Finally Facebook has come up with Security against Spam!

 Facebook has made a partnership with Web of Trust to lighten up the trust of Facebook users. Recently spam has been flowing everywhere in Facebook, the popular ones being 'Who Visited your Profile', 'Watch Bin Laden's Death' and 'Verify your account'. Facebook has come up with four additional security features. The Partnership with Web of Trust means that Facebook will inform you whether the posted links are bad or not. The other protections include Protection from Clickjacking and also protection from erroneous Javascripts. Facebook has also introduced a system of Login approvals. You can read the full announcement made by Facebook below and  read more about it here - Facebook Security.

Partnership with Web of Trust
First, we're happy to announce a partnership with Web of Trust. Web of Trust is a free safe surfing tool that tells you which websites you can trust based on the ratings supplied by other Web of Trust community members. Facebook already has a system that automatically scans links to determine whether the websites associated with those links are spammy or contain malware.
This partnership will help us improve our system by providing additional bad links, and in the coming months, we expect to massively increase our coverage even more by working with other industry leaders. You can become a part of this commmunity too by using the Web of Trust add-on, and leaving your own ratings.

Clickjacking protection

Spammers sometimes take advantage of a vulnerability in the web browser to try to trick people into clicking on links they might not want to click on. This is called clickjacking, and it’s done by overlaying the link with something more enticing, like a phony offer.

We have built defenses to detect clickjacking of the Facebook Like button and to block links to known clickjacking pages. Recently, we improved our systems to also alert people if we think they’re being tricked. Now, when we detect something suspicious, we’ll ask you to confirm your like before posting a story to your profile and your friends’ News Feeds.

If you have already clicked on a link resulting in an addition to your "Likes and Interests" section of your profile, you can edit your "Likes and Interests" field by clicking "Edit My Profile" underneath your profile picture. Then, select "Likes and Interests" from the left column menu.

Self-XSS Protection

Spammers take advantage of another browser weakness by asking people to copy and paste malicious code into their address bar, which then causes the browser to take actions on those people’s behalf, including posting status updates with phony links and sending spam messages to all friends.
We have been working hard to improve our systems that detect and block these types of attacks, as well as to educate people on what is causing their accounts to send spam. Now, when  our systems detect that someone has pasted malicious code into the address bar, we will show a challenge to confirm that the person meant to do this as well as provide information on why it’s a bad idea.
We are also working with the major browser companies to fix the underlying issue that allows spammers to do this. Internet Explorer 9 has already put some protections in place, and we are talking with others about providing similar protections.

Login Approvals

Finally, our newest advanced security feature, Login Approvals, is now available to everyone who uses Facebook. This is a two factor authentication system that we first announced last month. If you choose to use it, whenever you log in to Facebook from a new or unrecognized device, we’ll require that you also enter a code we send to your mobile phone via text message.
If we see a login attempt from a device you haven’t saved, you'll be notified upon your next login and asked to verify the attempt. . If you don’t recognize this login, you'll be able to change your password with the knowledge that while some one else may have known your login credentials, he or she was unable to access your account or cause any harm.

No comments:

Post a Comment