Facebook users call for application "walled garden" to protect against attacks

Filed Under: Apple, Facebook, Malware, Rogue applications, Social networks, Spam

What many folks don't realise is that Facebook is much more than a social networking website, it's a platform with over half a million active applications running upon it.

Inevitably some of these third-party applications are written with malicious intent - designed to steal information, spread virally, or spam unsuspecting Facebook users. Anyone can write a Facebook application, and it can be made available to the site's over 500+ million users without any vetting by Facebook's security team.

So, it's no wonder we see so many malicious attacks by rogue Facebook apps every day.

Last week, I asked a simple question of our blog readers

Should Facebook follow Apple's example, and have a "walled garden", verifying all apps?

and the response was a resounding "Yes".

Poll on whether Facebook should verify all apps

I'd love to see Facebook to follow the example set by Apple when governing the iOS App Store. Apple checks every app submitted to its store, but Facebook does nada preferring things to be relaxed, free and easy. It would certainly make life much harder for those scammers, identity thieves and con artists who are actively exploiting users via rogue applications right now if a rigorous verification system were put in place.

Or, at the very least, Facebook could do what some members of the Sophos Facebook community suggested, and give users a security option meaning they would only be able to install Facebook apps that had been verified - and not be pestered by apps that hadn't bothered to go through the process.

The question now is - are Facebook brave enough to take the step for the benefit of their users? Let's not forget - this is people's personal identities and information that are at risk.


You might like

2 Responses to Facebook users call for application "walled garden" to protect against attacks

  1. Spammyboy · 1503 days ago

    The screening should be security-based only. The problem with Apple is that all apps are vetted to make sure they fit Jobs's very restrictive values.

  2. Yes, I already knew about this nice fearute for enterprise products users, but unfortunately my employer still prefers to sell Trend Micro WFBS to our customers, although it causes many troubles regularly. :-| (New WFBS 7.0 is even more nasty than 6.0. We had to remove it.)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at https://grahamcluley.com, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley