Facebook’s C.E.O.’s page has been hacked!
Who’s the bitch now, Mark?
The president of France, a Missouri state representative and now Facebook’s C.E.O. himself have all been social identity victims in recent weeks. Their Facebook pages have been hacked.
Poor spelling and grammar made the Mark Zuckerberg fake message a dead giveaway, but these latest hacks have again brought up the digital-age question: “How safe is your Facebook page?”
The Zuckerberg fan page hacking is just the latest mishap to add to the growing list of security breaches, questionable information exchanges and leaks that have plagued Facebook.
Although early stories varied on how the hacking occurred, tech sites started posting news about an authentication flaw the middle of last week. The flaw affected Facebook application users who keep their Facebook pages open while visiting questionable websites, but this hole has been fixed.
Three days after Mark’s page was hacked, the company’s official blog announced an upcoming “Data Privacy Day.” The blog posted a corresponding entry titled “A commitment to continued security” which outlined new advanced security features designed to help keep Facebook information secure.
On Nov. 9, The Mainstream published an article pointing out some Facebook security holes, like the danger of using an unsecured http site where hackers can easily steal any log-in information (Facebook or otherwise). The dangerous combination of the unsecured nature of Facebook being used on an unsecured wireless network, like the one here on campus, makes users’ passwords and log-in information extremely easy to access. Facebook has addressed this issue with its “commitment to continued security.”
These security commitments include a secured https site default option, a one-time password generator (a temporary password good for only 20 minutes), a remote logout feature and a social authentication security feature which requires users who’re locked out of their pages to identify the faces of their friends.
The most important security option is the https site default setting. Users who access Facebook on a wireless network should change their settings to https immediately; a few clicks in the “Account Settings” page is all that is required.
Scroll down to “Account Security,” select “change” and click the box next to “Browse Facebook on a secure connection (https) whenever possible.” This will default you to a secure(hence the “s”) https Facebook page. Although Facebook does warn that users’ pages may run more slowly, enhanced password and site security are a fair exchange.
The unique one time password generator is useful for users on a public network in a hotel, coffee shop or college campus like UCC with an unsecured wireless network. Users must text to 32665 with “otp” (for “one time password”) in the body of their text. They will then be sent a password which can be used only once for 20 minutes. A mobile phone number in the account is required, and the service is available only in the U.S.
Remote log out is another security feature in the “Accounts Security” settings. By checking here, users can view all of the other devices they are still logged into. This feature is useful for people who have logged into their Facebook pages from a friend’s phone or public computer and have forgotten to log out.
The social authentication security feature is the most unique option and totally Facebook-style. If Facebook notices strange account activity, like a user being logged in from a computer in Asia who was a few minutes earlier logged in at, say, UCC, the user will be locked out and then shown a few faces of his or her Facebook “friends” and asked to identify the friends by name.
The system isn’t flawless (not all “friends” are that friendly – gamers, for instance, may not know the faces of the people they play with). Facebook and its extreme algorithms may need to come up with a plan for this in the future.| The Mainstream is a student publication of Umpqua Community College. | About us | Advertising | Archives |