Risk
10/29/2010
07:15 PM
50%
50%

Facebook Launches Friendship Pages, Raises Privacy Concerns

The new feature can show the relationship between two Facebook friends through the public information they've shared between each other through Wall posts, photos and more.

Facebook has raised privacy concerns again among some users by launching a feature that can show the relationship between two friends through the public information they've shared between each other.

Called "Friendship Pages," the feature, which is being rolled out gradually, would be accessible through a link under relevant Wall posts, relationship stories and the main photo on a person's profile page. Clicking the link would launch a standalone page that would include public Wall posts between the two people, photos in which both are tagged, events they have RSVP'd for together, mutual friends and mutual "likes."

Friendship Pages could only be retrieved by someone who is a friend with at least one of the two people and who has permission to view both their profiles. "When it's between two people who share a lot, the page really starts to reflect their friendship," Wayne Kao, the Facebook software engineer who developed the feature, said on the company's blog Thursday.

The new feature did draw concerns from some Facebook users. "While I'm all for innovation, privacy should come first," Rob Ahnemann, said on the comments section of Kao's blog. "If you introduce a new feature, notify the community when it arrives. (And) give a clear opt-in or opt-out button."

Others, however, felt the privacy concerns were overblown. "If you don't appreciate new applications because you perceive them a threat to the privacy of your golden gem of a Facebook profile, you are free to leave Facebook and no one will miss you," Amanda Meyer said.

Nearly every feature Facebook introduces is looked at through the privacy prism. Because Facebook's business is about helping people communicate, plan get-togethers and share photos and video of friends and family, the site cannot ignore the impact any new feature will have on privacy. Facebook's record on privacy is spotty and concerns over the handling of its 500 million users' personal information is under scrutiny by Congress.

To avoid having personal information seen by strangers or acquaintances, Facebook users need to carefully choose the people they allow into their social network, Augie Ray, analyst for Forrester Research, told InformationWeek. "Whom you follow and whom you friend are part of the privacy equation."

SEE ALSO:

Facebook Places A Bet Against Google

Facebook Places Privacy First

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-5084
Published: 2015-08-02
The Siemens SIMATIC WinCC Sm@rtClient and Sm@rtClient Lite applications before 01.00.01.00 for Android do not properly store passwords, which allows physically approximate attackers to obtain sensitive information via unspecified vectors.

CVE-2015-5352
Published: 2015-08-02
The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time ...

CVE-2015-5537
Published: 2015-08-02
The SSL layer of the HTTPS service in Siemens RuggedCom ROS before 4.2.0 and ROX II does not properly implement CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a different vulnerability than CVE-2014-3566.

CVE-2015-5600
Published: 2015-08-02
The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumptio...

CVE-2015-1009
Published: 2015-07-31
Schneider Electric InduSoft Web Studio before 7.1.3.5 Patch 5 and Wonderware InTouch Machine Edition through 7.1 SP3 Patch 4 use cleartext for project-window password storage, which allows local users to obtain sensitive information by reading a file.

Dark Reading Radio
Archived Dark Reading Radio
What’s the future of the venerable firewall? We’ve invited two security industry leaders to make their case: Join us and bring your questions and opinions!