Commentary
Social networking sites, such as Facebook, MySpace, and Twitter, have an obligation to provide a secure environment for its users. The past trend to stimulate growth in user base by making connections easy must be replaced by a new awareness to keep existing users happy with a more secure environment.One major drawback in all social networking site is the lack of distinction between casual friends and close trusted friends. When someone is made a friend, that person gains access to ALL private information that is shared. Indeed, in some cases, friends of friends are given indiscriminate access. This is counter to what people normally do in reality. Sooner or later, this promiscuous form of friendship must be curtailed with finer degrees of distinction.
Military and corporate networks that demand top security are shutting out these social networks today. The average user will soon learn that some connections are better left unmade.
Excerpts
The U.S. military is strongly considering a near-total ban on Twitter, Facebook, and all other social networking sites throughout the Department of Defense, multiple sources within the armed forces tell Danger Room.It’s the latest twist in the Defense Department’s tangled relationship with so-called “Web 2.0″ sites. But while earlier social media blockades have been thrown up over bandwidth and secrecy concerns, this fresh ban stems from fears that Facebook and the like make it far too easy for hackers and cybercrooks to gain access to the military’s networks.
Last week, U.S. Strategic Command issued a “warning order” to the rest of the military, asking for feedback on a social media ban on the NIPRNet, the Defense’s Department’s unclassified network. (Naturally, access is already denied on the secret and top secret nets.)
“The mechanisms for social networking were never designed for security and filtering. They make it way too easy for people with bad intentions to push malicious code to unsuspecting users. It’s just a fact of life,” says a source at Stratcom, which is responsible for securing the military’s “global information grid.”
Last month, for instance, well-known venture capitalist Guy Kawasaki’s Twitter account was hijacked, and used to spread a sex video come-on to his 139,000 followers. Those following the link were asked to install a software update. The application was, in fact, a Trojan, which allowed hackers to take over a user’s machine.
Similarly, one variant of the nasty Koobface worm searches a PC to find a Facebook cookie. Then the malware program uses that information to gain access to the user’s Facebook account. Once it’s in, Koobface spreads messages to online friends, enticing them to download viruses and Trojans.
“People are much more trusting of a message from a friend or colleague on a social network than they are of an e-mail, because they’re used to e-mails being forged,” says Graham Cluley, a senior consultant with the network security firm Sophos. That’s ironic, he adds, because “social networks aren’t really doing enough to stop these things. With GMail or Hotmail or a military e-mail account, messages are scanned for spam and viruses. Social networks aren’t doing that scanning. They aren’t checking if a link posted to a wall is malicious or spammy. They’re just letting it through.”
Officially, “the concept of allowing access to social networking sites (SNS) on the Department of Defense .mil networks is currently under review at this time,” a Stratcom spokesperson e-mails Danger Room. “It would be premature to comment on the outcome of the review.”
But unofficially, the ban is all-but-certain, military officers and civilian employees say. Many are upset, because after years keeping the social networks at arms’ length, the armed services appeared to be finally embracing the Web 2.0 sites. The Army recently ordered all U.S. bases to provide access to Facebook. The Chairman of the Joint Chiefs of Staff has 4,000 followers on Twitter. The Department of Defense is getting ready to unveil a new home page, packed with social media tools.
“We fought so hard for this,” says one Army source. “This is a huge step backwards.”
Under Stratcom’s plan, units that have to regularly communicate with the civilian world, like media relations and recruiting, may be given “dirty computers” — machines that are connecting only to the public internet, and not to the military’s private networks. The rest of the Defense Department would be cut off from the social media sites, despite protests from inside the Pentagon.
People started working with these social networks “before we got a handle on how to use them in the context of the Department of Defense,” a Stratcom source says. “Now, they’re just too big of a headache.”
No comments:
Post a Comment