Thursday, 3 November 2011

Latest Facebook security snafu: socialbots

Those friends on Facebook begging for a connection? They could be "socialbots," programming scripts that impersonate real people. University researchers got away with 250GB of user data using socialbots.





Thankfully, researchers from the University of British Columbia Vancouver didn't sell the personal information to identity thieves, but the next group of socialbots may not be so polite. Using several passes to gather friend connections, the socialbots could achieve a large scale infiltration in a few weeks with about 80 percent success. Accepting a socialbot as a friend was three times higher when there were shared mutual friends.

University researchers said their goal was to highlight the need for OSNs (Online social Networks) to build more security systems "that are less vulnerable to both human exploits (i.e., social engineering) and technical exploits (i.e., platform hacks). Why? Because users want their personal information harvested and sold by Facebook proper, not some random third party.

Facebook spokespeople at first refused to comment, then said they had serious concerns about the methodology. No announcement of security improvements has been made.

0 comments:

Post a Comment