Facebook Privacy: Easy Guide to Protect!

Introduction

As the sun is setting and I breathe some of the night time air I am inspired to write about Facebook.  Yes, *the* Facebook, the third largest country if it were a physical place with boundaries under a common rule of law and government.  When many people use a service such as this, it bears attention and especially when it comes to knowing about security and privacy (and our team at the Cyber Threat Analysis Center have written about Facebook plenty [tags + categories]).  Chances are a person has an account with Facebook.com and chances are a person has studied and understood the various controls that Facebook provides to turn the dials on privacy and security settings for maximum comfort and desirability.
All bets aside, my goal is to step through those dials in this article.  Feel free to comment and help make improvements, as has been done in my recent article on “No Chocolates for my Passwords Please!”  Also, please click on any images which appear small to render the full size.

 Privacy Settings

Once logged into your account on Facebook, we visit from the upper right hand screen under "Account", the "Privacy Settings".  Subsequent images and text are based around a framework or technique to activate if one's goals are to have pretty tight security and privacy (as much as can be) when keeping an account with Facebook.  Use as a guide or model, and execute your own technique — hence your own mileage may vary (see free will).  Be sure to check out "Controlling how you share", a resource at Facebook.

Account > Privacy Settings

Notice that there are canned options to elect along the left hand side.  These are common to Facebook and are found in almost all settings across the board.  Better enumerated as:

1. Everyone
2. Friends of Friends
3. Friends Only
4. Recommended
5. Custom

"Recommended" is not part of the "across the board" values.  In the image above, "Custom" has been selected and to replicate it, simply click the link that reads "Customize Settings" and observe the following image.

Account > Privacy Settings > Customize Settings > Things I Share

This brings you to the "Things I Share" and other Sharing sections to be witnessed momentarily.  Pay particular attention to "Posts by me", as Facebook announces your selection here is considered the "Default" behavior for Privacy when posting including status updates and photos.
Here, two groups are referenced called "Family" and "Family – Extended".  Reference them as examples as a person may define their own.  This is an exercise to show a person how settings may be customized.
Next we move to "Things Others Share" and "Contact Information".

Account > Privacy Settings > Customize Settings > (Things Others Share and Contact Information)

Omitted from this screen are Email Address and Phone Number.  However, such settings may look like thus:

Account > Privacy Settings > Customize Settings > Things I Share > Posts by Me

Next we quickly look at "Posts by Me" to see what the typical "across the board" enumeration looks like for a selection options:
See?  Yielding to "Custom", one may better control their privacy requirements. Delving into "Custom" we see the following screens (I broke them up just for this article):
Options to Display, and Options to Hide.

Account > Privacy Settings > Customize Settings > Things I Share > Include me in "People Here Now" after I check in

Here is a sample image of Places and Checking in, and the option to have a person be included.  Pictures above has this disabled and is shown under "Things I Shared > Include me in 'People Here Now' after I check in".

Account > Privacy Settings > Customize Settings > Things Others Share > Photos and videos you're tagged in

Further information on this feature may be explored here.

Account > Privacy Settings > Customize Settings > Things Others Share > Suggest photos of me to friends

To learn more about this feature, click here.  Notice, the option to disable is activated.

Account > Privacy Settings > Customize Settings > Things Others Share > Friends can check me in to Places

Places?  OK for more reading at Facebook on this topic, click here.

Account > Privacy Settings > Customize Settings > Things I Share > Edit privacy settings for existing photo albums and videos

If you have albums or photos, they may be grouped into a gallery display at this point.  Simply adjust your settings as shown below, for Profile Pictures.
Now let us  go Back to the Privacy Settings page and explore Applications and websites settings.

Account > Privacy Settings > Apps, Games and Websites

If a person has options displaying here for particular applications or games, one will see the kind of information such selections have access to on one's account.
Notice in this example the only option a person has is to "Remove" the "Posts to my Wall" selection.  The others are required.  "Access my basic information" shares everything one has made publicly available with the application.
Some extra options for applcations:

1. Remove the application https://www.facebook.com/settings/?tab=applications
2. Turn off all applications http://www.facebook.com/ajax/settings_page/platform_apps.php?optout=1 (link disabled)

Visually, this is what that looks like:
Here are some further options for this section:

Account > Privacy Settings > Apps, Games and Websites > Info accessible through your friends

One to explore is "Info accessible through your friends" and the various options that provides are shown below:

Account > Privacy Settings > Apps, Games and Websites > Instant Personalization

Now we move onto "Instant Personalization", more information available here.
Notice, the option to "Enable" is on the bottom.

Account > Privacy Settings > Apps, Games and Websites > Public Search

Next we check out "Public Search".  Again, the option to "Enable" is on the bottom.

Account > Privacy Settings > Block Lists

Facebook provides folks the ability to block users, application invites, and event invites.  Screen shown below:

Account > Privacy Settings > Connecting on Facebook

Then there is "Connecting on Facebook" settings, a quick overview in one place.  Here is an example.  Note, "Send you friend requests" cannot be further closed down from "Friends of Friends".

Account > Account Settings

We are complete with what Facebook considers "Privacy Settings".  Next we check out "Account Settings".

Account > Account Settings > Account Security

One section worth highlighting is "enable login approvals" in this section.  If a person has not previously enabled it, here is what may be expected:
"Next" prompts a person to confirm a phone:
As has been written by CTAC's own Randy Abrams earlier this year, I bring it up again as this option does enable Facebook surfing encryption to help prevent attacks from applications like Firesheep.  Facebook has a roadmap that ensures applications will migrate to HTTPS mode.
Further below on this Facebook page one will notice tracking of account activity.  A person may spot any potential malicious activity.
Breaches can and do occur, and the only way to truly protect one's information is to not have it online.  However, that does sort of defeat the purpose of social networking.  Still, if a person wants to deactivate their account from Facebook, on the same page simply click "deactivate".

Account > Account Settings > Facebook Ads

There exist two settings to potentially adjust:

1. Edit third party ad settings
2. Edit social ads setting

Plus, here is some additional reading as reference:

• A note about your photos https://www.facebook.com/terms.php
• Edit third part app settings https://www.facebook.com/editaccount.php?ads&pane=platform
• Social plugins http://developers.facebook.com/docs/plugins/

Account > Account Settings > Facebook Ads > Ads shown by third parties

Account > Account Settings > Facebook Ads > Edit social ads setting

Notice the option is on the bottm.  If enabled, advertisements will serve up your name as having "liked" something.  If a person does not want their names showing up in ads, simple disable this entry.
To learn more:

• Social ads https://www.facebook.com/fba_whatsthis
• Help center https://www.facebook.com/help/?page=935

Account > Account Settings

I like tooling around with passwords, and how they may be used.  Here is where Facebook has its password management system.
Notice the little "?" on the "New Password" line?  Click it to reveal suggestions for a strong password:

Edit my Profile

https://www.facebook.com/editaccount.php#!/editprofile.php
Checking into the Basic Information page, it is a person's choice to fill this data in or not.  For maximum privacy, the recommendation is to keep it blank.  Do you want other companies (or Facebook) to have enhanced information on you?
Similarly, the contact information (email addresses and websites are not depicted in this snapshot):

My Wall

Recall the default post setting earlier in this article?  Here is where it comes into play on your new feed.
The lock icon next to Share shows the same common information referred to earlier.  Reviewing:
Yes, that default setting has pretty large implications on your posting activity.

Public Directory

And if a person does not want to remain private or be found on Facebook, simply visit this setting.
Search Engines will find you on Facebook's open directory, and other aggregation sites.  Your information will be publicly available on these third party sites with no Facebook affiliation.  Such sites run their own advertisements.  One to take note of is Facepinch.com.
Another thing to be mindful of if a person has someone from their past making them feel uncomfortable, keeping your profile public and switching your privacy settings to "Everyone" may not be such a good thing.  Our CEO Andrew Lee explores a particular scam under the title "Is your ‘stalker ex’ still creeping your Facebook page?"

Outlook Social Connector for Facebook

Although not a feature directly available on www.Facebook.com, the Outlook Social Connector (OSC) for Facebook enables a person to tap into their social network from the site and view friend updates, posts, photos in a secured manner. The following image from the Office Blog shows how a person can tap into their social community right from Microsoft Outlook.
It also serves as a reminder that information you store online may be shared virtually anywhere and without your knowledge.  Thus the purpose for this article to spread awareness and education.
Notice how "Michael" posted photos and they are made available right in the OSC.  One can make application level adjustments on your Facebook settings referenced earlier under the Apps, Games and Websites section. Last year I enabled surveillance on my computer while testing the Outlook Social Connector and can confirm communications were secure.  Perhaps in a future blog we shall explore the technical side of this.

Additional Reading

This has been a walk through of lots of information. Some at a high level, and some diving a little deeper.  In future articles (as in past), CTAC explores a knob here and a dial there to varying degrees on depth.  It is my hope this blog article served its purpose as a model and a framework for having an account on Facebook.  For further reading, please see:

• https://www.facebook.com/privacy/explanation.php#basicinfo
• https://www.facebook.com/security
• https://www.facebook.com/fbsafety

Read Also:
SOCIAL-MEDIA Site FACEBOOK Is a Spammer's Dream - IMPORTANT POST for everyone who uses FACEBOOK!! 
"Dislike" Button is the Latest Malware Scam on Facebook

PayPal : Google stole our employees and secrets!! PayPal is suing them!

Former PayPal employees Stephanie Tilenius and Osama Bedier announce the launch of Google Wallet in New York, Thursday. PayPal is suing them, and Google, for stealing its trade secrets.

PayPal is suing Google for allegedly stealing its employees and trade secrets that may have led to the launch of Google's mobile payment service.

The 28-page lawsuit, filed in a superior court in San Jose, Calif., late Thursday, accuses Google (GOOG, Fortune 500) and two former PayPal employees who now work at Google of implementing PayPal's confidential trade secrets related to mobile payment technology.

• 395

• Print

The lawsuit came on the same day Google unveiled a phone-based mobile payment system, called Google Wallet. It specifically mentions Osama Bedier and Stephanie Tilenius, who -- now at Google -- took to the stage yesterday to unveil the new technology.

For two years, PayPal and Google had been in negotiations for PayPal to provide the payment system for Google's app store on Android phones.

But the lawsuit claims Google put a kibosh on the deal to instead "build a competing product with PayPal's former employees and executives at the helm."

Google issued a statement Friday, saying it will fight the suit.

"Silicon Valley was built on the ability of individuals to use their knowledge and expertise to seek better employment opportunities, an idea recognized by both California law and public policy," a spokesman wrote in an e-mail to CNNMoney. "We respect trade secrets, and will defend ourselves against these claims."

PayPal's timeline of 'stolen' secrets

PayPal's chief complaint is with Bedier, who worked at PayPal for eight years overseeing new product development of mobile technologies before he made the switch to a similar position at Google earlier this year.

While he was at PayPal, Bedier was in charge of negotiating the PayPal-Google deal. But PayPal claims that during those negotiations, Bedier was simultaneously interviewing for a job at Google, breaching his responsibilities as an executive.

The lawsuit goes on to accuse Bedier of transferring important company documents to his non-PayPal computer just days before leaving PayPal for Google in January.

PayPal also accuses him of recruiting other PayPal employees after his departure and using PayPal information on Google sales calls.

The lawsuit also claims that Google had reached a deal with PayPal regarding its Android Market negotiations in February, and the deal had even been inked by Android chief Andy Rubin and Google's then-CEO Eric Schmidt.

But Google stalled in notifying PayPal, and three days after Larry Page took over as Google CEO in April, Google "scuttled the deal for good," PayPal alleges.

The lawsuit also includes charges against Tilenius for violating her contract with PayPal parent company, eBay (EBAY, Fortune 500), by recruiting Bedier over to Google.

Tilenius worked at eBay for eight years before moving to Google in 2009. The lawsuit claims she was obligated by contract not to recruit eBay employees until at least March 2, 2011, but she reached out to Bedier through Facebook and shepherded him through Google's interview process last year.

Samsung Galaxy S2 - The most Advance Mobile so far!!

Dual-core power, 4.3' Super AMOLED Plus Screen - the Galaxy S II is the kind of sequel we like

 

The Samsung Galaxy S II is the phone the Korean firm deems the successor to its best smartphone so far. And with a 1.2GHz processor, super-slim chassis and feather-light innards, it's easy to see why.
The dual-core race is set to heat up massively over the next few months, with the LG Optimus 2X already released, and the Motorola Atrix, HTC Sensation and iPhone 5 all set to bring the tech to market too.

The Samsung Galaxy S2 is almost impossibly thin when you pick it up – dimensions of 125.3 x 66.1 x 8.5mm mean it's one of the thinnest smartphones on the market at the moment, rivalling the likes of the iPhone 4 and Sony Ericsson Xperia Arc for the title

It's crazy-light too – when i show you what tech is rammed under the hood, you'll be amazed that it all goes in a device that weighs only a shade over 100g (116g, to be precise).
Samsung clearly traded the premium feel an all-metal chassis might have brought to keep the grams off the Galaxy S2 – pop the battery cover off and you'll find you're holding a piece of pretty flimsy plastic.

However, most of the time you won't be removing this and it fits nicely into the contoured chassis – the mesh feel on the rear also helps keep your hand from getting warm during extended holding.
The other thing you'll notice when you first pick up the Galaxy S2 is the screen – at 4.3 inches it's hard to miss, and when you turn it on the Super AMOLED plus technology hits you square in the eyeballs (once it's got through the toughened Gorilla Glass).

I called the Samsung Galaxy S "the best phone on the market for media" when i reviewed it, thanks to its first-gen Super AMOLED screen. Now the Galaxy S2 has definitely improved on that, with a superbly crisp and vibrant screen.

In the hand, the Galaxy S2 sits much better than i had have expected, given the whopping screen on offer, and that's mostly down to its slim depth.

The front of the phone is pretty sparse, with the home key the only piece of furniture on offer. This rectangular button flanks two touch-sensitive buttons – Menu and Back – so there's no room for contextual search here.
The volume keys are located on the left-hand side, and the power/lock key is on the opposite flank; both are easy enough to hit without error, and crucially the travel on the power key is softer so that it's much easier to hit when you're juggling it in the palm – compare that to its predecessor, where you could accidentally drop it trying to shut off the screen.

The 3.5mm headphone jack lives on the top of the phone, bucking the lower placement on other 4.3-inch screen phones, and the microUSB slot (which also doubles as an HDMI out port) lives on the bottom.
The only other element of note is the 8.1MP camera with single LED flash on the rear – it's slightly raised, but not so much that it disrupts the Galaxy S2 when you're placing it on a table, thanks to a rear lip to help you hold the phone.

Features from http://www.gsmarena.com/samsung_i9100_galaxy_s_ii-3621.php

Samsung Galaxy S 2

General	2G Network	GSM 850 / 900 / 1800 / 1900
	3G Network	HSDPA 850 / 900 / 1900 / 2100
	Announced	2011, February
	Status	Available. Released 2011, April

Size	Dimensions	125.3 x 66.1 x 8.5 mm
	Weight	116 g

Display	Type	Super AMOLED Plus capacitive touchscreen, 16M colors
	Size	480 x 800 pixels, 4.3 inches
		- Gorilla Glass display - TouchWiz UI v4.0 - Multi-touch input method - Accelerometer sensor for UI auto-rotate - Touch-sensitive controls - Proximity sensor for auto turn-off - Gyroscope sensor

Sound	Alert types	Vibration; MP3, WAV ringtones
	Loudspeaker	Yes
	3.5mm jack	Yes

Memory	Phonebook	Practically unlimited entries and fields, Photocall
	Call records	Practically unlimited
	Internal	16GB/32GB storage, 1 GB RAM
	Card slot	microSD, up to 32GB, 8 GB included, buy memory

Data	GPRS	Class 12 (4+1/3+2/2+3/1+4 slots), 32 - 48 kbps
	EDGE	Class 12
	3G	HSDPA, 21 Mbps; HSUPA, 5.76 Mbps
	WLAN	Wi-Fi 802.11 a/b/g/n, DLNA, Wi-Fi Direct, Wi-Fi hotspot
	Bluetooth	Yes, v3.0+HS
	Infrared port	No
	USB	Yes, v2.0 microUSB (MHL), USB On-the-go

Camera	Primary	8 MP, 3264x2448 pixels, autofocus, LED flash, check quality
	Features	Geo-tagging, touch focus, face and smile detection, image stabilization
	Video	Yes, 1080p@30fps, check quality
	Secondary	Yes, 2 MP

Features	OS	Android OS, v2.3 (Gingerbread)
	CPU	Dual-core 1.2GHz ARM Cortex-A9 proccessor, Mali-400MP GPU, Orion chipset
	Messaging	SMS(threaded view), MMS, Email, Push Mail, IM, RSS
	Browser	HTML
	Radio	Stereo FM radio with RDS
	Games	Yes
	Colors	Black
	GPS	Yes, with A-GPS support
	Java	Yes, via Java MIDP emulator
		- Active noise cancellation with dedicated mic - NFC support (optional) - TV-out (via MHL A/V link) - SNS integration - Digital compass - MP4/DivX/XviD/WMV/H.264/H.263 player - MP3/WAV/eAAC+/AC3/FLAC player - Organizer - Image/video editor - Document editor (Word, Excel, PowerPoint, PDF) - Google Search, Maps, Gmail, YouTube, Calendar, Google Talk, Picasa integration - Adobe Flash 10.1 support - Voice memo/dial/commands - Predictive text input (Swype)

Battery		Standard battery, Li-Ion 1650 mAh
	Stand-by	Up to 710 h (2G) / Up to 610 h (3G)
	Talk time	Up to 18 h 20 min (2G) / Up to 8 h 40 min (3G)

Misc	SAR US	0.16 W/kg (head)     0.96 W/kg (body)
	SAR EU	0.34 W/kg (head)
	Price group	Expected price of Samsung Galaxy S2 in India is Rs. 32000 approx.