Social Networking Is Fun, But Danger Lurks


12 June 2009

[insert caption here]Social networking sites like Facebook, MySpace and LinkedIn are fun but they can also dangerous. The information posted for friends and family can also be used by cyber-thieves.

For advice on protecting personal information, VOA recently spoke to Roger Thompson, Chief Security Officer at AVG, an anti-virus and security company.

VOA:  Describe for us what these social networking sites are truly good for.


Thompson:  Oh, they're great fun for starters.

My kids all enjoy them and I've managed to make contact with people I haven't seen for years ... for decades ... in other countries.

But there's a danger in that one of the things about security is that the more usable or the more functional you make something, the less secure it tends to become. As they say it exists in an inverse relationship.

The danger is that because these things are so much fun and you disclose so much information about yourself and it's so powerful ... that in itself represents a security risk.

I'm very careful about what I say on those networks. But I can promise you that my kids are not careful.

VOA: So what's the real find for hackers in these sites?

Security Tips
* Social Networking sites are fun ways to keep up with friends and colleagues from around the world.
* Be cautious about the information you give out.  It will leak.
* Speak with your children. They won't be as careful as you are. Warn them about the dangers.
* Use multiple passwords. Write them down. 
* Be skeptical. Don't give out too much personal information. Family history questions, for example, are often used by banks as security questions.


Thompson: One of the really interesting things is that a lot of people tend to use the same password. Years ago us security gurus said to people "never write your password down.

Just pick a really good password that you can remember and no one can guess."   And that sort of made sense 20 years ago, 15 years ago when you only logged into one or two places - maybe the network at work and maybe an e-mail.

But these days there are so many places that you log in to on the web. Its all the web 2.0 stuff or, as we like to call, it the web 2.0 uh-oh stuff.

You have a Facebook page and you have a MySpace page and if you've only got the one password, you use it there. But then you use the same password at your bank, and for your credit cards and for perhaps lots of other places as well.

And if somebody hacks into one place and manages to get your password then you lose it all over.  Actually a better plan these days is to have lots of passwords and write them down and stick it in your wallet.

At least if you lose your wallet you know you've got to change all your passwords. So if you lose one site you don't lose the keys to the kingdom.

VOA: The internet appears to provide that sense of anonymity and security and most people feel protected.  Yet they are somehow victims of these savvy hackers. What can people do about these threats?

Thompson: 
It's a real and growing danger.

For example, one of the things that the banks use as a security question is "what city you were born in?" Or, "what's your mother's maiden name?"   Well, guess what. That's exactly the kind of thing you are likely to disclose on the surveys on these social networking sites. And its very difficult to know how much stuff gets leaked. You really have to be very cautious about what information you put out there.

Nobody should stop using these things. They are great fun. And a great productivity tool. But you have to understand that the bad guys are using them too.

VOA:  So when using these sites what questions should we be asking ourselves?

Thompson:
Anotehr view of kids playing computer games Here's the basic one. I never say anything on any of those sites that I wouldn't want my children, or my mother, or my boss or my spouse to read because they probably will. That stuff all gets leaked somewhere.

And then on top of that you've got to be very thoughtful about what other information you leak. I just refuse to leak any family history information and stuff like that.

One of the most sensible things that people can do is to develop a good healthy dose of skepticism.

You probably don't have a secret admirer. And if you get something from a secret admirer don't believe it.  And you probably are not a winner.

I have to tell my kids all the time, "I'm sorry kids you are not a winner."  You know how you go to those websites and its says "You are the millionth visitor and you've won a free laptop."  And I have to say "No. You're not a winner. Sorry."

So develop a good healthy dose of skepticism. If something sounds too good to be true it probably is.

The next best thing that you can do other than that is to to keep that stuff safe and have a really good plan. 

We've got a free product called 'Link Scanner" and its meant to scan those websites and look for tricky things. They can get it from AVG.com. Its free.  There's no reason for people not to install it.

That'll help a lot.