Risk
10/25/2010
11:01 AM
50%
50%

Americans Ignoring Social Media Privacy Risks

Users are worried about the dangers of disclosing personal information on Facebook and other sites, but they do it anyway, finds Lawyers.com study.

Best Mobile Apps For Busy Professionals
(click image for larger view)
Best Mobile Apps For Busy Professionals
Despite realizing the dangers of posting personal information on social networking sites, Americans continue to divulge a lot of data about themselves, a new study by Lawyers.com found.

Half of American social media users surveyed admit to seeing people disclose too much personal information online, yet 28% of social media users admit to rarely considering what could occur if they share too much private data online, the report said.

About 44% of those surveyed are concerned that the personal information they share on these sites is being used against them, while 21% of Americans who use social media sites believe people who take advantage of weak privacy settings on these sites already have accessed their personal information, according to the poll.

The study was released about a week after 10 of the most popular Facebook apps were found sharing members' user ID numbers with outside companies, and three of the top 10 Facebook apps, including Farmville, shared information about users' friends. Lawyers.com, which is designed for consumers and small businesses, is operated by LexisNexis Martindale-Hubbell, which commissioned TNS Global to conduct the 2010 Lawyers.com Social Networking Survey of 1,000 adult Americans.

"The Lawyers.com Social Networking Survey reveals a clear disconnect between the privacy concerns of users and their actual behaviors and disclosures on social networking sites," said Carol Eversen, VP of marketing at LexisNexis. "Nearly every week we hear about the negative consequences resulting from inappropriate disclosures and uses of personal information on social networking sites, however the data suggests that Americans are not taking the necessary steps to protect themselves."

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-4440
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 generates weak non-tty passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.

CVE-2013-4442
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 uses weak pseudo generated numbers when /dev/urandom is unavailable, which makes it easier for context-dependent attackers to guess the numbers.

CVE-2013-7401
Published: 2014-12-19
The parse_request function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service (crash) via a URI without a " " or "?" character in an ICAP request, as demonstrated by use of the OPTIONS method.

CVE-2014-2026
Published: 2014-12-19
Cross-site scripting (XSS) vulnerability in the search functionality in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to inject arbitrary web script or HTML via the request parameter.

CVE-2014-2716
Published: 2014-12-19
Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, Real-Time Location System (RTLS) Controller 6.0.5-FINAL, and Activator 3 reuses the RC4 cipher stream, which makes it easier for remote attackers to obtain plaintext messages via an XOR operation on two ciphertexts.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.