back to article One thumb up for Facebook security improvements

Security changes designed to curtail the spam and scams that have become endemic on Facebook over recent months have received a cautious welcome from security watchers. Facebook has introduced a raft of features including: a known-bad-site blacklist (via a partnership with crowd-sourced blacklist outfit Web of Trust); …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Pint

    Oh no

    Is Graham Clulely ill?

    Hope he gets better and back to work again soon. Wouldn't want to miss out on what Sophos think.

    1. Graham Cluley

      Cluley ill?

      I'm not medically qualified so I can't give you a definitive answer on this one - but I feel fine, thanks.

  2. DavCrav

    Two-factor authentication?

    Seriously? For Facebook? Does anyone think that would be turned on? And then the entire point of it has gone, because they can say "we have given users two-factor authentication and they don't want it", and use that as an excuse not to give other security improvements. No, come up with a better idea than that.

  3. Anonymous Coward
    Anonymous Coward

    It's some sort of sport, innit.

    To see facebook bumble and stumble and to keep prodding them to go in directions somewhat vaguely resembling respecting their users' privacy.

  4. Gav
    Thumb Down

    Tell us more to protect you

    "As an opt-in service, Facebook will send users an SMS every time someone logs in from "a new or unrecognised device"."

    So Facebook wants my mobile phone number?

    So not going to happen.

    1. Fred Flintstone Gold badge
      FAIL

      Exactly!

      That was my immediate take on this "service" as well. No flaming way in hell.

      If they wanted better security they could start to support OpenID, so that you can select the level/quality of security you want by choosing teh right ID provider (also the reason why I would NEVER choose Facebook as login provider - yes, let's give them an idea where else I log in)..

  5. Anonymous Coward
    Joke

    re: including: a known-bad-site blacklist

    Wonder if we can get Facebook's urls on it :)

  6. Gilbert Wham

    "two factor authentication"

    Or, a way of ensuring they've managed to extract a working mobile number from you to add to their data pool...

  7. Morris Maynard
    Thumb Down

    No

    _No_ popups everytime I "like" something. That is ridiculous.

    _No_ 2-factor auth. Most of those schemes are worthless and many actually decrease overall security.

    Sophos should be named Moros.

  8. Elmer Phud

    Oh yeah?

    I've recently removed links to games that require me to leave the HTTPS Facebook in order to play them. (This is after removing the games that want to look at everyone elses profiles etc.)

    Will FB be doing anything about these?

  9. Fred Flintstone Gold badge

    Meanwhile..

    .. every single App I have looked at will pillage your friend's profiles when you use it. Translated: my *cough* privacy *cough* settings don't matter much. I set all App settings to the digital equivalent of "fuck off" but spam has elevated dramatically since I used FB.

    I think I'm going to change the email account and see how long it takes for new spam to arrive..

  10. Aussie Brusader
    Go

    Remove all security on Facebook

    And replace it with the a notice that says "Everything you write on this public site can be accessed everyone everyone else"

  11. Chris Harden

    Overkill much?

    Why don't we just send a OTP keyfob to everyone in facebook - that will be high end security. And then we shoudl turn off the Interwebs, as THE HACKERS lives there!

    Idiots.

    1. Chris Harden

      um

      I should have added I'm talking about the Sophos guy, not FaceBook - fair play to FaceBook for this, I guess it'll help the people who take FB WAY too seriously.

This topic is closed for new posts.

Other stories you might like