Facebook Application Security For the User:
A Brief Introduction

Alex Fernandez-Gatti
Eastern Michigan University
College of Technology
Information Assurance Department
Ypsilanti, Mich

Disclaimer:

This document is intended to be a brief introduction to Facebook application security as it relates to user data and the confidentiality of said data. It does not cover all aspects of Facebook security, or Facebook applications. Please do not take it as such.

This document has been written as part of a research study for Eastern Michigan University. All content is property of the author of the study and must be contacted prior to use in other mediums.

Author Information:
Alex Fernandez-Gatti
(248)232-3377
afernan4@emich.edu

Facebook has become the unequivocal dominating container of information volunteered by users of its service like you and I. Status updates, e-mail addresses, phone numbers, birthdays, pets names, siblings, favorite colors, interests, and significant others are broadcast on ones personal space which is maintained by the individual of which it references. We shout this information to the world and never stop to think what we are telling people about ourselves. Whether it is our friends, an advertiser, an insurance agency, or a potential employer, this information is available to the public if one does not take the proper precautions to protect their information. A majority of us have heard this speech before and have taken the proper precautions of locking down certain albums from Mom and Dad, blocking our ex-boyfriends and ex-girlfriends, and sharing only what we think isn’t personally damaging in the here and now. But there’s something more that most of us haven’t taken a look at before, and that’s what the applications we use can do with our information.

In August of 2009 the ACLU (American Civil Liberties Union) created a Facebook quiz application that asked users a series of questions regarding their knowledge of privacy regarding Facebook applications, over 8,000 participant volunteered to take it. Contained with in the quiz were various bits of information that was pulled from the users account whether it was marked as private or not. The methodology for doing this quite simple, and the developer of the application simply stores the data for use in what ever way they desire. A developer may want to store this information to get a picture of what his audience is so he can charge a higher price to advertisers for the space, or advertisers may collect this data and use it to advertise other products. There is unlimited potential for the gathered information to be used in ways that were originally unintended. The consequences of this information leak are that control over the information is lost.

The results of this research helped fuel a program within Facebook to change the default privacy settings and allow users to control their information more effectively. As it stands though if the user is using any application built on the Facebook application platform that does any data collection, the user is not able to totally opt-out of sharing information through the Facebook Platform. The only method to totally opt-out is to remove all applications from ones profile and then complete the opt-out process. While not perfect, this is a vast improvement from where it was.

Facebook hosts a plethora of information on each of its users, all of it volunteered. Facebook does not ask users to change their privacy settings on a consistent basis however. And while tbe knowledge that privacy settings by default are not very private, is not uncommon knowledge, a good exercise for any Facebook user would be to verify that their account has the level of privacy they desire.

Privacy Settings Location:
1. When logged into your Facebook account, hover your mouse over the word “settings” at the top of the page.
2. Select the word “Privacy”
3. Click on the fourth selection “Applications”
4. Select the “settings” tab above the text displayed on your screen.
5. Verify that the privacy options are as you would like them.

Click here for the 2 question Survey! Please take this, it’s only 2 questions and will help me graduate! Your support is greatly appreciated!