More reasons to avoid Facebook

Page: < 123 > Showing page 2 of 3
Author
Jonbouy
Max Output Level: 0 dBFS
  • Total Posts : 22562
  • Joined: 4/14/2008
  • Location: England's Sunshine South Coast
  • Status: offline
Re:More reasons to avoid Facebook October 05, 11 8:35 AM (permalink)
Sorry I hadn't finished editing what I was saying because of my senility I'll post it here in full for clarity.


If I'd seen FB as a potential threat it would have been gone a long time ago.

I'm convinced the compromise is from the Facebook end because even if somebody had got hold of my email account info they would have still had to provide my different FB login password to see the friends that had added me that are not in my address book in order for them to be spammed too.

Of course I can't prove it because none of us access to the API's these web apps use to communicate with each other and leave vunerable to exploitation, but I'm sufficiently convinced to see Facebook as providing another level where my security can be exploited.

I've been a pretty sharp Webmaster for the past 20 years or so too, therefore I'm not naive to these kinds of issues and also during that time I've picked up a pretty good sense of smell as to what is coming from where.

Hence Facebook IS gone which leaves me having only one source of compromise left, my email itself.

That suits me fine.


"We can't do anything to change the world until capitalism crumbles.
In the meantime we should all go shopping to console ourselves" - Banksy
#31
Jonbouy
Max Output Level: 0 dBFS
  • Total Posts : 22562
  • Joined: 4/14/2008
  • Location: England's Sunshine South Coast
  • Status: offline
Re:More reasons to avoid Facebook October 05, 11 8:42 AM (permalink)
Beagle sorry but you are clouding the REAL issue with technicalities here.

Facebook in my view is an additional security threat over and above my email account on it's own.  There are many reasons I can give for that but would be too long winded to go into, rather than that I have a different idea.

I (me personally) don't need it. Period.

I also strongly recommend if somebody wants to join Facebook they set up a specific email account for it.

Simple.
post edited by Jonbouy - October 05, 11 8:45 AM

"We can't do anything to change the world until capitalism crumbles.
In the meantime we should all go shopping to console ourselves" - Banksy
#32
The Maillard Reaction
Max Output Level: 0 dBFS
  • Total Posts : 31918
  • Joined: 7/9/2004
  • Status: offline
Re:More reasons to avoid Facebook October 05, 11 8:43 AM (permalink)

"were sent from his contacts in his email account"


I'm not sure what that means?

Can't that just be generated from a list of Jon's contacts being used by some other email server?

Or are the actual emails being batch generated on Jon's email server and actually emanating from the appliance that is his mail server?


I'm just ignorant about web security at this level and sincerely curious.


Ironically, we drove over to Pensacola yesterday and helped a IT consultant do an interview about MFT products and the desire for managed security while transferring BtoB data.

He was smart... I learned a little something... nothing that applies to me... but I found it interesting.


best,
mike


#33
Jonbouy
Max Output Level: 0 dBFS
  • Total Posts : 22562
  • Joined: 4/14/2008
  • Location: England's Sunshine South Coast
  • Status: offline
Re:More reasons to avoid Facebook October 05, 11 8:47 AM (permalink)
mike_mccue



"were sent from his contacts in his email account"


They weren't they were sent from a spoofed 'me' to my contacts.

See my clarification above for my final thoughts.


"We can't do anything to change the world until capitalism crumbles.
In the meantime we should all go shopping to console ourselves" - Banksy
#34
Guitarhacker
Max Output Level: 0 dBFS
  • Total Posts : 24398
  • Joined: 12/7/2007
  • Location: NC
  • Status: offline
Re:More reasons to avoid Facebook October 05, 11 8:52 AM (permalink)
I'm off to change my passwords....


My website & music: www.herbhartley.com

MC4/5/6/X1e.c, on a Custom DAW   
Focusrite Firewire Saffire Interface


BMI/NSAI

"Just as the blade chooses the warrior, so too, the song chooses the writer 
#35
Jonbouy
Max Output Level: 0 dBFS
  • Total Posts : 22562
  • Joined: 4/14/2008
  • Location: England's Sunshine South Coast
  • Status: offline
Re:More reasons to avoid Facebook October 05, 11 8:55 AM (permalink)
Guitarhacker


I'm off to change my passwords....


There ya go Herb...

All that needed to be said really was in post #4

http://forum.cakewalk.com/fb.ashx?m=2401628

"We can't do anything to change the world until capitalism crumbles.
In the meantime we should all go shopping to console ourselves" - Banksy
#36
Beagle
Max Output Level: 0 dBFS
  • Total Posts : 50621
  • Joined: 3/29/2006
  • Location: Fort Worth, TX
  • Status: offline
Re:More reasons to avoid Facebook October 05, 11 8:55 AM (permalink)
Jonbouy


Beagle sorry but you are clouding the REAL issue with technicalities here.

Facebook in my view is an additional security threat over and above my email account on it's own.  There are many reasons I can give for that but would be too long winded to go into, rather than that I have a different idea.

I (me personally) don't need it. Period.

I also strongly recommend if somebody wants to join Facebook they set up a specific email account for it.

Simple.


I thought I was just answering Mike's questions.  I certainly did not mean to could your issues.

http://soundcloud.com/beaglesound/sets/featured-songs-1
i7, 16G DDR3, Win10x64, MOTU Ultralite Hybrid MK3
Yamaha MOXF6, Hammond XK3c, other stuff.
#37
The Maillard Reaction
Max Output Level: 0 dBFS
  • Total Posts : 31918
  • Joined: 7/9/2004
  • Status: offline
Re:More reasons to avoid Facebook October 05, 11 8:55 AM (permalink)
So, basically...someone stole your contact list... but generated the emails on some other server?

If that is the case... what does it have to do with your email account? Do you have a remote contact list on some web mail server?

I've been imagining that the contact list is actually on your personal computer in something like Outlook.... a email client.

Where as your email "account", more or less sits on a email server... which is most often a remote appliance sitting on a shelf somewhere.




I'm not trying to pester or measure words etc.

I am sincerely confused...


all the best,
mike


#38
Jonbouy
Max Output Level: 0 dBFS
  • Total Posts : 22562
  • Joined: 4/14/2008
  • Location: England's Sunshine South Coast
  • Status: offline
Re:More reasons to avoid Facebook October 05, 11 8:57 AM (permalink)
Beagle


Jonbouy


Beagle sorry but you are clouding the REAL issue with technicalities here.

Facebook in my view is an additional security threat over and above my email account on it's own.  There are many reasons I can give for that but would be too long winded to go into, rather than that I have a different idea.

I (me personally) don't need it. Period.

I also strongly recommend if somebody wants to join Facebook they set up a specific email account for it.

Simple.


I thought I was just answering Mike's questions.  I certainly did not mean to could your issues.


Answering Mike's questions is always guaranteed to cloud the issues.  I thought everybody knew that...

Last time I attempted to answer one of Mike's questions it led to me being kicked off the forum...
post edited by Jonbouy - October 05, 11 8:58 AM

"We can't do anything to change the world until capitalism crumbles.
In the meantime we should all go shopping to console ourselves" - Banksy
#39
The Maillard Reaction
Max Output Level: 0 dBFS
  • Total Posts : 31918
  • Joined: 7/9/2004
  • Status: offline
Re:More reasons to avoid Facebook October 05, 11 9:00 AM (permalink)

shhhh, bapu doesn't know.


yet.


#40
Beagle
Max Output Level: 0 dBFS
  • Total Posts : 50621
  • Joined: 3/29/2006
  • Location: Fort Worth, TX
  • Status: offline
Re:More reasons to avoid Facebook October 05, 11 9:02 AM (permalink)
Jonbouy


Beagle


Jonbouy


Beagle sorry but you are clouding the REAL issue with technicalities here.

Facebook in my view is an additional security threat over and above my email account on it's own.  There are many reasons I can give for that but would be too long winded to go into, rather than that I have a different idea.

I (me personally) don't need it. Period.

I also strongly recommend if somebody wants to join Facebook they set up a specific email account for it.

Simple.


I thought I was just answering Mike's questions.  I certainly did not mean to could your issues.


Answering Mike's questions is always guaranteed to cloud the issues.  I thought everybody knew that...

Last time I attempted to answer one of Mike's questions it led to me being kicked off the forum...


so if I answer Mike's questions then I, too, could be in a banned????

http://soundcloud.com/beaglesound/sets/featured-songs-1
i7, 16G DDR3, Win10x64, MOTU Ultralite Hybrid MK3
Yamaha MOXF6, Hammond XK3c, other stuff.
#41
The Maillard Reaction
Max Output Level: 0 dBFS
  • Total Posts : 31918
  • Joined: 7/9/2004
  • Status: offline
Re:More reasons to avoid Facebook October 05, 11 9:04 AM (permalink)

I always bring a second tambourine.


#42
jackn2mpu
Max Output Level: -47.5 dBFS
  • Total Posts : 2765
  • Joined: 11/8/2003
  • Location: Soprano State
  • Status: offline
Re:More reasons to avoid Facebook October 05, 11 9:08 AM (permalink)
Facebook security isn't easy to navigate - been on it for over a year now and they keep changing things almost as often as I change underwear. Like the 'find friends' feature - one of the things they use is the gathered email addresses in your address book, but you have to specifically allow Facebook access to the app AND purposely give FB your email password.

I've yet to have issues with someone hacking into my FB stuff but then again I keep a tight rein on my security settings. Sometimes when FB does a software update these settings will change, some on purpose because of the change and some as collateral damage.

Jack
Qapla!
#43
Jonbouy
Max Output Level: 0 dBFS
  • Total Posts : 22562
  • Joined: 4/14/2008
  • Location: England's Sunshine South Coast
  • Status: offline
Re:More reasons to avoid Facebook October 05, 11 9:13 AM (permalink)
mike_mccue


So, basically...someone stole your contact list... but generated the emails on some other server?

If that is the case... what does it have to do with your email account? Do you have a remote contact list on some web mail server?

I've been imagining that the contact list is actually on your personal computer in something like Outlook.... a email client.

Where as your email "account", more or less sits on a email server... which is most often a remote appliance sitting on a shelf somewhere.




I'm not trying to pester or measure words etc.

I am sincerely confused...


all the best,
mike
I'll give it one more try.

All it means is they logged into my email account just like I would with an email address and password and by doing that they had access to my account inc. all my contacts and were also able to send emails just as if they were me.  Co-incidentally they were able to log in to my Facebook account which has a different password at the same time.

Regardless of any other suspicions I have about FB security one of the very few places where my email is circulating publicly is on Facebook a hugely popular international network which in itself makes it much more vulnerable for email harvesters to abuse.
post edited by Jonbouy - October 05, 11 9:18 AM

"We can't do anything to change the world until capitalism crumbles.
In the meantime we should all go shopping to console ourselves" - Banksy
#44
The Maillard Reaction
Max Output Level: 0 dBFS
  • Total Posts : 31918
  • Joined: 7/9/2004
  • Status: offline
Re:More reasons to avoid Facebook October 05, 11 9:15 AM (permalink)

I think this all makes sense... so is your email account a web mail type?


I ask because it seems like the address book in my Outlook application can be accessed without a password.

But I imagine an address book on Gmail, for example, can only be accessed with a login procedure.


post edited by mike_mccue - October 05, 11 9:17 AM


#45
Jonbouy
Max Output Level: 0 dBFS
  • Total Posts : 22562
  • Joined: 4/14/2008
  • Location: England's Sunshine South Coast
  • Status: offline
Re:More reasons to avoid Facebook October 05, 11 9:23 AM (permalink)
mike_mccue


I think this all makes sense... so is your email account a web mail type?


I ask because it seems like the address book in my Outlook application can be accessed without a password.

But I imagine an address book on Gmail, for example, can only be accessed with a login procedure.


Indeed it is a web mail account.

There are extra considerations with a POP3 account such as you describe.

One is that is just as vulnerable to an address and password hack as webmail, another is that you are downloading all the muck that lives remotely in the interweb as spam and viruses etc. onto your local hardrive.

The account still needs a password to login, it's just that you don't need to enter it as it is stored in your local mail reader program (like Outlook) another security risk in itself.

I have strong procedures and policies in place, the only lapses I made as I've outlined earlier were that I let a dormant Facebook account live too long and failed to change my email password regularly enough.
post edited by Jonbouy - October 05, 11 9:26 AM

"We can't do anything to change the world until capitalism crumbles.
In the meantime we should all go shopping to console ourselves" - Banksy
#46
The Maillard Reaction
Max Output Level: 0 dBFS
  • Total Posts : 31918
  • Joined: 7/9/2004
  • Status: offline
Re:More reasons to avoid Facebook October 05, 11 9:39 AM (permalink)
Thanks for explaining.


I'm off to the rap contest.

best,
mike


#47
Jonbouy
Max Output Level: 0 dBFS
  • Total Posts : 22562
  • Joined: 4/14/2008
  • Location: England's Sunshine South Coast
  • Status: offline
Re:More reasons to avoid Facebook October 05, 11 9:42 AM (permalink)
mike_mccue


Thanks for explaining.


I'm off to the rap contest.

best,
mike


Booyah!!!

I'm gonna finish repairing my fence.

"We can't do anything to change the world until capitalism crumbles.
In the meantime we should all go shopping to console ourselves" - Banksy
#48
Alegria
Max Output Level: -54.5 dBFS
  • Total Posts : 2075
  • Joined: 11/7/2008
  • Status: offline
Re:More reasons to avoid Facebook October 05, 11 2:33 PM (permalink)
Sorry to hear that Jonbouy. And what's even more revealing is... it happened to someone who knows about such things and has a high level of expertise in web related matters. Ouch, that's scary. And that's one of many, many reasons I don't like social networking sites to begin with and have also cleaned out my facebook "profile" account a while back. I din't delete it for the simple reason that I need it to manage my uBe.Music facebook "page".

Here's more food for thought about Facebook:

http://www.scribd.com/doc/65902747/SSRN-id1717563

I don't like this either...

Who needs government agencies (any government) nowadays to collect information on it's citizens, when citizens themselves are all to eager to supply it for free??


#49
Jonbouy
Max Output Level: 0 dBFS
  • Total Posts : 22562
  • Joined: 4/14/2008
  • Location: England's Sunshine South Coast
  • Status: offline
Re:More reasons to avoid Facebook October 05, 11 2:49 PM (permalink)

Who needs government agencies (any government) nowadays to collect information on it's citizens, when citizens themselves are all to eager to supply it for free??


Often because the providers of these on-line apps. do not make clear what threats you are being exposed to.

I am at fault here for letting an unused FB account lay dormant so long and not changing my passwords often enough.  But signing up for Facebook with it's security settings set as default WILL leave you vulnerable.

My normal policy is to Deny All and then Allow specifics, these things default to Allow anything unless you the user pay particular attention to some pretty obscure settings in too many cases.

A painful lesson I hope others can benefit from.
post edited by Jonbouy - October 05, 11 2:52 PM

"We can't do anything to change the world until capitalism crumbles.
In the meantime we should all go shopping to console ourselves" - Banksy
#50
Alegria
Max Output Level: -54.5 dBFS
  • Total Posts : 2075
  • Joined: 11/7/2008
  • Status: offline
Re:More reasons to avoid Facebook October 05, 11 2:56 PM (permalink)
"Jonbouy"
A painful lesson I hope others can benefit from.

Definitely.
#51
timidi
Max Output Level: -21 dBFS
  • Total Posts : 5449
  • Joined: 4/11/2006
  • Location: SE Florida
  • Status: offline
Re:More reasons to avoid Facebook October 05, 11 2:58 PM (permalink)
I'm unclear as to what exactly someone would be "vulnerable" to? 
More spam? 
stealing your email addresses?
 
I can understand that there are a lot of folks on FB that, if asked, would probably paste their Soc sec # on Facebook.
Lots of folks put almost everything but, including, home town, birthday, etc.
But, I don't think that addresses anyone here.


ASUS P8P67, i7-2600K, CORSAIR 16GB, HIS 5450, 3 Samsung SSD 850, Win7 64, RME AIO.
 
https://timbowman.bandcamp.com/releases
 
#52
Jonbouy
Max Output Level: 0 dBFS
  • Total Posts : 22562
  • Joined: 4/14/2008
  • Location: England's Sunshine South Coast
  • Status: offline
Re:More reasons to avoid Facebook October 05, 11 3:00 PM (permalink)


More spam?

stealing your email addresses?
 


Yes, isn't that enough?

To add:

Fortunately I don't conduct any online business from this actual account so the breach was limited to my online contacts which is bad enough, but I'm sure many have this stuff linked to accounts that involve financial details too without giving it much thought.

That would have cost me more than having to explain to my good freinds that I wasn't responsible for mailing out a bunch of garbage.  Well, this particualr bunch of garbage anyway.

The other thing about it was that this guy was a casual chancer otherwise had it been a targeted attack there would have been no way of tracing him back and getting him shut down so quickly, so obviously it didn't take that much skill for him to pull it off.


post edited by Jonbouy - October 05, 11 3:18 PM

"We can't do anything to change the world until capitalism crumbles.
In the meantime we should all go shopping to console ourselves" - Banksy
#53
UbiquitousBubba
Max Output Level: 0 dBFS
  • Total Posts : 8912
  • Joined: 7/9/2008
  • Location: Everywhere Else
  • Status: offline
Re:More reasons to avoid Facebook October 05, 11 3:18 PM (permalink)
Good reminders, JB.

I'm off to go change mine from "1234" to "password" right now.
#54
Jonbouy
Max Output Level: 0 dBFS
  • Total Posts : 22562
  • Joined: 4/14/2008
  • Location: England's Sunshine South Coast
  • Status: offline
Re:More reasons to avoid Facebook October 05, 11 3:19 PM (permalink)
UbiquitousBubba


Good reminders, JB.

I'm off to go change mine from "1234" to "password" right now.


Change it to LetMeIn.

Nobody will get that one.

"We can't do anything to change the world until capitalism crumbles.
In the meantime we should all go shopping to console ourselves" - Banksy
#55
Rain
Max Output Level: 0 dBFS
  • Total Posts : 9736
  • Joined: 11/7/2003
  • Location: Las Vegas
  • Status: offline
Re:More reasons to avoid Facebook October 05, 11 3:21 PM (permalink)
My biggest gripe with Facebook were always more privacy than security oriented. And these are relatively light concerns, as I don't see why I'd have to put anything I consider really "private" anywhere on the web. 

I usually think of it as: I'd prefer not to share this one thing, be it a pic or a status, with everyone, but in case anyone suddenly had access to it, then, no biggie.

Anyway, by default, you "share" everything with everyone. Some things you may just want to share w/ a few select people. 

It can sometimes be a pain to constantly verify that your preferences remain valid when they update the site - the new criterias most often aren't "backward compatible" with your setting.
Other than that, I avoid apps, as they can open the door to all sort of nasty things. My e-mail is hidden - and once again, this would be more "privacy" than security. 

Even if spammers could get their hands on my address, it'd mean annoying spam for me. To cause actual "security" damage, they'd still have to hack my password, which isn't tied in any manner to FB. And that could always be done anyway.

Of course, there's always a risk of someone hacking your account, but isn't it the same for just about anything on the web, including web mail and all the rest? 

As for the rest, FB is a great way for us here to keep in touch with fellows back home and across the world. It's like a live collection of instant postcards.




post edited by Rain - October 05, 11 3:23 PM

TCB - Tea, Cats, Books...
#56
Jonbouy
Max Output Level: 0 dBFS
  • Total Posts : 22562
  • Joined: 4/14/2008
  • Location: England's Sunshine South Coast
  • Status: offline
Re:More reasons to avoid Facebook October 05, 11 3:31 PM (permalink)

Even if spammers could get their hands on my address, they'd still have to hack my password, which isn't tied in anyway to FB.


Today I'm not so confident about that.  So I've bricked up the hole where there was once a supposed locked door.

Having said that there is a good case for social networks, especially for promoting your music, just make sure you set up a disposable email account to go with it, one where you'd never worry that it would compromise your security or privacy because it would never contain anything of any value or anything that you didn't mind being discovered.

Then make sure you clear any cookies and open sessions before you log-in and after you log-out of it because if you use the same browser for FB and your email there's a link right there.
post edited by Jonbouy - October 05, 11 3:34 PM

"We can't do anything to change the world until capitalism crumbles.
In the meantime we should all go shopping to console ourselves" - Banksy
#57
Ham N Egz
Max Output Level: 0 dBFS
  • Total Posts : 15161
  • Joined: 1/21/2005
  • Location: Arpadhon
  • Status: offline
Re:More reasons to avoid Facebook October 05, 11 4:02 PM (permalink)
FB apps and links your friend embed are also prone to Virus and Trojans, plus just plain stealing all your personal data and using it however the vendor of the apps feels like. Plus what these college kids dont realize is that all those FB pages with pictures of girls half undressed and guys/girls with drinks in their hands, obviously drunk are checked out by prospective employers and others , including law enforcement.

Green Acres is the place to be
 I dont twitter, facebook, snapchat, instagram,linkedin,tumble,pinterest,flick, blah blah,lets have an old fashioned conversation!
 
#58
Rain
Max Output Level: 0 dBFS
  • Total Posts : 9736
  • Joined: 11/7/2003
  • Location: Las Vegas
  • Status: offline
Re:More reasons to avoid Facebook October 05, 11 4:31 PM (permalink)
That's one of the few good things w/ FB... I've seen a few cases of questionably sane folks posting pictures of themselves and comments that were later held against them in court of justice.

I myself had the opportunity to use those things in the past with a few less than clever employees proudly posting pictures of themselves being very unproductive at work, while at work, on their cell phone. Or then calling out sick and omitting to un-tag themselves in a series of party pictures taken the night before, available for all to see on FB. Irresponsible all the way. They just made my job so easy. lol

TCB - Tea, Cats, Books...
#59
bapu
Max Output Level: 0 dBFS
  • Total Posts : 86000
  • Joined: 11/25/2006
  • Location: Thousand Oaks, CA
  • Status: offline
Re:More reasons to avoid Facebook October 05, 11 5:02 PM (permalink)
Jonbouy


UbiquitousBubba


Good reminders, JB.

I'm off to go change mine from "1234" to "password" right now.


Change it to LetMeIn.

Nobody will get that one.

Yeah, I'm always trying LetMeInn.


#60
Page: < 123 > Showing page 2 of 3
Jump to:
© 2025 APG vNext Commercial Version 5.1