Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
6 Facebook Problems Need Fixing
Newest First  |  Oldest First  |  Threaded View
K_O
50%
50%
K_O,
User Rank: Apprentice
8/14/2012 | 6:35:22 PM
re: 6 Facebook Problems Need Fixing
I reported this privacy issue to Facebook some time ago and they have not addressed it so I'm releasing it to the public to get their attention.

The issue is that if you make your friending activity (who you become friends with) private on your timeline your friends can circumvent this by creating an Interest List and adding you to the list. If they do this the interest list feed will identify who you friend and when totally circumventing the setting on your profile.

Now hopefully Facebook will get this fixed.
stevew928
50%
50%
stevew928,
User Rank: Strategist
5/19/2012 | 5:13:51 PM
re: 6 Facebook Problems Need Fixing
What Facebook has is a huge community ready to be tapped for various purposes. For example, I participate in a few different discussion type forums that have gathered on Facebook. Why do they gather on Facebook when its forum-like aspect is so horrid? Well, because the people are already there. It's easier to create a group on Facebook, then just get people to join it, than to start an independent community with a forum, and get folks to come make an account.

But, I agree that I doubt the advertising angle will really work that well. I've clicked on ads when I've Google'd things. I'm not sure I've ever clicked on an ad while using Facebook; possibly once or twice. There is a bit of potential there, as I'm sure some people do... but I think you're correct that it isn't why people are there. It isn't a good target audience.

Regarding the privacy concerns, I completely agree. People seem fine with that trade-off and don't want to invest the time to really care. Though as time goes on, this won't just be a Facebook problem. Facebook is just one of the current biggest problems. (One really big problem I currently see, security wise, are all the websites and blogs using Facebook login. It is training people for a phishing attack. You just popup a Facebook login dialog and people just hand over their Facebook name and password. This is a really bad trend security-wise. And, besides that... why would I want to use Facebook as some kind of universal login? Consider what this adds to your 'tracked' scenario you wrote about.)

I strongly agree with your closing statement. It isn't a fad in the sense that people normally use that term. I'm sure it will be around for quite some time until some 'next big thing' comes along and people start to forget about it. I suppose that's kind of a long-term fad. But as for the actual value of Facebook, I'd be cautious. I sat in on a number of 'investment' meetings for clients in the mid-late 90s that were touting the "can't lose" mantra over internet 'clicks' and how valuable they were; all the experts agreed! (Well, except for me and many others who weren't being listened to. I saw that train-wreck coming miles away.) It was only valuable to a certain point (within fairly traditional marketing metrics), and beyond that, it was just valuable for the ignorant caught up in the excitement... and as we all know, that additional 'value' went away quite quickly.
stevew928
50%
50%
stevew928,
User Rank: Strategist
5/17/2012 | 7:12:51 PM
re: 6 Facebook Problems Need Fixing
How about actually making some of the more important aspects of it..... WORK! For example, if you comment on more than a couple items, it is nearly impossible to find them later on. Often notifications don't lead you back to the actual note you commented on. Any basic forum-board type software works FAR better than Facebook. Unfortunately, many use it in that manner.

Or, take something like basic UI problems. No FB, we DON'T want the return key to send the post. Option-return to do a new paragraph... seriously?!? At least the actual layout of the site is starting to get a bit more coherent than in the past, but it still has a long way to go.

Essentially, the initial social-networking concept was good, but many of the features that have been tacked on over the years have been very amateurish. They need to hire some designers and planners to actually think through what the coders are working on, some QC folks to make sure things actually work, and some managers to push these folks to get this stuff done.
Aden11
50%
50%
Aden11,
User Rank: Apprentice
5/17/2012 | 6:43:34 PM
re: 6 Facebook Problems Need Fixing
Facebook for iOS app is one of the worst app I've ever seen.
ANON1235579669135
50%
50%
ANON1235579669135,
User Rank: Apprentice
5/17/2012 | 3:58:01 PM
re: 6 Facebook Problems Need Fixing
"Facebook gives away plenty of value, just not the kind of value that people want to pay for"

No, this is the whole misconception. Facebook has no value. It's nothing more than people yaking, showing off, and screwing around with games and ads.
That stuff is all fine as long as it's FREE. Getting people to actually pay in order to waste away their day messing around online is another story.

It's just about money. Facebook can only exist as a company with money coming in, and the only way money comes in is from ads. And people get tired of ads and not really getting anything of value in exchange for them.

Their security concerns are less of a problem than the article thinks. People on Facebook are by and large not smart enough, or not willing to face up to the fact, that their privacy is completely pillaged when they use Facebook. They happily put information about where they go, what they do, who they associate with, including all that data about their little kids!!! And they don't want to think about the fact that every creep, miscreant, and pervert on Earth is trolling Facebook pages just looking for suckers they can easily attack.
Would you put all that personal data in an envelope taped to your front door and just "trust" that somebody else would make sure that nobody is going to look in that envelope?
No? Well, that's what people are doing with Facebook.
If none of that scares people away, then nothing will. Facebook has no privacy and no security, and that doesn't seem to bother its users.

Honestly, I wouldn't say it's quite a "fad", but it's like television. It has had its "golden age" already, and just like television, people are simply going to go get tired of it and go on to something else.


Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Google's new See No Evil policy......
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-33347
PUBLISHED: 2021-06-18
An issue was discovered in JPress v3.3.0 and below. There are XSS vulnerabilities in the template module and tag management module. If you log in to the background by means of weak password, the storage XSS vulnerability can occur.
CVE-2021-33576
PUBLISHED: 2021-06-18
An issue was discovered in Cleo LexiCom 5.5.0.0. Within the AS2 message, the sender can specify a filename. This filename can include path-traversal characters, allowing the file to be written to an arbitrary location on disk.
CVE-2021-33577
PUBLISHED: 2021-06-18
An issue was discovered in Cleo LexiCom 5.5.0.0. The requirement for the sender of an AS2 message to identify themselves (via encryption and signing of the message) can be bypassed by changing the Content-Type of the message to text/plain.
CVE-2021-32536
PUBLISHED: 2021-06-18
The login page in the MCUsystem does not filter with special characters, which allows remote attackers can inject JavaScript without privilege and thus perform reflected XSS attacks.
CVE-2021-21669
PUBLISHED: 2021-06-18
Jenkins Generic Webhook Trigger Plugin 1.72 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.