Wednesday December 19, 2007
Taking Good Intentions At Facebook Value
Categories:
E-Mail, Office, Phish
Tags:
Facebook, social networking
A McAfee Avert Labs blog entry asks some tough but necessary questions about the signup and registration process at Facebook.
Throughout the process Facebook asks you to enter certain information and install certain software that, by the standards of recent experience, seem irresponsible.
* They ask for your e-mail username and password
* They ask for your AOL Instant Messenger username and password
* They ask you to ignore browser security warnings.
* They ask you to download and run a .EXE file from an insecure site so that it can copy your contact information and upload it to their servers.
Call me suspicious, but practices such as these seem dangerous. And once you condition users to expect to do such things, perhaps they'll do them on other sites as well, including phishing sites.
And make sure to check out the CAPTCHA they show in the blog.
Taking Good Intentions At Facebook Value - Security Watch.