Took my last test yesterday and class is done. I did want to share something I found interesting with this class in security. The last chapter dealt strictly with risk. It even had one section for social networking, Facebook. Here are some of the things you need to be aware of, as far as security goes, while using Facebook. This next part is out of my book, Security + Guide to Network Security Fundamentals, by Mark Ciampa.
"Social Networking sites like Facebook, are popular with attackers for several reasons:"
They provide a treasure trove of personal data. Your profiles contain employment history, where you have lived, birthdays, spouse and child information.
Users are generally trusting. Someone joins the network and after several weeks you are sharing most everything with them, including when you are going out of town. How many times have you seen people post things like, "On our way to the beach for a week, loving life." I have to say that one I could figure out with out the book. You think that only your friends can see what you post but, who ever your friends have friended can also see what you post. I have had people comment on something I posted that I did not even know.
"Consider carefully who is accepted as a friend." I do not accept people as friends if I do not know them face to face. Sometimes this is bad because I have a terrible memory and people I went to high school with have tried to friend me and I have not done it because I don't recognize the name or their face. Attackers pray on this in the hopes that you will think you know them and accept their friend request. I have had this happen and I know I did not know this person. I pulled up their profile and they had 3 friends that made me very suspicious so I did not accept the friend request and blocked that person from asking again.
"Disable options and then reopen them only as necessary. Users should disable options until it becomes apparent that option is needed, instead of making everything accessible and restricting access after it is too late. Many attackers engage in Facebook scraping by gathering personal information from a user's Facebook site that may appear to be harmless yet may be very valuable." Here is a good example, if an attacker is trying to steal a password they could very easily find out your challenge password answer to the question, What high school did you attend?" This course gave a lot to think about.
Per the book, you should limit who knows when you are online, who sees your profile, and pictures.
This is just the tip of the iceberg that we went over for this class but, I thought this needed to be shared. I want everyone to be safe on the net.
No comments:
Post a Comment