> Click image for a bigger view

Facebook Today:

Facebook Back Today - 2007
>>> Click image for a bigger view

In my opinion, Facebook really take off exponentially by harnessing the power of sharing resources across highly targeted communities. Smart business owners can hire software developers to write Facebook applications that combines well-designed viral marketing components, such as games that targets young and responsive audiences.

That leaves you some risks to consider when you’re seriously using Facebook on a daily basis…

#1 – Social Addictions

Facebook users take pride in showing off the applications they enjoy. A quick scan on Google found a whopping over 1300 applications on iterating.com!

I believe that there’s over 3000++ unofficial Facebook applications, and that’s still counting by the hundreds – daily!

Anyone can use the Facebook API to create interactive applications.

Some of the most successful ones include games, community and networking tools.

Personally, I try not to play Facebook games, sticking only to networking tools because they’re already highly addictive enough! The use of Facebook applications are propelled using a very powerful concept called viral sharing. Designers of the software entice or bribe users with incentive to spread the word, such as to earn credits or game points in doing so.

Don’t believe me?

Take a look at the number of invites (application invites) I’ve gotten in about 1 week:

Facebook Games Invitation - 01Facebook Games Invitation - 02

Facebook Games Invitation - 03

I did some snooping around friend’s profile and identified some of the most addictive ones around:

  • Fluff Friends
  • Vampires
  • Zombies
  • Slayers
  • Werewolves
  • Hatching eggs
  • IQ Tests

Once you start playing with it, I can guarantee you’ll get hooked.

Remedy?

Maybe…

Distract yourself doing something meaningful

OR

So, don’t even start it! 😉

#2 – Cooperate Spying & Your Privacy

Let’s face it.

Statistics are collected by advertisers and Facebook employees. There are even more worries that anyone can be tracked by their employees. Law enforcers may also request and use data to spy on people with criminal behaviors.

There are even known reports of employers using Facebook to identify employees or commonly known as background checking. I’m not sure if that’s ever happening here in Singapore.

So it comes as no surprise for MySpace users who are already experienced with this kind of privacy intrusion for the greater good.

With the introduction of Facebook Social Ads, Facebook Insights and Facebook Polls, this get worse. Anyone can become an advertiser and use tracking tools to identify origins of visitors.

Other privacy related problems includes obsession on profile viewing.

It’s entirely possible for anyone to be obsessed enough to keep checking out another’s personal profile.

You’ll never be really sure if stalkers (hey, how come they’re your friend anyway?) are out there who may be obsessed with your beautiful photographs.

Resources:

#3- Cross Site Scripts (XSS)

As a security professional myself, this is something of grave concern. Even if you’re not interested to use Facebook, it’s something worth noting.

MySpace users may be familiar with this term for a long time. For instance, MySpace uses are allowed to use user defined CSS stylesheets and HTML formatting.

In fact, XSS is not limited to markup languages. Anything that allows embedding of Javascripts and are readily interpretable by your web browser is vulnerable.

Types of media that is likely to be affected includes, but not limited to:

  • Markup languages (eg. FBML – Facebook Markup Language etc)
  • Cascading Style Sheets
  • Images (eg. JPEG, GIF, PNG etc)
  • Flash Animations (eg. Google Video, YouTube etc)

Like many Web 2.0 applications, Facebook is built on the use of Ajax to provide highe user interaction and web experiences. Unfortunately, this technology adds the world to a larger set of computer security problems. XSS can be deployed on completely legitimate web sites through user inputs, such as malformed URL or markups to include malicious codes.

Personally, I’ve seen demonstrations of such attacks that can even be used to completely break into a user machine for all sorts of purposes. These purpose may include taking over the user machine as part of a botnet, launching deny of service attacks, spamming, hiding traces of cyber criminals etc.

Resources:

#4- Identity Thiefs and Phishing Attacks

Although most of Facebook is behind a login, preventing search engines from indexing, there are always ways a determined attacker can gain access behind wall. One common way is via social engineering, web email hijacking and passphrase phishing.

If you’ve been overly active on Facebook, it may be possible that there are crooks out there who may want to target your account for their own purposes.

Although Facebook email phishing is not yet on the horizon, it’s entirely possible to be widespread in the near future.

As for identity risk, losing anything personal is no doubt disturbing. No one likes to be masqueraded by another for online crimes or deeds against one’s will.

Only until today, Facebooks users are now empowered the rights to claim who they are (other than using their email address and passphrase). The purpose is useful in case your account is hijacked and the only way to restore your account is to correctly answer the challenge question requested by Facebook employees.

Facebook Security Question - 01

Resources:

#5 – Beware Wary of Who You Add & Track Your Time Lost Online

Time is previous – only to the wise.

Because Facebook can be so addictive, anyone can be so absorbed in playing games and adding new friends.

This may differ for your case though.

One thing I’m sure you’d like to start off is to carefully control who you’re adding on to your network of friends on Facebook. For instance, check to make sure the “friend” that claims who he or she is, is indeed one that you’re familiar with.

Social Engineering on Facebook - 01

As an added security, make sure you specify and confirms all relationship about the person you’ve added. Facebook includes an “I don’t even know this person” as a last option, which I personally think is quite useless. Most folks bypass this step and proceed.

Social Engineering on Facebook - 02

In case you’re totally paranoid, make sure you enable your profile view only to networks of friends instead of letting it open to public view.

Social Engineering on Facebook - 03

On the contrary (getting request invitations from friends), a good practice I use for adding friends and acquaintances is to add a personal message to my friend request.

This can vastly improve my own credentials, instead of a machine generated one where it’s cold and inhuman.

Also, did you notice the personal image above?

Even if you don’t care for your own image, it’s really helpful for your friends to identify and confirm that’s indeed YOU. That can be done by putting your recently taken photograph, and not anything else that can hide yourself. After all, being grateful and contented to look like who you truly are, is a great blessing.

In Summary:

Facebook is a hot and exciting networking platform for almost everyone.

Unless you’re overly contented with just emailing and text messengering, do not underestimate the powers of social networking tools that can help you maintain relationship with friends all over the world. As with any tools, a good personal understanding of the prevailing types of risks is your social responsibility.

No one cares more about your own identity and personal information other than yourself.

I look forward catching you on-board this exciting platform and remember to live life with passion!

Posted in Life

Other Interesting Writings...

Previous Posts:

Newer Posts:

::Comments::

6 Responses:

1
Soo May on February 20th, 2008 at 9:52 pm

Hi there,

Interesting piece you’ve got about Facebook 🙂

I’m a journalist reporting for Sph My Paper. I’m hoping to find out more about your take on “corporate spying” as mentioned in this blog post.

If you don’t mind, can you kindly drop me a mail with your email and contact number?
(I’ve entered my email address the form)

We can further discuss the details…

Hope to hear from you soon 🙂

Thanks!

2
Wai Loong on February 20th, 2008 at 10:10 pm

Hi Soo May!

Thanks for your interest!

I’m no expert in the topic of “corporate spying”, but I may be able to furnish you with what I already know.

I’m not sure if you mean “corporate spying” as to misusing of office time to do personal work, but I’m sure playing around with Facebook is an absolute no-no to almost all cooperate IT policies.

I’ll be happy to drop you a mail and my contact information if you are interested to discuss details.

Good day and thanks for dropping by! 😉

3
Soo May on February 20th, 2008 at 10:15 pm

Hi Wai Loong,

That’s very fast response from you! 🙂

What I meant by “corporate spying” is companies using social networking sites like Facebook to check on potential employees.

Maybe we can take this to further discussion over email?

Thanks so much!

4
Wai Loong on February 21st, 2008 at 2:50 pm

Hi Soo May!

I happen to be checking on my blog last night. 😉

Apologies for the late reply now!

I’ve drafted something hopefully useful to your research work. Do feel free to contact me if you’ve got any queries that I may be able to assist and answer withing my knowledge!

PS: I can also be reached via Facebook if you search for my full name.

5
MySpace vs Orkut on February 22nd, 2008 at 8:09 pm

We can judge the popularity of these sites by seeing their ranking in Alexa. Orkut has been steadily rising on the Alexa charts but MySpace is still significantly bigger than Orkut.com.

6
Wai Loong on February 22nd, 2008 at 9:57 pm

That’s right, and Facebook is on its way to catching up.

How successful Facebook will be in the future may depends a lot on how it keeps its user-base secure, its user safe from malicious attacks and how many developers are pouring in to make interactive and fun applications to keep its users coming back again and again.

It’s a tough race now as more competitive social networking sites are in the pipeline to gain a share into this lucrative business.

Leave a Comment

Please note: Comment moderation is enabled and may delay your comment. There is no need to resubmit your comment.

About Insights, Inspirations, Tranquility, Peace and Harmony

Ng Wai Loong

Wai Loong is an electronics engineer by profession. He currently resides in Singapore, a thriving hub at the heart of South-East Asia. When he is not so stress out on the computers or laboratory, he enjoys value reading, jogging at his own pace and blogging in his spare time. Other times, he likes to catch up with some close friends over a cup of latte or teh tarik. As a gift from this friend, you are invited to interact freely with him on his personal blog.

PS: May the person reading this blog transforms his/her businesses, finances, relationships and life for ALL to WIN!