Ir para o conteúdo
  • Revista PROGRAMAR: Já está disponível a edição #60 da revista programar. Faz já o download aqui!

herakty

Dear Facebook, it's time to act like a grown-up about security

Mensagens Recomendadas

herakty

o perigo que há muito falo do vector web e em particular a web2 e redes sociais... mas qualquer forum, blog, wiki, o que seja sofre dos mesmos males... mas não é o fim do mundo... é só ter-se muitos cuidados

I appreciate your service. I really do. I'm sure that many of your 400 million active users appreciate it as well. But now that you have a market value estimated at billions of dollars, it is time for you to start acting like a grown-up company. That means you have to provide basic security for your customers. And it means responding when your customers try to contact you, as I did recently to talk about an important security issue. Do you think you will be able to hold on to 400 million users if you treat them that way, and if you put their computers at risk? I don't.
Here is what I wanted to talk to you about, though: You are leaving your users open to a major security risk. Five minutes ago, I clicked on a page on your site, causing a new window to open that urgently warned me that my system was loaded with viruses. I was encouraged to click a link in order to run a program that would rescue my machine, but I didn't do that; I know malware when I see it, and I don't allow scripts to run on my computer. The problem is that many of your 400 million users don't know very much about malware. And by allowing things like that pop-up window from your site, you are putting their computers at risk. And that's bad news for all of us, since the likely result will be even more botnets in the world.

This was the fifth time in a month that something like this happened to me on your site. Now, if it happened to me that often, how many millions of times did it happen to all those other Facebook users?

Why are Facebook users being exposed to risk this way? Because you allow advertisers on your site who provide malicious links. Worse, you seem to do nothing to prevent such "ads" from running programs when someone loads the page. A company with 400 million customers that's worth billions should be able to filter out these attacks. I know plenty of sites run by much smaller entities that do as much. And I don't know of any other major site that allows this sort of thing to happen.

Mais em:

http://www.computerworld.com/s/article/9160818/Opinion_Dear_Facebook_it_s_time_to_act_like_a_grown_up_about_security?source=CTWNLE_nlt_security_2010-02-24

teckV

Partilhar esta mensagem


Ligação para a mensagem
Partilhar noutros sites

Crie uma conta ou ligue-se para comentar

Só membros podem comentar

Criar nova conta

Registe para ter uma conta na nossa comunidade. É fácil!

Registar nova conta

Entra

Já tem conta? Inicie sessão aqui.

Entrar Agora

×

Aviso Sobre Cookies

Ao usar este site você aceita os nossos Termos de Uso e Política de Privacidade. Este site usa cookies para disponibilizar funcionalidades personalizadas. Para mais informações visite esta página.