May 17, 2010, 5:56 PM — I think it's become pretty darn clear that if you're going to keep using Facebook, you can forget about Facebook helping you keep your private life private.
That all hands Facebook meeting about privacy? The results appear to have been a big fat zero.
[ Facebook's privacy controls are seriously broken ]
To be exact, Facebook did introduce two new security features. Too bad they don't work that well and neither of them addresses privacy concerns.
The first of the new Facebook security features lets you set up "Account Security" so that if you select to turn this on, you'll be asked to name and save each device you use to log into Facebook. So, for example, I used it to sign on with my main Linux desktop, my iPad Touch, and my SUSE Linux-powered ThinkPad.
But, think about it. If someone steals any of those devices, this doesn't stop the thief from logging into Facebook. Or, if someone manages to snatch my login ID and password, they can add their own device to the list. I don't see how this really makes any more secure than I ever was.
The other new feature, which is meant to stop "suspicious logins before they happen," in theory should work with the other feature to improve Facebook security. Facebook says that this kicks in when you've got the first option on and "When we see that someone is trying to access your account from an unusual device."
Sounds good, but in my informal testing, even after I set up my 'official' Facebook PCs and device, I still had no trouble logging into my account from other devices. I was still able to login without a challenge even when I used a proxy server to hide my IP address (http://whatismyipaddress.com/hide-ip) from Facebook.
This is clearly a beta feature so you expect problems, but from what I've seen so far, I'd call it a complete failure to this date. Besides, none of this addressed people's privacy concerns!
Argh.
OK, so you can do as my buddy Mitch Wagner suggests and just never put anything on Facebook that you don't mind everyone in the world potentially knowing. That's not for me. I suggest that, instead, you use my tips and tricks on how to secure your Facebook account, or as well you can anyway.
No matter which path you decide to take, wouldn't you like to know how safe, or not, your Facebook is today? Well, you're in luck there's a new open-source service, ReclaimPrivacy.org, that will automatically check to see just how much of your Facebook self that you're showing to the rest of the world.
Essentially, the service scans your Facebook account for its current privacy settings. It then tells you how to go about changing your settings to make it more secure. Its builders state that "We never see your Facebook data." and "We never share your personal information." That already puts them way ahead of Facebook.
I've used it and I like it. Even if you're not terribly concerned about your privacy, I recommend checking it out and that you do so soon. As Ryan Naraine, a security evangelist at Kaspersky Lab, an anti-malware company, observed on Twitter, "I don't know how much longer this will work before Facebook nukes/blocks it."
