Risk
10/29/2010
07:15 PM
50%
50%

Facebook Launches Friendship Pages, Raises Privacy Concerns

The new feature can show the relationship between two Facebook friends through the public information they've shared between each other through Wall posts, photos and more.

Facebook has raised privacy concerns again among some users by launching a feature that can show the relationship between two friends through the public information they've shared between each other.

Called "Friendship Pages," the feature, which is being rolled out gradually, would be accessible through a link under relevant Wall posts, relationship stories and the main photo on a person's profile page. Clicking the link would launch a standalone page that would include public Wall posts between the two people, photos in which both are tagged, events they have RSVP'd for together, mutual friends and mutual "likes."

Friendship Pages could only be retrieved by someone who is a friend with at least one of the two people and who has permission to view both their profiles. "When it's between two people who share a lot, the page really starts to reflect their friendship," Wayne Kao, the Facebook software engineer who developed the feature, said on the company's blog Thursday.

The new feature did draw concerns from some Facebook users. "While I'm all for innovation, privacy should come first," Rob Ahnemann, said on the comments section of Kao's blog. "If you introduce a new feature, notify the community when it arrives. (And) give a clear opt-in or opt-out button."

Others, however, felt the privacy concerns were overblown. "If you don't appreciate new applications because you perceive them a threat to the privacy of your golden gem of a Facebook profile, you are free to leave Facebook and no one will miss you," Amanda Meyer said.

Nearly every feature Facebook introduces is looked at through the privacy prism. Because Facebook's business is about helping people communicate, plan get-togethers and share photos and video of friends and family, the site cannot ignore the impact any new feature will have on privacy. Facebook's record on privacy is spotty and concerns over the handling of its 500 million users' personal information is under scrutiny by Congress.

To avoid having personal information seen by strangers or acquaintances, Facebook users need to carefully choose the people they allow into their social network, Augie Ray, analyst for Forrester Research, told InformationWeek. "Whom you follow and whom you friend are part of the privacy equation."

SEE ALSO:

Facebook Places A Bet Against Google

Facebook Places Privacy First

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2010-5075
Published: 2014-12-27
Integer overflow in aswFW.sys 5.0.594.0 in Avast! Internet Security 5.0 Korean Trial allows local users to cause a denial of service (memory corruption and panic) via a crafted IOCTL_ASWFW_COMM_PIDINFO_RESULTS DeviceIoControl request to \\.\aswFW.

CVE-2011-4720
Published: 2014-12-27
Hillstone HS TFTP Server 1.3.2 allows remote attackers to cause a denial of service (daemon crash) via a long filename in a (1) RRQ or (2) WRQ operation.

CVE-2011-4722
Published: 2014-12-27
Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswitch WhatsUp Gold allows remote attackers to read arbitrary files via a .. (dot dot) in the Filename field of an RRQ operation.

CVE-2012-1203
Published: 2014-12-27
Cross-site request forgery (CSRF) vulnerability in starnet/index.php in SyndeoCMS 3.0 and earlier allows remote attackers to hijack the authentication of administrators for requests that add user accounts via a save_user action.

CVE-2012-1302
Published: 2014-12-27
Multiple cross-site scripting (XSS) vulnerabilities in amMap 2.6.3 allow remote attackers to inject arbitrary web script or HTML via the (1) data_file or (2) settings_file parameter to ammap.swf, or (3) the data_file parameter to amtimeline.swf.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.