Friday, March 11, 2011

My Facebook Manifesto

Thursday, August 19, 2010 at 10:21pm
I joined Facebook in 2007. A student had once asked me if I was on Facebook, but I had not taken the plunge yet. Originally, Facebook was only for college students (a bit more mature than the MySpace crowd) and required an e-mail address ending in .edu to register. What really prompted my entry into the world of Facebook was a student op-ed piece in WVU's Daily Athenaeum newspaper complaining about faculty members being on Facebook (since we have an .edu address as well). This student did not think it was fair that faculty members should be able to "see" their students outside of the classroom. Well, after reading that commentary, I decided if they didn't want me on there, then I would have to see what I was missing.

I enjoy using Facebook (FB) as a diary of my adventures. I also like to use this "Notes" feature to share my thoughts in a longer format than just a status posting. It is a bit like my own personal blog. If you want to learn about me, read my FB Notes.

The most important thing for those new to FB is the Hide button. If you don't use this button, you will likely get overwhelmed with Farmville, MafiaWars, and other junk choking your newsfeed. The button is not readily visible; you must roll your cursor around the top right corner of the entry before an "X" will appear. Clicking the X will give you the option to hide the "junk mail" from that particular game or application, or to hide that particular friend, or to change your mind and cancel out without doing anything. Too many FB rookies don't learn about this button, and give up on FB because the junk crowds out the posts they might be interested in seeing. They just disappear from FB and shake their heads wondering why so many folks like it.

Speaking of games and apps (e.g., What's your cosmic horoscope or Which Brady kid are you most like?), I don't participate with any of them. FB does not guarantee the safety of these third party programs, and they have become a source for malware distribution, spamming, identity theft, etc. In addition, they also have become a major time waster for those who take the plunge, and I don't have time to get addicted to such silliness. If you are into these things, then bully for you, but don't expect me to be playing along. As soon as some new game or app shows up in my feed, it gets hidden.

Another essential move that I would recommend to everyone is to set your privacy settings to "Friends Only" so that you are only sharing your information with those you know and trust. This can be done by clicking on "Account" in the top right corner, and then selecting "Privacy Settings." Because of the exponential growth of FB, the bad guys are moving in and using it for their nefarious purposes. I prefer to shield myself from them by limiting my visibility to only my friends.

I also would recommend that FB users should visit and "like" OnGuard Online to keep up with security issues. Another important news source to "like" is "Facebook Security" which gives the official security recommendations from the Facebook home office. Most folks don't realize how dangerous the Internet is becoming, but these sites are a good starting place to learn.

One popular thing to do on FB is to share your birth date, and then your friends send birthday greetings. However, since identity theft often begins with getting one's birth date, I chose not to share mine. In order not to encourage this practice, I generally refrain from sending birthday wishes to others (just because you don't get a birthday wallposting from me doesn't mean I don't like you). If you feel that you must get in on the birthday bandwagon, then please consider only posting the month and day, but not the year. This may make it a bit tougher for the identity thieves (until they see what year you graduated from high school).

It is important to only approve friend requests from people you really know. While there may be some ego involved in getting your total number of friends up higher, it is best to avoid being "promiscuous." Social engineering is a term used to describe when hackers are able to infiltrate a system not by using technical tools, but instead simply by playing on a person's ego. There have been numerous cases of good-looking and flirtatious strangers getting approved as a friend, only to later steal information.

I have a few rules for myself about accepting friends. I don't accept friend requests from current students—I tell them they must wait until after the final (and some have sent their friend requests right after completing it). I also have a current practice of avoiding friends from my day job with the government. I prefer to use FB primarily as a way to keep up with former classmates as well as my students. It provides me with a bit of an escape from my real 9 to 5 job. I don't expect others to emulate this practice, but I wanted to explain my current thinking on this topic.

Another suggestion for those new to FB—try to refrain from posting every little thing you do. Now perhaps some may think I post too much (because everyone has their own thoughts as to what is too much). It all depends (in my mind) if you have something important to say. The fact that you just drank a cup of coffee might not be all that important to your friends, especially if you are making several other inane postings each day.

I also tend to post more about things that I have just completed, rather than posting my plans ahead of time. That way I am not announcing to the world, for example, when I am going to be away on vacation and thus encourage my house to be robbed (see www.pleaserobme.com).

One recommendation that should be obvious is that you need to choose a FB password that is complex so that the bad guys can't break into your account. It should have at least eight characters (mine has more) and be somewhat complex (in other words, not "qwerty" or "password" or "letmein"). It is also important to not replicate passwords among various sites—create a unique password for important accounts.

If you ever receive a message from a friend claiming to have been in some emergency and requesting you to send money, BE VERY WARY. Often this means that your friend's password has been cracked and their account hijacked. Also, if a friend ever posts a video on your wall or sends you a message with a link to a video, and upon clicking to view it you are asked to download a software update before you can see the video, then you should cancel out immediately. Do not download the software update that is being offered, because it likely contains malware. Check independently to see if you need a software update (I recommend Secunia's Personal Software Inspector, a free service to keep all your PC's software up to date—it's free and available at http://secunia.com/vulnerability_scanning/personal/). Hopefully everyone already has anti-virus software and a firewall installed on their PCs.

You might think that after reading all this, I am anti-Facebook, but I am not. Take a look at the gratitude I expressed towards its ability to increase alumni turnout at the recent UC Governor's Cup event in one of my previous FB notes (http://www.facebook.com/note.php?note_id=388147880755). It is a wonderful tool for keeping in touch with friends, and I spend far more time on it than I originally intended. Just be careful and don't go overboard with it!

[By the way, since writing this, I discovered the Sophos page on Facebook.  By "liking" it, you are kept up to date with the latest malware news.  I highly recommend it!  Also, check out their Internet blog at  http://nakedsecurity.sophos.com/]

No comments:

Post a Comment