Comments on: Security Review: Facebook Applications

By: Lisa Permatasari

Lisa Permatasari — Sat, 17 Jan 2009 02:33:34 +0000

I also agree that Facebook should have rules of who have permission of writing applications. Like stated in the review, developers can have access to the database, so if developers who have bad intention are making applications, they can play around with the database. They can steal users’ private information. Or it could be that irresponsible developers misused the database.

One solution that I could think about is for Facebook to choose some applications randomly and check them. By doing this, there is possibility that they find any security problem in the codes and if the application is malicious, they can block the developer from making another application.

By: Sean Miller

Sean Miller — Thu, 15 Jan 2009 20:23:56 +0000

With social networking sites being as popular as they are, they are certainly going to be targets of not only attacks such as hacking, but also social engineering attacks. I agree with Kosh that Facebook has definitely jumped the gun on allowing 3rd parties, of whom they seem to have little legal responsibility for, to have access to the entirety of our and our friends profile information.

It seems to me that they could cut down on the likely hood of an attack by allowing only trusted developers to publish content for applications, but it removes the openness of Facebook.

With the amount of information that is stored on Facebook and how easily a faulty application can be used to step around privacy barriers, Facebook should highly consider either spending the money to make these applications safe, or limit what can be published. Without either of these steps, Facebook looks like a huge threat just waiting to be leapt upon.

By: hanum

hanum — Tue, 13 Jan 2009 14:17:50 +0000

So, how to prevent a Facebook hack from suspicious 3rd party applications? Any suggestion? Thank's before Gunadarma University Indonesia

By: Joylynford

Joylynford — Tue, 13 Jan 2009 09:33:12 +0000

the recent reports regarding the hacking of social bookmarking accounts has made me to think twice to be a part of such sites. is facebook protected towards such hacking

By: kosh

kosh — Mon, 12 Jan 2009 05:23:53 +0000

I really think that Facebook jumped the gun released it’s application framework a little too soon.

For one, there is no way for the company to police all of the apps submitted without incurring huge cost overhead. But, for a company like Facebook, which still doesn’t quite have model to generate money from users, this is definitely a hard thing to do.

The result? –> The users get short changed and are put at risk while facebook tries to experiment apps as a way make money (or break even).

I really don’t see a viable solution for this issue unless it is acquired by a big profit generating corporation (read Google or M$) which has the resources and the a reputation at stake (to guarantee privacy and security for the user).

By: Facebook Security

Facebook Security — Sat, 10 Jan 2009 08:03:24 +0000

[...] the website of the University of Washington Computer Security and Research, they have posted a review on facebook security, which is worth reading for anyone with an account with that [...]