Social Logins: Facebook’s New Privacy Features

facebook logins

My aversion to social logins shouldn’t be a surprise to anyone who follows my blog or has spoken to me at length about social media, but I’m always happy when any social site takes a step in the right direction when it comes to preserving the privacy of its users. Last year Facebook introduced a new Login system that would give people the option to opt out of providing private information when using their mobile app, a courtesy that was to be implemented on apps that can connect directly with your Facebook account. It looks like they’re testing those options now, which means many Facebook users will notice error messages when using the mobile app. As they work the bugs out, I hope the end result will leave the social media landscape a safer and a more private one. These changes are expected to start going into effect on April 30th 2015.

So what’s different now? In the past, the app would give you a list of information it requires for you to use it. That’s it. No options to opt out, no settings with which to fool around with; your information was essential to the app’s function. Now apps will (or should) ask you what information you’d like to provide and ask whether you would like to share information that the onwers of the app would like to have. I, for one, want to know exactly what my options will be for my favorite apps. I will give an update the next time I touch upon this subject.

Update: Collusion is Now Called Lightbeam

In one of my earliest posts, I mentioned a Firefox add-on called “Collusion”, which displayed third-party tracking cookies in a circle graph, allowing you to see from what sites these cookies are coming. After its experimental phase ended and the add-on launched for real, it changed its name to Lightbeam. This add-on is an important step in understanding how your activity is being tracked simply by going about your everyday business online. Many people might see an alarming number of circles and triangles fanning out from their favorite websites, while others who are more conscious about their online privacy will see very few. The less white you see on your Lightbeam add-on, the better:

Lightbeam

It’s never too late to take privacy into your own hands. Do you want to be advertised to every time you open up your browser? Are you sure you want strangers and corporations finding out your likes and dislikes for the sole purpose of being better equipped to sell you something? Keep in mind that Lightbeam only shows you who is tracking you; it doesn’t do anything to prevent it from happening. To maximize your security at even the most basic level, install Adblock Plus and Ghostery. It takes a while to set up so you don’t block your favorite social buttons, or to show support for your favorite Youtube channels that make money from ad revenue, but it’s well worth your time. Time is not an excuse, because it only takes minutes. Difficulty is not an excuse, because setup is very easy. What are you waiting for?

Did You Even Read It?

Post

Who’s to blame for the latest trend of posting links with sensationalist headlines? It’s hard to tell, but we all know one thing: it’s working. Well, working in that people share the content, but failing in that most people don’t even access the content for more than just the headline or the first paragraph. In fact, I’m amazed at its effectiveness. Viral content from over 10 years ago have come back with shiny new headlines and rekindled a long dead netpidemic (let’s see if I can make this term trend!). This is the latest craze, the best material we can find, and the perfect method of gathering data on the unsuspecting public through social media channels. They know where you’re coming from, and often these articles of extreme exaggeration have social logins that not only broadcasts what social sites you use, but also with whom you’re sharing the content. Other bits of data include how long you’ve stayed on the page, whether or not you’ve scrolled all the way down (that’s why some pages load partway until you scroll), and even where your mouse lingers and for how long (Clicktale). And that’s just the tip o the iceberg! If you really want to know how many ways a site is tracking your actions, install the Ghostery app. I mean just look at this. ghosteryThere are TWENTY different tracking tools and social buttons! Most sites have a hard time coming up with 4!

So what’s wrong with it? Some will say it’s harmless fun, but in my opinion, it perpetuates the spread of inaccurate data, compromises you and your friends’ right to privacy, and clutters up our social media feeds. So what can we do as users? What can the owners of these sites do as content producers? For the latter, try producing quality content without resorting to sensationalist headlines! It’s hard work, yes, but you shouldn’t have to lure people into sharing your content without actually reading your content! Why bother with any articles at all? You’d do just as well to simply have the headline and a pretty image to with it. As users we can stop sharing Clickbait content. Or at the very least we can read the articles and THEN decide whether or not it’s worth sharing! Content producers create these sensationalist headlines because people are sharing them, and people are sharing them because they’re too lazy to read. If no one takes the first step, then we’re never going to get anywhere, the content’s going to get worse, and your private information becomes that much more of a commodity. You have been warned. Now stop it!

On Passwords, Backups, and Encryption

The Passwords

It’s always worth mentioning again the importance of having a strong password in favor of one that’s easy to remember. Your personal information should never be something you risk for the sake of convenience, especially when your credit history and personal savings can be put at risk. Just keep in mind that a strong password does not necessary mean a complicated string of unrelated letters, numbers, and symbols. Unless you’re protecting sensitive government information, your password can have special significance to you, and yes, you should include different cases, numbers, and symbols. These types of passwords are almost ubiquitous in most sites that require you to create an account. No, they’re not there to discourage you from joining or make the process unbearable. These precautions are put in place with the very specific purpose of protecting your personal information. The problem is people tend to input the very minimum to meet the requirements, nullifying the original intent of privacy and Internet safety! Just take a look at the 25 most common passwords of 2013 from CBS and you’ll see what I mean. Keep in mind that even simple passwords can be made more difficult to decipher. The word “password”, for example, can be written as “P@5sW0rD”. Here we capitalize the letter “P”, use the “@” symbol to represent “A”, use TWO separate characters for “S”, and a zero for the letter “O”. Combine this with the rule “Every other regular letter has to be capitalized”, and a once simple (and most common) password is now one that is far more difficult to crack. For the sake of clarification, never use the word “password” in any way, shape, or form. Pick something with personal significance and add a string of numbers that you’d always remember, like the month and day of your children’s birthdays.

Note: Be wary of any Internet service that will send you your password if you click the “I forgot my password” button. If they do, it means your actual password is on file somewhere, which means that it can be stolen. Any website worth its salt will have a “Reset your password” function, which means that the passwords you choose are heavily encrypted, and not even the owner of the website knows what it is. Here’s a video explaining how that works:

The Backup System

The Cloud is the latest technology for securing important data, and many tech companies have jumped on board. They claim that by putting your storage space online and separate from your device, that device can be made smaller or have room for other emerging technologies, causes less environmental damage, and runs faster. But how safe is your data? Many people were quick to claim a failure in Apple’s iCloud services for the recent theft and distribution of many celebrities’ private photographs. According to Apple, the iCloud system was not breached; the data was stolen by targeting the username, password recovery, and security questions. Keep in mind that this isn’t anything new! This has always been the very first step in stealing passwords and identities online! It is by far the simplest and most effective method. So what does it come down to? STRONGER PASSWORDS! This cannot be stressed enough! If you’re constantly paranoid about your photographs and personal data, you can always opt for the original method of storing your data: external hard drives. You can keep a backup of your computer on it, and while it may require you to periodically update it manually, the only way that data can be stolen is if you are careless online (say with poor passwords) and somehow allowed a virus into your main computer, or if someone broke into your home and stole your computer and/or hard drive. In which case you can protect yourself with encryption programs.

The Encryption Method

Encrypting your computer might seem like you’re going a little too far, but for those who are absolutely serious about keeping their data safe from prying eyes, it’s an absolute necessity. With free-to-use programs like TrueCrypt (no longer maintained), you can encrypt your entire computer or partition the drive so that sensitive information cannot be accessed without the proper password or key. Even if someone did get their hands on your machine or hacked into it externally, the data you’ve encrypted would be useless and all but impossible to decipher. Whether or not your data is important enough for this safety measure is entirely up to you.

Social Logins: Who Did You Let In? [Stickied to Top Now]

social-login3Think before you click. If you shop online, you’ve probably seen it before: social login buttons that allow you to create a brand new account with a website without filling out the usual forms. If you thought voluntarily filling in those annoying little boxes with your personal information was getting a little too close for comfort, can you imagine the kind of information you’re giving up by allowing them access to your social media accounts?!

Let’s get one thing straight: unless you outright lied about every bit of information about yourself or fiddled around with the security options onfacebook-personal-profile-marketing-work-education-settings-public the social network account you’ve chosen to use at a social login gateway, you’re handing over all the information you’ve mistakenly (or unwittingly) marked as “Public”. This includes your birthday, Pages you’ve liked, friends you’ve connected to, everything on your wall, your personal websites, other social media account usernames you listed, etc. But you’re not the only victim here. Even your friends who have Public profiles will have their data collected simply because they’re connected to you. And there you have it, ladies and gentlemen: the nature of social media marketing as we see it today. Have you even read Facebook’s Data Use Policy?

This type of information collection has its drawbacks. You can’t filter out irrelevant data, and you’ll get tons of it in the dragnet. However, it will help build a scarily accurate portrait of individuals who have already signed up for your services. By logging in with your social media account, you’re doing the equivalence of clicking “Agree” in the Terms and Agreements segment of every piece of software you’ve ever installed without actually reading the Terms and Agreements. Once you put your data out there, it’s no longer yours to keep, alter, or hide. Think before you click.

TED Talk Ft. Keren Elazari on the Necessity of Hackers

I found this talk particularly interesting, because I talk a lot about Internet safety, securing your data, and protecting yourself from scams. While I don’t support the malicious actions of hackers, they also shouldn’t be viewed as nebulous boogiemen out to destroy your life, or at the very least, make it very inconvenient for you. For a system like the Internet to work, it must also be broken over and over again. The Net is very much like a living organism, and without people to exploit the weaknesses, it can never become stronger. What do you think?