Facebook, Twitter and Security
Last quarter I was teaching a fully online course Digital Globalization, while this quarter I am teaching an online class on Cyber-warfare and espionage. In these courses we cover topics such as Snowden, Wikileaks, Anonymous, white and black hat hackers, NSA, zero day exploits, the Panama Papers and the Cambridge Analytica scandal. What’s interesting is the division within my students regarding privacy. There are a minority of students who are unconcerned about the issue because they feel that if they haven’t done anything wrong, why should they worry? But there is a much larger group of students who feel that this is a significant anxiety in their lives. Although they worry about the government tracking their activities, they are even more concerned about how their lives are tracked by businesses. Every time they go on social media, have a sensitive conversation near Google Home or Alexa, or text message a friend, they wonder a little about how their digital lives make them vulnerable.
Whats amazing is how little security is built into many online platforms. But few platforms have faced as much criticism as Facebook. To help understand why, you might read this post by Krebs on Security: Facebook Stored Hundreds of Millions of User Passwords in Plain Text for Years. As the article explains, this meant that Facebook’s employees could have accessed peoples’ accounts over a very long period, although Facebook says there is no evidence that they did. Since people often reuse passwords, this was a terrible security breach. Facebook is key to many peoples’ social lives. But given its flaws, it’s worth remembering never to reuse passwords, especially with Facebook. It also wouldn’t hurt, to enable two-factor authentication on key accounts (such as your bank), and always use a VPN on public wifi.
Of course Facebook isn’t the only social media tool that has security vulnerability. One of the best ways to keep in touch with digital issues is through Wired magazine, which had a recent article
Twitter Insiders Allegedly Spied for Saudi Arabia. In this case, what happened was that two employees were able to access accounts, and to pass on this information to Saudi Arabia. Social media is a wonderful tool. But one of the key concepts in my digitally focused classes is that there is no absolute privacy online, only relative privacy. This fact cannot be escaped by using the Dark Web, as the Egotistical Giraffe exploit with TOR showed. Remember what happened on the Silk Road with the Dread Pirate Roberts (yes, named after a character in the movie, the Princess Bride). Even the most savvy digital user leaves breadcrumbs. No software tool, VPN, or hardware can elide this fact. And in the age of the Internet Archive, nothing online truly disappears. This doesn’t mean that social media can’t be a wonderful tool. But its worth remembering when you use social media to convey sensitive information, or politically loaded content. And we collectively need to hold the giant social media companies (as well as as other corporations with data, including health records) to account for lax security. And if you can bear it, just delete Facebook.