?

Log in

No account? Create an account
 
 
David D. Levine
08 May 2010 @ 09:46 am
This was the last straw: New Facebook Social Features Secretly Add Apps to Your Profile.

Now, it's true that the abiity for other websites to add apps to your Facebook profile without asking was a bug, and was corrected as soon as this story was published. The fact remains that Facebook's new APIs, which allow any website to add a Facebook "I like this" button and link back to your Facebook account, made this behavior possible. Facebook users are now relying on Facebook and its partners to design well, program well, follow their own Terms of Service, and respect users' privacy. But Facebook and its partners have a terrible record on this. For example, the Facebook APIs make it easy for the "Like" button on a website to actually "Like" a completely different site. And the CEO of Zynga, maker of some of Facebook's most popular games, admits to using scams and spyware to build revenue.

I've known from the beginning that "on Facebook, you're not the customer, you're the product." Facebook provides you fun content for free, which gets your attention ("eyeballs"), which it then sells to advertisers. That's the same deal that broadcast TV offers and I've been accepting that for my whole life. But changes within the last year in Facebook's policies about users' private information, culminating in these new APIs, change the rules of that game. Facebook is no longer selling your attention -- it's selling your private information. Basically, anything you've put on Facebook is visible to Facebook's customers -- advertisers, app developers, and anyone else who gives Facebook money for it -- no matter what privacy level you've specified for it. Yeah. Read that again.

In response to these changes, yesterday I stopped leaving Facebook open all the time, instead logging out unless I was actively using it. I posted a status update to this effect, to which a couple of my more tech-savvy friends replied that they're already using a separate browser just for Facebook, just to keep it from interacting with the other websites they visit. Furthermore, one of them said:

At first I thought that simply logging out of FB would be sufficient. Then I started looking at all the .facebook.com tracking cookies that are generated when visiting totally unrelated sites. So now I block facebook.com cookies by default and manually enable them only in a private browsing session when I want to check FB (much less often than before).

That's when I realized that Facebook has become a malware platform.

I used to work for McAfee. I take computer security pretty seriously. One of the main reasons I switched from using a PC to using a Mac at home is that the time, effort, and aggravation involved in keeping the computer safe from malware is much less. And what I'm seeing in Facebook now is what I saw in Windows fifteen years ago: a platform that doesn't do enough to prevent malicious software from negatively impacting users.

On Windows, security holes are patched by third-party anti-malware tools, like McAfee and Norton. On Facebook, the users must perform their own anti-malware scanning (watching out for scams and viruses in messages, blocking undesired applications, being alert for inappropriate requests for personal information, etc.) manually. I don't think there's any technical way for a third party to automate these scans on the Facebook platform. It's going to have to be Facebook that does it, and given Facebook's recent behavior that seems extremely unlikely! It's the scammers and malware makers, not the users, who pay Facebook's bills, so this problem is just going to get worse.

I already seem to spend just as much time on Facebook blocking unwanted applications and invitations as I do interacting with my friends. When I think about the additional work that will be required to keep my private information private, I just want to run screaming.

This is only the last straw. I've been annoyed for years by Facebook's user interface (which changes frequently but never gets better), by its ads, by its psychological manipulation of its users, by the way it lets random strangers associate my name with any photo they like.

This isn't about the time spent on Facebook, it's about the Facebook corporation's business practices. I have over 1000 Facebook friends; many of them are my actual friends and I enjoy reading their updates and sharing conversations with them in comments. The rest of them are, at least, potential readers of my fiction and Facebook is an excellent way to keep my name in front of them. But I've come to realize that, by providing interesting content for Facebook to use to attract and keep users, I'm part of the problem. I'm a professional writer who's been giving content away to a company that I've come to despise.

That stops today.