27363681109850116521312867

COMPUBC INFORMATION TECHNOLOGY SERVICES LTD. MANAGED IT SERVICES FOR BUSINESS & RESIDENTIAL. PC & MAC.
  • CompuBC Services
    • Residential
    • Business
    • Managed IT Services
    • Canadian Based File Sharing & Syncing
    • Cloud Computing
    • Business continuity & disaster recovery
    • Data Recovery
    • Network Infrastructure & VoIP
    • Office IT Relocation
  • Service Request
  • Service Cost
    • Managed Services & Business Service Cost >
      • Office 365 Business plans
      • Exchange Online
    • Residential Service Cost >
      • Office 365 Residential plans
    • Data Recovery Service Cost
  • Remote Support
  • Self Service area
  • Social & Blog
    • Facebook posts
    • Blog
  • Terms and Conditions
  • About Us
  • Reviews

Stop Using Login With Facebook Immediately—Here’s Why

11/3/2018

0 Comments

 
Picture
Facebook was hacked, and now everyone is scrambling to understand why it happened, who was responsible, and most importantly, what it means for the potentially 90 million affected users. What’s become clear is that Facebook’s unprecedented access to user data across at least 8 million websites—via the ever-present Login With Facebook option—puts each of Facebook’s 2 billion-plus users at risk.

New security rule:

Never use Facebook to login to other sites

Never

Get yourself a password manager and unique logins for all your go-to services https://t.co/gD85HVKH8x

— Christopher Mims □ (@mims) October 3, 2018
To understand why the Login With Facebook option is a bad idea, we’re sharing three facts you might not know about the problems associated with using a centralized service connected to your social profile as a way to manage logins for many accounts.

Fact #1: Facebook collects a surprisingly large amount of data on people to power its advertising engine.

Facebook is often referred to as a social media company or a social media app. But that’s not a business model. It would be far more accurate to think of Facebook as the second largest data-collection and advertising agency in the history of mankind, behind Google—we’ll get to them soon. In 2017, 98% of Facebook’s global revenue was generated through its advertising business. It’s no wonder Facebook does everything in its power to collect every ounce of data about everyone they can, whether they have a Facebook account or not. That phone number you gave Facebook to help secure your account? The company used it to serve you and your friends ads. The list of data points they collect is practically endless.
Armed with this data, you could say that Facebook knows more about you than even you know about you. And one of the primary ways Facebook collects this data was just revealed to be vulnerable.

Fact #2: The Facebook hack exposed Login With Facebook, which connects users with third-party services like Airbnb, Spotify, and Uber.

It’s hard to find a service nowadays that isn’t connected to Facebook in some way. For many of those services, users don’t even need to create an account—they simply use Login With Facebook to gain access. In theory, using Facebook as a way to manage logins for third-party accounts is beneficial to all parties: Users get an easy, one-click login, services get new, verified users without the responsibility of securing login data, and Facebook gets access to the user data associated with those services.
​
However, the recent Facebook hack exposed the dangers of using Facebook as a way to manage your logins for many accounts.
It’s unclear what data, if any, was stolen in the hack. However, a paper published by computer scientist Jason Polakis in August 2018 analyzed the different ways hackers could exploit Login With Facbeook, as well as other types of social logins (e.g. signing in with Google) to infiltrate third-party accounts.
In controlled experiments, authors of the paper were able to:
  • Get into a target’s Uber account, track the target’s trips in real time, and even tip the driver after a completed trip.
  • Send and receive messages on a target’s Tinder account, even though those messages appeared unread on the target’s device.
  • Access a target’s Expedia account and view their passport number, TSA information, and payment details.
  • Log in to some accounts where users didn’t even use Login With Facebook, as long as those accounts used the same email address associated with their Facebook account. Pro tip: Use a different email for Facebook than you do for any other services to eliminate this risk.
It’s easy to imagine a real-life scenario where hackers take advantage of compromised social accounts connected to third-party services and exploit them.
You can see which third-party apps are connected to your Facebook profile here.

Fact #3: You can start to take back control of your private data by using a password manager instead of Facebook to log in.

Password managers remember all your different passwords, personal details, and payment info and intelligently fill in that information on your desktop, laptop, tablet, or mobile device. They have all the convenience of using Login With Facebook, but they’re more secure. And while they don’t protect you from 100% of the risks associated with using Facebook, they are the best alternative to allowing Facebook to manage access to all your accounts.

You’re probably wondering, How’s a password manager more secure than using Login With Facebook? It sounds like I’m still putting all my eggs in one basket.

There is one crucial difference: Facebook was and remains a single point of failure for all 2 billion-plus users—a Facebook vulnerability could mean access to millions of users and their associated third-party accounts. In contrast, a password manager prevents this same “one-to-many” hack, because it requires a unique key—your master password, which is never stored online and is known only by you—to unlock your personal data. A password manager is designed to keep each of your accounts separate, so if one account becomes compromised, your other accounts remain secure.

So, while you’re keeping all your eggs in one basket, imagine that basket is locked inside a safe which is locked inside a larger vault. Even if someone manages to open the vault, your safe is protected by your unique master password.

All the problems associated with using a centralized service like Facebook exist with any type of social login, including Google, LinkedIn, Twitter, or Yahoo. In fact, LinkedIn, Twitter, and Yahoohave already been hacked, and Google recently revealed a breach for hundreds of thousands of users. The common thread? Each of these businesses generates revenue primarily through ad sales.

And the truth is, these data privacy issues shouldn’t have to be solved by users. Legislation around data privacy is underway in the U.S., and will continue to evolve to protect citizens. Facebook could take a big step in the right direction by allowing users to opt-in or out of allowing Facebook to connect their accounts with third-party services. That way, users are in control of where and how their data is shared, not Facebook.
​
But until that becomes a reality, stop entrusting your data to companies whose primary goal is to sell you ads. A security-focused password manager, like Dashlane, puts you in control of your private data and provides the same convenience of instant logins across all your accounts.
Thank to Eitan Katz from Dashlane
0 Comments

    Archives

    January 2023
    December 2022
    November 2022
    September 2022
    August 2022
    June 2022
    October 2021
    August 2021
    July 2021
    May 2021
    April 2021
    March 2021
    January 2021
    November 2020
    October 2020
    September 2020
    August 2020
    July 2020
    May 2020
    March 2020
    November 2019
    August 2019
    July 2019
    June 2019
    May 2019
    March 2019
    November 2018
    July 2018
    June 2018
    May 2018
    April 2018
    February 2018
    October 2017
    September 2017
    August 2017
    July 2017
    June 2017
    May 2017

Picture
Avner Coopman
Owner
2951 Britannia cres
Port Coquitlam BC, V3B 4V5

Phone 778-776-6222

Hours of operation
Mon - Fri 9:00 AM - 7 PM
Sat 11:00 AM - 5:00 PM
Sunday & Holydays - Closed
​
Your privacy is important to us you deserve our full attention
Please schedule an appointment
© Copyright CompuBC, All Rights Reserved.
Business Number 778569517BC0001
Click for the BBB Business Review of this Computer Business Services in Port Coquitlam BC
Picture
Some icons made by Freepik, xnimrodx, Smashicons, itim2101, photo3idea_studio, and prettycons from Flat Icons.
  • CompuBC Services
    • Residential
    • Business
    • Managed IT Services
    • Canadian Based File Sharing & Syncing
    • Cloud Computing
    • Business continuity & disaster recovery
    • Data Recovery
    • Network Infrastructure & VoIP
    • Office IT Relocation
  • Service Request
  • Service Cost
    • Managed Services & Business Service Cost >
      • Office 365 Business plans
      • Exchange Online
    • Residential Service Cost >
      • Office 365 Residential plans
    • Data Recovery Service Cost
  • Remote Support
  • Self Service area
  • Social & Blog
    • Facebook posts
    • Blog
  • Terms and Conditions
  • About Us
  • Reviews