What Not To Share on Social Media

The point of social media is sharing, along with openness and at least trying to be yourself over the internet. While there are a lot of things worth sharing and airing to the world, there are some things that are best unsaid – or in this case un-tweeted, un-Facebooked, and just kept to yourself.

Photos of credit cards or other financials

You might be thinking “nobody is stupid enough to do that,” but the truth is, there are people who have already done it. Some people have posted photos of their credit cards – account numbers and all, leading to some nasty comments. Clearly, this is not a wise thing to do. Others post photos of bills, leaving their names and addresses unblurred. This is a big risk that can easily be avoided. You are nullifying a section of Facebook’s Community Standards that state:

“We take the safety of our members seriously and work to prevent attempts to compromise their privacy or security, including those that use fraud or deception. Additionally, we ask that you respect our members by not contacting them for commercial purposes without their consent.”

Pranks

If you post a link that is seemingly interesting, make sure it really does lead to a worthwhile page. Otherwise, you are just wasting people’s time. Rickrolling, where linking people to a YouTube video of Rick Astley singing “Never Gonna Give You Up” was very popular, is now an annoyance. Show some maturity. This may be in violation of this section from Facebook:

“Before sharing content on Facebook, please be sure you have the right to do so. We ask that you respect copyrights, trademarks, and other legal rights.”

As well as Twitter, from their Twitter Rules:

Copyright: We will respond to clear and complete notices of alleged copyright infringement. Our copyright procedures are set forth in the Terms of Service.”

It was said that Rick Astley asked the video to be taken down. When you Rickroll, you are committing a violation.

Vague updates

If you are being vague, you are most likely asking people for attention. You want them to ask you what it is about but the truth is, nobody really cares about your vague status updates.

Crass photographs – of yourself, no less

We are not all blessed with bodies of Greek gods and goddesses so it might be in everyone’s best interests to avoid uploading that self-portrait you took when you were fresh out of the shower. Besides, the terms of Facebook say that:

“Facebook has a strict policy against the sharing of pornographic content and any explicitly sexual content where a minor is involved. We also impose limitations on the display of nudity. We aspire to respect people’s right to share content of personal importance, whether those are photos of a sculpture like Michelangelo’s David or family photos of a child breastfeeding.”

Your contact details or anyone else’s

Your phone number is a very sacred thing that should only be given out to people you know and trust. There are lots of people on the internet that will take great pleasure in making your life miserable if you happen to post your contact details on any social media websites.

Social media privacy

Your address, photos of your home, and vacation dates

These are all a combination of ways to say “I will be gone on these days but hey, look where I live and see the nice things that will be left unattended”, which, in a nutshell, is an open invitation for people with less than noble intentions.

Threats and bullying

There is nothing worse than a bully who does their dirty work online. It is also a clear violation of Twitter and Facebook’s policies:

“Safety is Facebook’s top priority. We remove content and may escalate to law enforcement when we perceive a genuine risk of physical harm, or a direct threat to public safety. You may not credibly threaten others, or organize acts of real-world violence. Organizations with a record of terrorist or violent criminal activity are not allowed to maintain a presence on our site. We also prohibit promoting, planning or celebrating any of your actions if they have, or could, result in financial harm to others, including theft and vandalism.”

“Facebook does not tolerate bullying or harassment. We allow users to speak freely on matters and people of public interest, but take action on all reports of abusive behavior directed at private individuals. Repeatedly targeting other users with unwanted friend requests or messages is a form of harassment.”

“Facebook does not permit hate speech, but distinguishes between serious and humorous speech. While we encourage you to challenge ideas, institutions, events, and practices, we do not permit individuals or groups to attack others based on their race, ethnicity, national origin, religion, sex, gender, sexual orientation, disability or medical condition.”

Violence and Threats: You may not publish or post direct, specific threats of violence against others.”

Rules are there for a reason and following them will make social media sites a better place for everyone involved.

Kill the Password

This week I would like to draw readers’ attention to an article that appeared in Wired at the end of last year. Written by Mat Honan and entitled Kill the Password: Why a String of Characters Can’t Protect Us Anymore, it makes for really interesting and alarming reading.

The author starts by explaining that he lost all of his digital life last year as his accounts were hacked, an event that lead him into investigating online security and how it is breached.

What he discovered is not for the faint hearted. The linking together of different accounts using an email as username means that any seriously interested party with a little time on their hands and very little money can relatively easily get into a single account, and from there into the others.

His conclusion is that the culture of using passwords for security is outdated, a thing of the past and that anyone who tells you otherwise is either deluded or trying to convince you of something that is not true.

The worst password choices

Worst passwords of 2012

The availability of information is a problem because of the personal question access to resetting your password. Mother’s maiden name, place born etc. are easy things to find out about anybody through ancestry sites or other documents. Once you have somebody’s email address, you try to reset the password using the personal questions through the provider’s website. The answers might be on Facebook, or on their blog, or maybe intuitive, but they are out there.

Then to the customer services rep that you speak to by phone. They are people and can be misled. The article contains a transcription of a conversation between a hacker and one of these people. As the user needs to be able to reset the password they are offered a series of questions that get easier and easier to guess. Names of best friends is possible using Facebook or other social network publications, but if not try favourite food or others, but the example given is name of one of the files in the account. Try Google, Amazon, Personal, one will be right.

So the problem is that the system needs to be flexible and easy enough to use, so we must be able to easily change our passwords, but this makes security impossible.

How can this problem be addressed? Here the trade off is privacy. If the company knows you, through your search histories, places you have been, where you work and what you like to do they might better be able to tell if the password reset-er is you, but you lose any privacy you think you might have.

Voice recognition can be tricked using recordings, biometrics and fingerprints too. Once a system uses these things that cannot be changed or reset the problem is magnified. If I have a fingerprint lifted from a screen I can use it to get anywhere and new fingers are hard to come by these days, so what do you use next?

The article poses these problems from the point of view of somebody who has been hacked, but the author also looks at who these hackers are and even meets a couple. It is big business in certain circles, particularly in the Russian speaking world where organized crime has a large stake and makes a lot of money through stealing identities and all that follows. In other circles they are just “kids” having some fun wreaking havoc.

There are a few simple strategies outlined in this (not short) article that are worth following but none are foolproof, and that is a lesson we could all learn from. Just a word of warning, it contains some harsh language.

On a lighter note happy new year to everyone, and my mum’s maiden name was Windsor (no relation to either Barbara or Elizabeth).

Instagram (AKA Facebook) in the News

Instagram hit the news with a bang today, and for all the wrong reasons.

They changed their privacy policy so that they have permission to sell any photos that users have posted to third parties. This means that maybe one day you might see that photo of your dog driving a toy car on TV advertising the said toy.

Dog Driving

A Dog driving a Toy Car

Great, you get famous. Not so great, you don’t get paid for it.

Yes our friends at Instagram have the right to sell the photo and keep the money. They may also “share your information as well as information from tools like cookies, log files, and device identifiers and location data with organisations that help us provide the service to you… (and) third-party advertising partners.”

They are not doing it for the money of course, but to “help us deliver interesting paid or sponsored content or promotions, you agree that a business may pay us to display your username, likeness, photos, in connection with paid or sponsored content or promotions, without any compensation to you.”

They just want to make your user experience more fun. “This means we can do things like fight spam more effectively, detect system and reliability problems more quickly, and build better features for everyone by understanding how Instagram is used,” it said in a statement.

If you don’t want to give them the right to do this you have a choice of course. You can withdraw all your pictures and delete your account by 16th January and never use them again.

I have written various articles about Facebook and their fluid privacy policies, you can find one here.

One of the most incredible things to me is reading the comments that these articles have provoked. Some people do not care about privacy, it seems to be a thing that only we oldies ever think about. This is a massive change in culture and opens a myriad of possibilities for exploitation in many forms.

Many of my friends use Facebook, probably all of them, but I am the odd one out. I do not use Facebook. A choice that has consequences, I could not register for Spotify the other week, they want your information. But I don’t want to share mine! And recently I applied for a job as a journalist but they wanted a breakdown of my social networking, so if you don’t do social networking you must not be a very good writer.

So make sure that your Instagram friends know what is happening so they can make an informed decision, think about what you post and where you post it, and remember, nothing comes for free, not even social networking.

Facebook site governance vote – what you need to know

If you use Facebook, I highly recommend you read this article.

If you have an active Facebook account, then in the last week you should have received an email from the social network that looks a bit like the one below.

Our Global Site Governance Vote

The email that Facebook sent out to all users about the vote on its global site governance.

Facebook is planning on making some major changes to the way it operates, specifically concerning its Statement of Rights and Responsibilities (SRR) and Data Usege Policy.

Since Monday of this week, until next Monday (10th of December) users of the social network get to vote on the proposed changes.

Which documents should govern the Facebook site?The ‘ballot paper’ gives you two options, to vote for:

  1. Proposed Documents: The proposed SRR and Data Use Policy
  2. Existing Documents: The current SRR and Data Use Policy

The vote will only be binding if one third of active users (around 300 million) vote, so your vote is very important!

So, what you probably want to know before you vote is what do the top options mean.

Option 1 – The proposed SRR and Data Use Policy

The proposed SRR and Data Use Policy, in a nutshell want to remove users voting rights. To make major changes to the site, Facebook in theory is currently obliged to ask users to vote on proposals. Facebook wants to stop this, giving itself complete control. It will instead ask users for their comments and feedback, and then (it claims) it will act on these to make changes to the platform, which the company believes are beneficial to users.

Option 1 also allows the network to share user data with its affiliates, across all its brands – like FriendFeed and Instagram. This is similar to what Google did earlier this year, when it changed its privacy policy. Google’s changes were much disputed, because of the ’empire’ of brands it owns. Facebook isn’t quite as big, but the changes are still important if you use more than one of its services.

The other major change that Option 1 would bring is that it would allow more people to message you, so if you like to have a more private and personal account, it could be harder to keep yourself as private on the network. It will do this by setting new ‘filters’ on the messaging service.

Option 1 will also see a change in how Facebook refers to certain products.

Option 2 – The current SRR and Data Use Policy

Option 2 votes to keep things as they are currently. To make any major privacy changes to the site, Facebook need to get approval via a vote, which must have a percentage of active users participate.

If you don’t like the current system, but are even more worried about the proposed changes, then Option 2 is more favourable, but really you are stuck between a rock and a hard place, as there are only two options.

Impartiality – In Facebook’s Defence…

As you can probably tell from the way I have been writing, I am more in favour of Option 2 than the proposed changes of Option 1. However, I try to ensure my writing remains as impartial, so I should give Facebook their say.

Facebook claim that the updates would be in line with what is currently “standard in the industry” in which it operates. It feels the changes would promote the “efficient and effective use of the services Facebook and its affiliates provide.”

Facebook also says that the current system favours the quantity of comments over their quality, which I can’t argue with. Currently a majority vote is needed from at least 30% of users to decide something, however were Facebook to better act on individual users opinions, and focus on what individuals are saying, rather than forcing people to vote for one option over another, should, in theory create a better social network.

That said, Facebook is likely to only act on the comments that will gain it users (or stop it from loosing them) and make it a profit. After all, it is a public limited company with a responsibility to make profits for its shareholders.

My counter argument is, if high-quality feedback is better than voting, why do many arguably successful and democratic countries around the world (like the UK, Australia, USA, all EU members etc.) elect their leaders? Why does the ballot paper have candidates on and not a ‘suggestions’ box? Then again in Facebook’s favour I suppose one could argue that 30% turnout from an online community is quite high, and could stop things moving forward, but then why not lower this to a more reasonable figure – say 15% or 20% of active users?

Enough waffling from me, it’s time to vote. To find out more about the vote, and to cast yours, head over to the official Facebook Governance Vote page.

Which option gets your vote?