WTF FaceBook?
I admit I haven’t been on FaceBook for very long. When I finally took the plunge, it was somewhat grudgingly, dragging both my feet all the way. When I went to FaceBook tonight, I was greeted with this little beauty at the top of my home page.
Eh? You won’t store my login info or contact anyone without my permission? Damn tooting you won’t because no way in hell am I about to give a third party my login info, for my email or AIM account. Even my ISP doesn’t *know* my password for my email account. I’m certainly not opening up access to my whole account just so you can see my address book or BuddyList. And I sure the hell hope none of my “friends” on FaceBook who have me on their contact list does either. I mean not everyone necessarily puts their IM info in their profile. And I may have more than one email addy in someone’s address book which may or may not be the addy I’m using on Facebook. “Without your permission” is ALWAYS a big red privacy flag for me. It’s a long shot away from saying “We do not/will not store or contact anyone.”
The recent issues regarding FaceBook and privacy doesn’t make me feel all warm and fuzzy like it is. For those who haven’t heard, the tracking of user’s activity on other web sites via the FaceBook cookie, even if you were logged off of FaceBook. Heck, I’m not too terribly thrilled with their overall Privacy Policy in general. I’ve already stopped installing many FaceBook apps because the developer automatically has access to some of profile info, what info being somewhat nebulous in the Privacy Policy. When I started trying to utilize the Privacy Settings for Apps, I was taken on click circle, the end result being to restrict access to personal information seemed to be remove the app. Although, it seems the developer would have already had access. Hell, when someone sends a message I have to install the app just to see what they sent. I’ve already stopped that in many cases when I have no clue who the developer is. I’m sure some think I’m anti-social, but that’s why. I just don’t think I should have to give some unknown party, who can be anyone, access to an unknown amount of my personal informatlion just in order to “see” what a friend has sent me.
Back to FaceBook’s attempt to grab my email/aim login info. The form isn’t even on a secure page. Ok, so I viewed the source code and the form does Post to a SSL URL. Still, it’s not something I like to see. I much prefer such information being tranmitted on a page that is already on the “https://” domain. It’s also the usual accepted method in terms of security. But I also saw other coding tags in parameters such as “autocomplete=off” and tags which referenced storing. Not saying anything neferious is being done by FaceBook, but not things that made me feel warm and fuzzy. Why are they even there? On the side, I NEVER use any autocomplete things for my username and password to anything for security reasons. Call me paranoid, but I see the kinds of stuff that does go on out there.
FaceBook has a lot of potential. But are going to have to take privacy and security issues, even the appearance of such, more seriously for the long haul. The newness and coolness will eventually wear off for the people who are blindingly clicking any link that comes through FaceBook. Reputable companies take such things seriously.
To be blunt, the first thing that went through my mind when I saw that box was…damn that looks like something you’d see on a damn phishing site.
So yeah..WTF FaceBook? I’m no I’m not thrilled that you may be accessing PPI on me from my “friends” who aren’t as security conscious which *I* haven’t given you.
