Facebook Wants to Issue Your Internet Driver's License

Source

According to Technology Review, Facebook is becoming a "critical part of the Internet's identity infrastructure" and wants to supply your Internet driver's license. Facebook Login allows any website to use its identity infrastructure by adding a few lines of code so users will see "Connect with Facebook" button on the site. Facebook Connect is one of the most popular codes adopted by websites, so that anyone with a Facebook account is but a click away from logging in, "liking" or sharing a site.

Hence another reason to either not have a Facebook presence or to use an alias.

Before you remind me that use of an alias is against their rules...no need to remind me.

reply to post by bozzchem


Hey Bozz, S&F. Still, it's been tried before ala MS's passport crapola.

Everybody wants to be your "one stop" online experience. They overlook that it is the variety of content that's made the internet so well used and embraced.

reply to post by bozzchem


I thought this must have happened a long time ago, I got Facebook a few months ago (not too sure if it was worth it) and whenever I am logged into Facebook every website appears to know who I am and who my friends are, on news sites it shows what some of my friends have "liked", but what is really disturbing to me, and annoying, is that whenever I go onto Scribd, a document sharing site, I am automatically logged in with my Facebook account, it shows my name at the top, and I cannot remember giving Scribd permission to use my account for anything. I have not even yet worked out how to stop this, but I think you can change some setting in Facebooks "privacy" settings, however this probably will not stop websites silently knowing who I am, or at least who they think I am

reply to post by bozzchem


The article cites Firesheep (link to official website) Now you want to talk about potential for Identity Theft: that little beast gives you the keys to the castle (e.i. FACEBOOK, check the site!) and if that castle issues your gov't internet ID... ppppfffttttt, forget it. Your information is in China by then, mined for God knows what.

When logging into a website you usually start by submitting your username and password. The server then checks to see if an account matching this information exists and if so, replies back to you with a "cookie" which is used by your browser for all subsequent requests.

It's extremely common for websites to protect your password by encrypting the initial login, but surprisingly uncommon for websites to encrypt everything else. This leaves the cookie (and the user) vulnerable. HTTP session hijacking (sometimes called "sidejacking") is when an attacker gets a hold of a user's cookie, allowing them to do anything the user can do on a particular website. On an open wireless network, cookies are basically shouted through the air, making these attacks extremely easy.

This is a widely known problem that has been talked about to death, yet very popular websites continue to fail at protecting their users. The only effective fix for this problem is full end-to-end encryption, known on the web as HTTPS or SSL. Facebook is constantly rolling out new "privacy" features in an endless attempt to quell the screams of unhappy users, but what's the point when someone can just take over an account entirely? Twitter forced all third party developers to use OAuth then immediately released (and promoted) a new version of their insecure website. When it comes to user privacy, SSL is the elephant in the room.

Today at Toorcon 12 I announced the release of Firesheep, a Firefox extension designed to demonstrate just how serious this problem is.

I didn't know that use of an alias was against their rules. Yet another reason to stay far, far away from that POS.

If this flies, well...you know....the end of the world as we know it. But it won't. FB and its owners and whoever else is part of this ludicrous scheme is getting lost in its own matrix.

What suck's is that you cannot delete facebook.
The only thing i've found you can do is "Turn it off, as though i want to get it back"


That's where myspace did it right :|

reply to post by igigi


Thanks for that link! I missed that but will most certainly take a further look into it. My initial read of the site you linked did not sit well with me....at all.

Originally posted by mydarkpassenger
reply to post by bozzchem

 

Hey Bozz, S&F. Still, it's been tried before ala MS's passport crapola.

Everybody wants to be your "one stop" online experience. They overlook that it is the variety of content that's made the internet so well used and embraced.

edit on 13-1-2011 by mydarkpassenger because: cause

Absolutely! I agree it has been tried before....BUT Facebook seems to have become a phenomenon beyond anything anyone initially expected. Hell, it has basically put MySpace out of business.

I made the mistake of starting a FB page and made some serious changes after seeing my "stuff" swinging in the breeze and realizing that anyone who has ever known me will find me and then proceed to tell me what they had for breakfast, lunch, dinner, snacks, etc.

Originally posted by ~Lucidity
I didn't know that use of an alias was against their rules. Yet another reason to stay far, far away from that POS.

If this flies, well...you know....the end of the world as we know it. But it won't. FB and its owners and whoever else is part of this ludicrous scheme is getting lost in its own matrix.

edit on 1/13/2011 by ~Lucidity because: (no reason given)

Going 40 in a 35 zone is against the rules...whoops! I do find FB a good resource but one that needs to be used judiciously and OPSEC needs to be thought of every time you think about making a post on your wall or anywhere else on the site.

reply to post by bozzchem


I know, right? It definitely makes me wary of using unsecured networks and logging into... say... my bank account, gmail, facebook, etc.

Then again, simply using wireless puts your data at extreme risk to packet-sniffing....

Originally posted by bozzchem

Originally posted by mydarkpassenger
reply to post by bozzchem

 

Hey Bozz, S&F. Still, it's been tried before ala MS's passport crapola.

Everybody wants to be your "one stop" online experience. They overlook that it is the variety of content that's made the internet so well used and embraced.

edit on 13-1-2011 by mydarkpassenger because: cause

Absolutely! I agree it has been tried before....BUT Facebook seems to have become a phenomenon beyond anything anyone initially expected. Hell, it has basically put MySpace out of business.

I made the mistake of starting a FB page and made some serious changes after seeing my "stuff" swinging in the breeze and realizing that anyone who has ever known me will find me and then proceed to tell me what they had for breakfast, lunch, dinner, snacks, etc.

Oh yeah there is no doubt that anyone on FB needs to keep current on what they (FB) are doing next, and adjust your profile settings accordingly - they are not the sharpest tools in the shed at alerting users to potential pitfalls by any means.

I mean they really suck at that.

Still, I've found it a lot of fun and a good way to reconnect with friends I haven't seen in years.

I guess it's like that old saying: buyer beware.

I have a facebook , (hate it). try deleting it ,very difficult. you must close it down and make sue nothing accesses it for two weeks. not your phone or email or anything , otherwise it will become active. Huge potential for privacy concerns. Note to self must close it and dont go near my face book untill it disappears. he he

reply to post by bozzchem


I will never use facebook.

Enough said.

reply to post by andy1033


I definitely refrain from using Facebook Connect to log into non-Facebook sites... that *&%^ is shady imo.

You log into Site A via your Facebook credentials.. Site A passes that log on info to FB for verification; passes? Then FB serves any information that site requests. Friends, likes, photos, personal information (unless you change your Privacy settings!!), etc.

Now the middle man Site A has direct access to the contents of my Facebook and all related materials?? No thank you.

I just found this:



Sounds dreamy, no?

reply to post by bozzchem


Yeah, that is damned creepy. Prompted me to check out my privacy settings, found this:

Choose Your Privacy SettingsApps, Games and Websites
Info accessible through your friends->Control what information is available to apps and websites when your friends use them.

Almost every bit of my information was checked, by default.

Also:

Public search->Public search controls whether people who enter your name in a search engine will see a preview of your Facebook profile. Because some search engines cache information, some of your profile information may be available for a period of time after you turn public search off.

Again, on by default...