Wednesday, January 19, 2011

Facebook giving 'access' to your mobile no, address

IT security and control firm, Sophos, has advised Facebook users to remove their addresses and phone numbers from the site, as the social network recently told developers that users' off-site contact details will now be accessible programmatically.

According to Sophos security expert, this could herald a new level of danger for Facebook users, third-party application developers are now able to access your home address and mobile phone number.

"This change isn't as drastic as it might first appear, because users will need to give permission for third-party Facebook applications to access this data," explained Graham Cluley, Senior Technology Consultant at Sophos. "But it still sounds like a recipe for disaster, given the prevalence of rogue scam applications already on Facebook - all of which benefit from apparently being blessed by the Facebook name and brand."

Facebook is already plagued by rogue applications that post spam links to users' walls, point users to survey scams that earn them commission - and sometimes even trick users into handing over their cell phone numbers to sign them up for a premium rate service. Now, rogue app developers will find it easier than ever before to gather even more personal information from users.

Sophos believes that Facebook should be making a more publicly visible effort to eliminate rogue application providers first, before opening up such valuable and easily abused personal information to its developer community."Facebook told its alleged one million app developers how to ask users for permission to access this newly liberated data late on Friday night, but we already know many users don't bother reading the small print and just click the button without thinking of the consequences," continued Cluley. "What they've failed to do is explain how Facebook will become more safety-conscious now that it has taken this controversial step."

Suggestions are flying around Twitter that users should change their mobile number to that of Facebook's US customer service line, thus ensuring that any misuse of this new feature ends up paining Facebook.

Sophos advises that all Facebook users do the following -

* Remove their address and phone number from Facebook immediately.
* Review all their Facebook privacy settings.