wpostServer: http://css.washingtonpost.com/wpost2

Most Read: Business

S&P 500
 Last Update: 08:02 PM 07/24/2014

World Markets from      


Other Market Data from      


Key Rates from      

Faster Forward
Posted at 09:27 AM ET, 04/18/2011

Security firm calls on Facebook to step up its game

Privacy is a perpetual thorn in Facebook’s side, and now a prominent Internet security firm is calling on the company to improve its safety and privacy. Facebook is, of course, designed around the principle of sharing information. But the social network has faced a lot of backlash from users who want more notice of and control over how the site shares and uses personal information.

The security firm, Sophos, issued an open letter to Facebook zeroing in on three steps it says the social network can take to better protect its users: make privacy the default option, vet its app developers and offer secure browsing across the site.

Those three moves would address a lot of the privacy concerns Facebook users have expressed. Default privacy would have avoided problems with the site’s Beacon advertising feature, which shared users’ online purchases with their network; Facebook was sued over the feature and discontinued Beacon in 2009. Facebook apps are probably the prime source for spam on the site, posting unwanted messages and “likes” on user profiles.

And while Facebook does offer secure browsing — a feature that is turned off by default — Sophos said it only offers the secure option “whenever possible.” The firm said that https encryption should always be an option for users.

Those playing devil’s advocate could easily say that it’s not up to Facebook to take care of any of this. It’s a free service and a business, after all, and what you put on the site is completely up to you. No one should be in doubt that the site is looking to mon­etize your personal information, and it’s a bit naive in this day and age to think that anything you put on the Web is truly private.­

Regardless of what you think Facebook’s responsibilities to its users may be, it’s best to always operate under a set of ground rules: If you don’t want everyone to know about it, don’t post it. And if you don’t completely trust something, don’t click on it.

What do you think of Facebook’s security measures? Do you think profile data is pretty secure if you’re vigilant? Or does the site do too little to protect its users?

Related stories:

‘Twilight’ game scam spreading on Facebook

Facebook offering site-wide 'HTTPS' security

Internet firms wake up to federal privacy scrutiny

By  |  09:27 AM ET, 04/18/2011

Tags:  Social networking, Security

Read what others are saying

    © 2011 The Washington Post Company