It is funny how quickly all the hoopla around Facebook and the rest of the social media platforms has died down and given way to new happenings. I was really hoping for some meaningful results out of all the congressional and media frenzy around that. But alas, it was not to be.
For all that transpired, we are no further ahead in social media security than we were before. Oh, there have been some minor changes, as they now have to delete your data if you ask, and supposedly, the end-user licensing agreements (EULAs) are more obvious. I know I read every one of those notices and the data they referred to, didn’t you?
In the end, the problem still lies with the users. Facebook, other social media platforms, and everyone else in general, has fiduciary responsibility to protect data on their network. As opposed to deliberate and calculated top-shelf black hat-based hacks, social media hacks are much less sophisticated and are “hacks of opportunity.”
It was, pretty well, made clear that there is way too much data on Facebook and that has become a hackers’ dream. A recent study just confirmed what we already knew – the more your data is out there, the greater chance that you will be hacked. Duh…you don’t have to hit me over the head with a wet noodle to make me get that, but it seems the majority of social media users do
not. The more data that is out there, the more dark-side opportunity is out there, as well.
Now that the obvious has been presented, to get the discussion started, let us drill down a bit.
I have, from time to time, talked about liability, and who should be liable for what. Unfortunately, stupidity is not a crime so there are some sliding scales here. However, you cannot use that excuse for every hack or breach that occurs because some dummy put a picture on Facebook of a cool credit card design, and did not redact the numbers. Social media, by its nature, is a fertile hunting ground for hackers, and they know it.
For example, besides typical search engine optimization (SEO) poisoning, cyber-criminals use social networks such as Twitter and Facebook to spread scams based on search interest. Another breach involves malvertising. This is the case where social media sites put advertising on their pages that contain some sort of e-threat. Facebook’s ad platform also hosts fraudulent and malicious ads from web categories that seem to copy spam patterns. The list goes on and on and these are exactly the type of schemes that need to be contained by the social media platforms. They have the technology, just no reason to implement it, since it might “inconvenience” users or slow the system – nonsense.
However, the thing that irks me the most, and the primary reason I do not use social media, is that social media sites have a nasty habit of tracking you. That means that everywhere you go through the Facebook interface, for example, becomes a possible security breach if Facebook does not secure the I/O of that site – and it does not, even after all of what just transpired. That falls on the responsibility side of the provider, not the user. Europe saw this years ago and has recently heaped even more responsibility on the app owner. Unfortunately, we are not doing the same.
As the Internet of Everything/Everyone (IoX) evolves, the amount of personal data that will be out there is incomprehensible. Of late, Amazon is putting together technology that will allow your washing machine to, automatically, order detergent when you are almost out – transparent to the user, except for the notification that it was done.
This is only the tip of the smart “x” iceberg, alone. The connected hunting ground is becoming, virtually, unlimited. In addition, Amazon and everyone else is deeply plugged into social media so there is a vector for cross-pollution there.
The debate over social media security is far from over. Truthfully, I do not see any real solutions out there except to make the social media sites responsible for damages caused by their lack of security. Swallow the bullet, Facebook, Twitter, Pinterest, Path, Roamz and the rest. Yes, you will be slower, yes, you will be clumsier, yes, you might be frustrating, but yes, our data will be safer – and yes, people will get used to it.