19 Jul, 2013 No Comments Bobby Internet Security

Social Media Buttons

When you sign into a website, you will often see a button to “Sign in with Facebook”, or Google, Twitter, Yahoo, etc. What this does is link those websites together, so when you log into one, it logs you into all of them.

This means that each site can keep track of everything you’re doing on whatever site you’ve linked it to. The result is a giant map that connects all your internet activity around you like a spiderweb.

It may be convenient in some ways, but convenience in the digital world can be a problem. “Easy” is often synonymous with “less secure”. It’s difficult to make a system that’s both easy to use and secure at the same time.

Clever Devils – Why They Do It

These websites that want you to sign in with your social networking accounts are really just mining you for advertising potential. The more they know about you, the easier they can target you for marketing.

The strategy is genius. The users volunteer to create this connected web around themselves because of it’s touted “benefits”. Like automatically using your Facebook information to fill in your profiles on dating websites. Or being able to see your friends’ birthdays while browsing online retailers like Amazon.com. Seriously? Is it really Amazon’s business when your friends’ birthdays are? Have you asked your friends how they feel about that?

And keep in mind that even though the Facebook platform policies specifically condemn the practice of selling the information to another (fourth) party, companies get in trouble all the time for doing stuff they shouldn’t be doing. And the more companies that have your information, the greater the possibility of leakage.

What Are The Benefits of Linking Social Logins?

I would be remiss to not mention that there are some arguable benefits. Like having to remember fewer logins (there are better tools for that, however – try LastPass or 1Password). Or having access to your friend’s wishlists on certain retailers in case you want to buy them a gift (a neat idea, but of questionable value).

I guess the question is, are these minor conveniences worth it to you? It’s best to be of the mindset that websites should only have as much information as is required to provide you their main service. Beyond that, any personal info is none of their business. I don’t think the few minor conveniences of sharing your logins is worth decreasing your security and privacy.

Of course, if you don’t mind sharing your personal information with these companies then it’s your business. It’s technically not directly harmful to you. But I would say that it’s best to be a stingy grump like me and be extra skeptical when doling out trust on the internet.

Reasons Why Linking Sites Is a Bad Idea

While it’s not a totally evil idea, there are still some drawbacks to linking social sites with third parties. From a security and privacy standpoint, this is a bad practice for several reasons. Here are several things you should be aware of.

Decreased security

If you’re currently logged into a social networking site like Facebook, it also logs you in to whatever sites you have linked with it. That means that if your Facebook account gets compromised, the attacker could potentially have access to these other sites as well. Now imagine if these other sites had your credit card information or other sensitive data.

For a real world example of how this works, read the story of how someone was able to gain access to a volunteer’s Facebook account, which was linked to an electronics store where the victim was already approved for credit. It’s real, scary, and it happens more than you think.

Decreased privacy

When you link sites together, they share information. Facebook learns what your buying habits are. What you’re posting on your other social websites. What books and music you’re consuming. And this is trivial compared to whatever personal information the sites may be sharing.

What’s more, Facebook will post that information publicly to your page. Now everyone will know that you just bought that Nick Kamen album you were really hoping to keep a secret. You can turn these posts off, of course, but it’s annoyingly presumptuous for Facebook to assume you want everyone to know your personal biz.

Likewise, the sites you log into now have your Facebook information. Why in the world should Sears.com need to know what your hobbies are? It’s of no real benefit to you, and highly useful to them as revenue potential.

Decreased professional reputation

Please, for the love of all that’s good and holy, never link your personal social accounts with your professional life. Do you really want potential employers at Monster.com to have a direct link to your Facebook wall? Do you really need to have personal photos associated with your LinkedIn account?

If you haven’t figured out why it’s a horrible idea to put your Facebook rants and friend associations alongside your professional resume, you’ve got a big surprise coming when you start looking for a job. Keep your internet rants away from your job applications.

Be Smart About It

So what’s the point of this whole internet thing if I can’t be connected? I’m only suggesting that you get educated about the risks. Linking sites isn’t always a bad thing, but it is something to be cautious about. The bigger your social web is, the easier it will be to get caught in it.