Welcome to E8 :: [eon8]

Register now to gain access to all of our features. Once registered and logged in, you will be able to contribute to this site by submitting your own content or replying to existing content. You'll also be able to use the shoutbox, customize your profile, change themes, gain reputation points for submitting content, while also communicating with other members via your own private messenger, plus much more!

 

This message will be removed once you have signed in.

Sign in to follow this  
kxrxoxnxixc

Facebook stealth installs and adware hace arrived

4 posts in this topic

Already under fire for taking liberties with users' privacy, Facebook was outed on Thursday as a distributor of unwanted applications, some of which install adware or are added to user profiles without permission.

As noted earlier by PC World, the social networking site silently adds apps to profiles whenever a user is logged in and browses to certain sites. Facebook displays no dialogue box or notification window asking permission, and there is no easy way to opt out of the process.

A second report by security researcher Gadi Evron found that Facebook is being used as a distribution platform for adware such as the FLV Direct media player. The software comes bundled with adware from something called Zugo Search, according to researchers from anti-virus provider Sunbelt Software.

In a game of whack-a-mole, Facebook appears to be killing the links to the FLVDirect.exe download within hours of them being posted, but as soon as one goes down another seems to go up. To entice users to install the crapware, the come-ons include images of well-endowed cleavage in a pink bikini.

Since its beginning, Facebook's philosophy with user privacy has been that it's better to beg for forgiveness than to ask for permission, and that's what seems to be going on here. Rather than seeking consent before installing apps from partners such as TechCrunch, CNET and The Washington Post, Facebook just adds them to user profiles. It's hard for users to make informed privacy decisions when they aren't even aware it's happening.

What's more, short of logging out of Facebook each time before browsing to another site, there doesn't appear to be much users can do to stop the stealth installs. (We asked Facebook PR if there was an easier way to prevent them, but we never got a response.)

As we pointed out, Facebook appears to be trying to block the adware links. But with more than 1 million reported developers, it's questionable how effective that strategy will be. As Evron notes, Facebook has long been premised on the idea that anyone can write apps.

"This openness has been an asset to the entire community, but unfortunately, when a society grows and criminal elements present themselves, systems sometimes can't scale," he writes. "Some freedoms have to go if the system itself is to survive."

Update

After this posting was published, a Facebook spokesman sent the following statement:

Application developers must comply with our Developer Principles and Policies, which require that applications provide a trustworthy experience. We have a dedicated team that conducts spot reviews of top applications and of many other applications, including looking at the data they need to run the application versus the data they gather. This team regularly enforces our guidelines and disables applications that we find to be in violation.

There was a bug that was showing applications on a user’s Application Settings page that the user hadn’t authorized. No information was shared with those applications, and the applications did not appear to anyone but the user. This bug has been fixed.

Share this post


Link to post
Share on other sites

Its really not surprising to me. Social networking sites are filled with shady ads and software. Its a double edged sword as I see the need for places like Myspace and Facebook but I also don't see the need for them. Something like Twitter though I can't think of a single reason for its existence.

Share this post


Link to post
Share on other sites

Well, more people are giving away their safety and privacy in exchange for things like these, you really can't blame Facebook, Myspace, etc. It's the people here at fault for being ignorant about where they are putting their information. If you don't like it, don't use it.

Share this post


Link to post
Share on other sites

Indeed, I agree with anewformation, Since everything is public, don't put up what you dont want people to see or know about you. I have both a myspace and a facebook, but my myspace and facebook differ greatly in the information that is available. My myspace doesn't have my name anywhere in it and the overall available information is different. I ahve photos that only "friends" can see, and a lot of albums that are visible to me only, just photos of younger days I don't wanna lose. My facebook is one iage with no information since it's far easier to see information on facebook about people than myspace, no to mention both of my accounts run on an outdated e-mail that no longer exists.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this