Facebook has taken the privacy of their customers seriously

(

Facebook has taken the privacy of their customers seriously, as their Chief Security Officer (CSO) Alex Stamos has stated that the company has engaged in black market purchases of leaked or hacked databases that contain Facebook account credentials.

A PREFACE TO THE FACEBOOK BLACK MARKET TRADE

Facebook has publicly disclosed that it has bought leaked databases that contain Facebook credentials of their customers. (Note that I don’t say users.) Everything posted on Facebook by a user of the social network is used to build a profile around the person. This information is then used to create personalized ads that deliver sponsored content to them.

To this date, the mechanism has been one of the most successful revenue streams that we have witnessed thus far. Facebook’s Q3 2016 report shows that the company is also stepping on the shoes of video sharing services, which will also boost the community.

The fact that the social network has gone to such lengths to protect the privacy of their users means that they are very serious about withholding and preserving their user base. Nowadays, there is hardly any living active Internet user who has not interacted with Facebook. Essentially, the Facebook security team or whoever is handling these issues must have learned of the recent large database leaks that include mainly adult dating sites.

The news reports state that one of the most popular sites Adult Friend Finder has not even encrypted the compromised user data. This is deeply disturbing as such sensitive information should be handled with extreme care. Unfortunately, it seems that many online services do not take the security of their users seriously.

In this day and age, its very difficult not to imagine that you might get hacked as criminals continue to develop exploits and dangerous viruses, such as ransomware to wreak havoc on their targets. In many cases, the victims are blackmailed by the hackersto deliver large sums of money to prevent data leakage and exposure of their corporate secrets.

FACEBOOK HAS STEPPED IN BY BUYING FROM THE UNDERGROUND MARKETS

Facebook has taken an alternative and proactive approach when it comes to defending the security of their users. The social network has taken the controversial step to pay the hackers for the compromised databases that have been leaked.

The Facebook security team has then cross-referenced the contained account credentials (usernames, emails and passwords) to the encrypted ones its platform uses. When a match is found, the team issues a mandatory password reset for that affected user.

While this has a positive side, paying hackers for providing the data can have serious consequences. Several security experts and technology analysts have stated that this only reinforces their criminal business model. We have witnessed that there is a sharp rise of hacker attacks, ransomware virus development and coordinated large-scale DDOS attacks. Add to that the growing security vulnerabilities in IoT devices which have been used in actual campaigns against various targets.

The security experts are worried that Facebook’s decision to engage the hackers might “inspire” more criminals to attack large sites that may contain lucrative account credentials.

It would be good to create a proactive solution that can deal with consequences of a hacker attack when it comes to data, much like the bug bounty programs, which are used to fight off exploits of software vulnerabilities. However, paying the criminals is probably not the best idea.

What the online services need is a clear understanding that when they are in possession of high-risk and sensitive information about their users, such as their passwords, they must protect it with all means necessary. That is something that everyone should strive to do to the best of their ability. However, the problem is that not every security expert can think from the user’s perspective.

A lot of users don’t change their passwords, and one user’s password stolen from one service could probably work on another site that they use.

The other fact is that it’s relatively easy to guess most passwords. Every year, we receive reports that users use dictionary words and simple strings like “1234,” “password,” “secret” and even “god” to protect their accounts.

It would be interesting to see if another company will disclose if it has embraced such a strategy as part of its security practice in protecting the data of its users.)

Do you think privacy of users in ensured when Facebook is using private data to design customized ads?

Solution

Solution :

Facebook provides the ability to limit who can see the information a user shares on

Facebook through a privacy setting specific to each category of information. One can
distinguish five significant levels of privacy settings specifying the visibility of a particular
type of information: Everyone, Friends of Friends, Friends Only, Hide from specific
people, and Only me. one might want to hide particular pieces of one’s information from a subset
of one’s friends as well as keep some of the information visible to “Only me” . It is against Facebook’s Statement of Rights and Responsibilities to provide false personal information.
Facebook users have shown time and again that they expect Facebook to
not expose their private information without their control resulting in a revamping of Facebook’s
privacy setting interface and a re-introduction of the options to restrict the visibility of
all information, including that of Likes and Interests. Users are deeply concerned about
controlling their privacy according to a Pew Internet and American Life Project study
, which shows that more than 65% of social network users say they have changed
the privacy settings for their profile to limit what they share with others. Facebook
users have been especially concerned with the privacy of their data as it relates to the
sharing of it with advertisers .

The unique and valuable proposition the targeting criteria they are allowed to specify for their ads.The targeting criteria can be flexibly combined,
During the process of ad creation, Facebook provides a real-time “Estimated Reach”
box, that estimates the number of users who fit the currently entered targeting criteria.
The diversity of targeting criteria that enable audience microtargeting down to the
slightest detail is an advertiser’s paradise.