JacobsD+Final+report

Jacobs D

Proximity Research Report

SOCIAL NETWORKING PROTECTION: Your Personal Body Guard

Making social networking safer and more appealing for consumers

By: Daniel C. Jacobs

Spring 2010

Table Of Contents Executive summary Introduction: Increasing attacks users look for alternatives New security groups McCafee powered virus application Users stay away to protect image Recommendations Attachment 1 Attachment 2 Resources


 * Executive Summary**

As attacks on social networking users become more sophisticated many users are being scared away from their social network sites. Gen Y is becoming more cautious, losing faith in the sites to keep their identity safe. The sites are losing users because of this and so sites are losing advertising business. This report details how Facebook can change their security settings to make their services to consumers more attractive. It will do this by designing an integrated virus software to detect malicious content before the user can be affected and to give the user greater control of their own settings. Users can use the new protection system to place their contacts into different categories, and have the ability to set the protection for each, instead of having to do individual users.


 * Introduction: Increasing attacks users look for alternatives**

Facebook's users have recently started an uproar of concern about the privacy setting and difficulty navigating the site itself. Some users attempting to delete their accounts find their attempt unsuccessful. There have been some claims of people who have "delete" their accounts but still get daily e-mails from Facebook showing unknown friend requests and app. invites. Many users are running for the hills in light of the new problems with the privacy settings and security issues of the Facebook network.

Facebook is loosing support from its users, and because of this may soon begin loosing ad support unless they fix their network. Already many users are looking for alternatives to Facebook from sites such as Diaspora. This new social networking site is attempting to simplify the experience compared to Facebook, and according to their numbers, users seem to like the idea.


 * New Security Groups:**

According to focus group sessions done by the Proximity team users expressed the desire to have specific settings for different contacts without having to change each contact separately. Because of the vast number of contacts people tend to have on Facebook, many users simply do not think that it is worth the time to set each contacts security settings. The Proximity team has come up with a solution that involves using security groups. Users can set up and name different security groups, such as work, friends, family, an so on. Each of these groups can then be populated and have settings that would include viewable information, viewable photo albums, and others that would apply to any contact in the security group.


 * McCafee Powered Virus Application:**

Users are experiencing higher rates of phishing, virus, and hacking attacks through malicious messages. To attract new users, Facebook should team with McAfee to offer an application that can be added to their personal accounts. This application will screen any incoming messages for known malicious content and attach a warning to any messages that have the potential to cause harm to the user.


 * Users Stay Away To Protect Image:**

There are many potential users who stay away from Facebook because of concern for their image in the eyes of employers or other people they believe to be important. Currently users on Facebook have the ability to Tag other users in posts and pictures. Users are able to un-tag themselves but only after the post has been put up, so others have already been informed of the "Tag." The Proximity team suggests a fix to this to attract more users that are worried about image. Allow users the option to untag themselves before the post is placed on the main page. In this way, a user would post an image, or wall post and add tags of their contacts, each contact would be informed they are being tagged and confirm or deny the tag. The original post would be put up immediately, but the tags would be added as they were approved, or not added as they were denied.

Recommendations:

It is important for users to feel safe using the site. Here is a summary of the options the Proximity team has compiled through our data collection that would allow users more protection for their identity and help Facebook attract new costumers as well as help keep current users from leaving.
 * Update user security settings to meet the needs of consumers including more personalized security settings and allowing users to put contacts into groups with each group having its own security setting
 * Integrate a McCafee virus program into the site as an optional application free to any users who wish to use it that would automatically scan incoming messages.
 * Allow users the option to approve any post in which they are "tagged" before the tag takes effect.
 * Simplify the Facebook site and security settings to allow less computer savvy users easier access to the things they need.

Attachment 1: Hacking-Facebook.com A pay-site that allows its users access to other users Facebook accounts. many users use this service, they charge 100$ paid after a successful hack. The site has been active for 4 years. They have had a significant jump in their members at the start of 2010. The following graph shows their member numbers from 06/2009.



Sophos security Threat Report: 2010

Sophos conducted research on security of social networking sites and asked members what site they believed posed the biggest risk to them. The members were asked about Facebook, MySpace, Twitter, and LinkedIn, the following chart shows their results.



REFERENCES:

"Hack Facebook Online!", This site does not give information on who wrote it or when it was updated, accessed May 16, 2010 Hacking-Facebook.com

Brian Prince, 2010/02/01, Facebook Privacy, Security Fears Grow With Social Network Risks, Received from, http://www.eweek.com/c/a/Security/Facebook-Privacy-Security-Fears-Grow-With-Social-Network-Risks-882065/

McAfee, Inc., Monday Jan 4, 2010, "Clickjacking" Attacks Hit Facebook Users, received from, http://www.mxlogic.com/securitynews/web-security/clickjacking-attack-hits-facebook-users703.cfm

CTV news staff, Friday may 14, 2010, Some Facebook Users Quit Over Privacy Concerns, received from, http://toronto.ctv.ca/servlet/an/local/CTVNews/20100514/facebook-delete-100514/20100514?hub=TorontoNewHome