How social networking can hurt you
by Mirko Zorz - Tuesday, 20 October 2009.


Let's put aside all the positive reasons to use social networking services and focus on the dark side. Most of the time, users don't even realize how much private information they're sharing over these services. There have already been stories about people Twittering or posting on Facebook that they're on holiday and getting robbed, but the problems don't end there.

At RSA Conference Europe 2009, Dr. Herbert Thompson talked about how attackers are launching innovative attacks against individuals and companies using the information shared over public social networking channels.

Dr. Thompson provided real-life examples where he was able to break into online accounts of several people (with their permission, of course). He didn't use complex tools or some esoteric hacking techniques, but rather focused on publicly available information.

The problem is even larger when you realize that you might not even be the one divulging the information. Maybe you're the kind of user that doesn't use Facebook, doesn't have a blog and avoids being photographed. At the same time, your e-mail password reset question may be: "What's my mother's maiden name?". This kind of data may be shared by other people you know and it could become a security problem.

The lesson to be learned here is that online hygiene doesn't necessarily depend only on the information you share, but it depends on everyone around you. If you don't have a Facebook page but a friend posts any personal information related to you, it can come back to haunt you.

We live in interesting times, in which we need to control not only what we do online, but also keep track of the information others are making available online.

Should we define a set of security policies for our friends? Surely, that would be a tough thing to implement.

Help Net Security photos from the RSA Conference Europe 2009 keynote sessions are available over here.

Spotlight

The Software Assurance Marketplace: A response to a challenging problem

Posted on 20 October 2014.  |  The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) has recognized how critical the state of software security is to the DHS mission.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Oct 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //