November 3, 2012
redOrbit Staff & Wire Reports - Your Universe Online
In an attempt to help quell privacy fears, Facebook has rolled out changes that will give more detailed and specific information with regards to a variety of information-sharing topics, various media outlets reported on Friday.According to Jolie O'Dell of VentureBeat, the social media giant will allow those signing up for the service to "get the low-down on online privacy from the very start. Facebook has made the information more prominent and more detailed, with specific information on the topics most relevant to individual privacy."
The new registration process will show new users how to make changes to their default privacy settings, ask them to choose up front how the information posted to their Timelines will be shared, and teach them about which individuals and programs can access their data -- including apps and Facebook games, according to O'Dell.
"If new Facebook users understand their privacy on the site, they´ll trust Facebook more and share more too. So Facebook has just made privacy education a central part of the sign-up flow," explains Josh Constine of TechCrunch. "Without this new tutorial and the addition of in-line controls, rookie Facebookers would have to dig through privacy documentation and uncover controls buried in the site´s setting pages."
"We're pleased to be rolling out more prominent and detailed privacy information to new users as soon as they begin the account sign-up process," Facebook's chief privacy officer Erin Egan told FoxNews.com. "At Facebook, we're committed to making sure people understand how to control what they share and with whom, and we appreciate the guidance we've received from the Irish Data Protection Commissioner´s Office as we strive to highlight the many resources and tools we offer to help people control their information on Facebook."
The privacy-related tweaks come on the same day a reported flaw in the social media website made it possible for users to access some accounts without having to input a password. According to BBC News, Facebook officials were working to close the loophole, which was first revealed in a message posted to the Hacker News website -- a message which could be used to locate a list of links to well over one million Facebook accounts.
"The message posted to Hacker News used a search syntax that exposed a system used by Facebook that lets users quickly log back in to their account. Email alerts about status updates and notifications often contain a link that lets a user of the social network respond quickly by clicking it to log in to their account," the British news agency said. "In a comment added to the Hacker News message, Facebook security engineer Matt Jones said the links were typically only sent to the email addresses of account holders. Links sent in this way can only be clicked once."
The links could be found using Google, the reports said, and according to Jones, in order for a search engine to have been able to locate them, the content of those emails would have been published on the Web at some point. Jones told the BBC he expected most of the 1.32 million links would have expired by now, but the feature had nonetheless been temporarily disabled for security reasons.
Most of the affected accounts were reportedly Russian or Chinese in origin.
According to BBC News, Facebook made an official statement announcing the links were sent "directly to private email addresses to help people easily access their accounts, and we never made them publicly available or crawlable.
However, the links were then posted elsewhere online, allowing them to be indexed on search engines, according to the statement.
"While we have always had protections on these private links to provide an additional layer of security, we have since disabled their functionality completely and are remediating the accounts of anyone who recently used this feature," the official statement concluded.