Wed 29 Jul 2009
Social Media Security
Posted by andyitguy under information security, social media
[3] Comments
Social media is all the rage now. Everyone who is anyone is using it and many of them are getting taking to the cleaners from a security point of view. They have weak passwords, click on any and every link. Tell the world every little thing that they do and where they are. They post company info that shouldn’t be posted and they post pictures that most of us don’t want to see.
As security professionals we see this and we laugh, cry, scream and cringe at what we see. We tell those who will listen, laugh at those who won’t listen and in general just wish people would use some common sense. Unfortunately common sense is in short supply for many who use social media. I know someone who recently had her Facebook account compromised because she clicked on a link on a friends profile that promised to tell her who was stalking her on Facebook. She got pwned and then sent messages to all her friends that she wished had not been sent.
What we need is a well written comprehensive document that gives us some good common sense advice we can just hand to someone (or send them a link to it) that will help them stay safe on the intertubes. It just so happens that Brad Dinerman has written such a document and you can find it here and pass it on to those you know who could use some help with their Social Media activities.
not so much a comment on security or even social media, but on common sense itself. it seems to me that common sense (as we know it today) generally doesn’t come from a document.
i’m in complete agreement that putting more security-related info into the domain of common sense is a good thing, but … documents?
You are correct but the common sense does come from the author of the document and a document is a good medium to pass along to someone who needs a point of reference for some “good ole common sense”.
If your friend had been told or even shown the dangers of clicking links, do you think she still would have done it anyway or actually stopped herself or found a different way to open that link?
I’m not sure if talk will help so much as experience. Twitter is a step back to my days in IRC back in 1997 with other Quake players. “Check out this screenshot of my score against those guys!” which of course opens a far less savory image or video. You learn quickly to examine links and/or simply resist and let someone else check it first.
Kinda like people who don’t think about home security or don’t think they’ll be a victim; why bother implementing security? Until after…
The easier our lives are made or the easier we’re able to communicate, the easier bad people can usurp it and easily communicate out on our behalf!