In today’s show, adapted from an article published this month on the Oscar Web site written by Andrea Arco, marketing director for the School of Engineering and Applied Science we observe at the research of Adrienne Felt, a fourth-year computer science major in the School of Engineering and Applied Science, concerning privacy issues surrounding social networking platforms.
Facebook, the social networking platform that has redefined communications, has millions of users. According to University of Virginia computer science major Adrienne Felt, all of these users should be concerned about security.
Felt, a fourth-year student in the School of Engineering and Applied Science at UVa, leads a research project on privacy issues surrounding social networking platforms and is investigating the information sharing that occurs when users download a Facebook application — a program that allows the user to interact with other users in interesting ways, from sharing music to playing games.
Although these applications add variety to a Facebook user’s profile page, they also increase the user’s vulnerability. Here’s how: anyone with an account on Facebook can create an application. Although this application appears as if it is part of Facebook’s platform, it is actually running on application developer’s server. When a user installs an application, that application’s developer is given the ability to see everything the user can see — name, address, friends’ profiles, photos, etc.
She discovered that 8.7 percent of these applications needed no personal information to run, while 82 percent needed only the user’s public information: name, network, list of friends. Still, 9.3 percent require a user’s private information in order to function. Felt said, “since all applications receive access to private information, this means that 90.7 percent of Facebook’s most popular applications unnecessarily have access to private data.”
Evans said, “an application developer could easily acquire personal information for millions of users. There is a risk it could be used to launch targeted phishing attacks, exploited by identity thieves or sold to marketing companies.”
Felt’s goal is to make users more aware of how their private information is being used — and to close this privacy loophole.
Felt has developed and refined a privacy-by-proxy system and is building a prototype implementation — a way for Facebook to hide the user’s private information, while still maintaining the applications’ functionalities. Under Felt’s system, at the point at which the Facebook server is communicating with the application developer’s server, the Facebook server would provide the outside server with a random sequence of letters instead of the user’s name and other personal information.
Felt said, “this is the first step… Hopefully the research findings and proposed solution will trigger more responsible privacy and information management policies from social networking sites and will better inform users.”
You’ve been listening to the Oscar Show, I’m Jacob Canon. Join us next week when our topic will be a recent study by University of Virginia sociologist Elizabeth Gorman whose work came to the same conclusion, no matter how the data was sliced or certain variables controlled: women say they have to work harder than men.