Security changes designed to curtail the spam and scams that have become endemic on Facebook over recent months have received a cautious welcome from security watchers. Facebook has introduced a raft of features including: a known-bad-site blacklist (via a partnership with crowd-sourced blacklist outfit Web of Trust); protection …
Is Graham Clulely ill?
Hope he gets better and back to work again soon. Wouldn't want to miss out on what Sophos think.
I'm not medically qualified so I can't give you a definitive answer on this one - but I feel fine, thanks.
Seriously? For Facebook? Does anyone think that would be turned on? And then the entire point of it has gone, because they can say "we have given users two-factor authentication and they don't want it", and use that as an excuse not to give other security improvements. No, come up with a better idea than that.
It's some sort of sport, innit.
To see facebook bumble and stumble and to keep prodding them to go in directions somewhat vaguely resembling respecting their users' privacy.
Tell us more to protect you
"As an opt-in service, Facebook will send users an SMS every time someone logs in from "a new or unrecognised device"."
So Facebook wants my mobile phone number?
So not going to happen.
That was my immediate take on this "service" as well. No flaming way in hell.
If they wanted better security they could start to support OpenID, so that you can select the level/quality of security you want by choosing teh right ID provider (also the reason why I would NEVER choose Facebook as login provider - yes, let's give them an idea where else I log in)..
re: including: a known-bad-site blacklist
Wonder if we can get Facebook's urls on it :)
"two factor authentication"
Or, a way of ensuring they've managed to extract a working mobile number from you to add to their data pool...
_No_ popups everytime I "like" something. That is ridiculous.
_No_ 2-factor auth. Most of those schemes are worthless and many actually decrease overall security.
Sophos should be named Moros.
I've recently removed links to games that require me to leave the HTTPS Facebook in order to play them. (This is after removing the games that want to look at everyone elses profiles etc.)
Will FB be doing anything about these?
.. every single App I have looked at will pillage your friend's profiles when you use it. Translated: my *cough* privacy *cough* settings don't matter much. I set all App settings to the digital equivalent of "fuck off" but spam has elevated dramatically since I used FB.
I think I'm going to change the email account and see how long it takes for new spam to arrive..
Remove all security on Facebook
And replace it with the a notice that says "Everything you write on this public site can be accessed everyone everyone else"
Why don't we just send a OTP keyfob to everyone in facebook - that will be high end security. And then we shoudl turn off the Interwebs, as THE HACKERS lives there!
I should have added I'm talking about the Sophos guy, not FaceBook - fair play to FaceBook for this, I guess it'll help the people who take FB WAY too seriously.