Facebook scrambles to tighten user privacy

Powered by SC Magazine

New policies and procedures after 'emergency' meeting.

Facebook has announced a series of tools and systems designed to prevent unauthorised log-ins and other suspicious activity on the social networking site.

Lev Popov, a software engineer on Facebook's site integrity team, said in a blog post that the company will automatically alert account holders if it looks like someone is attempting to gain unauthorised access.

"We're announcing some new tools and systems designed to keep the bad guys out and keep you abreast of suspicious activity so you can quickly take action to correct it," he said.

"We've built technical systems that operate behind the scenes to quickly detect and block suspicious behaviour, delete phoney posts and messages, and return compromised accounts to their rightful owners."

Popov explained that these systems are invisible to the average Facebook user, and claimed that "very few people" will ever experience a security issue on the site.

However, these systems may be about to get a lot more obvious. Popov said that a new option in account settings will let users limit access to their account to a handful of hardware devices.

Whenever a user on another kind of device attempts to answer, they will be asked to confirm what they are using by name, and send an immediate email to the holder's main address.

Popov added that the new system could block suspicious attempts "before they happen". Anyone attempting to get into an account from an unusual device will be asked for additional information that can be used for verification.

"For example, we might ask the person to enter a birth date, identify a friend in a photo or answer a security question if you've previously provided one," he said.

"These questions are designed to be easy for you and hard for a bad guy, and we've already seen some great results."

Facebook users will also be able to see a list of previous log-ins, and reset their password if they believe there has been an intrusion or intrusion attempt.

"We are confident that these new tools and systems will do a lot to prevent unauthorised log-ins and the nuisance they can cause," said Popov.

"As always, though, the first line of defence is you. We need you to help by practising safe behaviour on Facebook and wherever you go online."

Ed Rowley, product manager at M86 Security, welcomed the changes, but advised all users to treat Facebook with caution.

"Unfortunately, adding granular security settings to anything involving individual user accounts, including Facebook, can be quite complex," he said.

"When using social networking sites, it is the individual who must remain vigilant. If you deem it private, don't post it."

Rowley urged Facebook users to think before they post, spend some time changing the security settings on their account and read the Facebook terms of service.

Copyright ©v3.co.uk

Facebook scrambles to tighten user privacy
Top Stories
IAG hands digital chief his own ‘Labs’ division
Enterprise ops chief squeezed out in restructure.
Sign up to receive iTnews email bulletins
Latest Comments
Should law enforcement be able to buy and use exploits?

   |   View results
Only in special circumstances
Yes, but with more transparency