Search This Blog

Tuesday, April 08, 2008

Facebook Security - Limited Profile and Privacy

Ok, instead of writing a formal paper and publish it, I prefer to do this here at my blog. Facebook greatest secret by far is how to properly configure it so that it protects your privacy. I had seen many badly designed GUI and this is not one of them, but yet the GUI does not allow you to find what you want to do easily. Could this be a defact by design?

What I am going to talk about here is what will make Facebook safer. But by no means safe. Because there are still some loopholes here and there for social engineers. My advice would be if you do not need to tell anyone something, do not put them there in Facebook. That would be a better security then using the Facebook function to hide them.

First off, there is limited profile. One way or another, you may or may not have it set up. In this article, lets presume Facebook did not set it up properly for you.

Settting up a Limited Profile Friend List:
  1. From main menu, go to Friends Tab.
  2. Under Friend Lists on the right, see if you have Limited Profile. If so, you can skip this rest of this section.
  3. If not, click Make a New List
  4. Name it Limited Profile

You have created your limited profile. While we are here, lets go through the confusing steps to add a friend to the Limited Profile before we move on.

Adding friend to Limited Profile:

  1. Click on Limited Profile under Friend Lists on the right.
  2. Click on Everyone tab (if not highlighted) on the left.
  3. You can see a list of friends in your Limited Profile now if you have any.
  4. Type in name or click Select Multiple Friends beside the search box to add them.

Now you have someone inside (you should add at least 1 to test out) the Limited Profile, but if you actually surf and try you will not see any difference at all. This is the stage where most people scream that Limited Profiles does not work! What's the point?

OK, to solve this, we need to actually make Limited Profile different. How? It's time to edit your privacy.

Defining Limited Profile:

  1. Go to privacy on the top right.
  2. Select Profile.
  3. You will see a lot of boxes and mostly they will be set to Only Friend (I hope). but that is not the setting we want either.
  4. Choose one box and select Customize from the list. You can't do it with the first box label Profile though.
  5. You should see a screen like this below.
  6. You will need to use the Except These People box. I suggest you set most of the option (if not all) to Friends Only. This is true especially for the network settings. If you join a "OI hate linux" network, its fun but you probably doesn't want everyone in the network to see your information. Set it to no information for network.
  7. Then type in Limited Profile into the Except These People box.
  8. Click Okay. You should end up with something like the following:
  9. Do this for both your Basic and Contact Information tab.

Now, if you go and view your profile through a Limited Profile friend, you will see that the information you chosen are not hidden. This is how the Limited Profile should be configured.

By now, you will realized that Limited Profile is actually just a list. You can call it ABC for all I care. You can create more list and set then in the same way too, giving each of them some differences. For example, you may not want your colledge to know your work history, but allow them to see your contact number etc...

Next step, lets move on to blocking people. I love this one. There are many myth about how you can block people especially those whom are not even your friend. I had issue with this too maybe due to the API... It does not find the user using the search at all. Anyway, here are the instructions.

Blocking user:

  1. Go to privacy on the top right.
  2. At the bottom right, you should see this.
  3. Now you will need to enter the full name of the person you wish to block. The limitation however is if you cannot find the user, you cannot block the user.
  4. If you find the user, just click Block Person on the right of his profile and you are done. If not, I suggest you try finding a few times. It took me a while to find some people.
  5. After blocking them, go back to privacy and you should see them on the Block List like the picture above(ok, without the mozaic).

So, we settled the human issue. What about apps? Some apps might be taking information away from Facebook just because I installed it. My advice is, do not install any application that ask for excessive information. If you are playing a flash game and it ask for you credit card, thats definitely something wrong with it. However, you can control some of it here.

Limiting Applications:

  1. Go to privacy on the top right.
  2. Select Application.
  3. You should see a list of application you trust. This list better be good. Remove any suspicious ones immediately from here.
  4. Click on the Other Application tab.
  5. You should read through the wordly page, but the meat is as shown below.
  6. My advice would be to disable all options here. I find very little reasons I would want to share information out to applications.

Now, that settles the applications settings.

Despite all the above settings I recommened, the best security is still up to you. Always play safe and do not enter or reveal unnecessary information on Facebook. also know that some information can be leakedthrough your friends as well, so keep them up to date and advice them to "harden" their Facebook settings.

Have a great time playing games and joining networks in Facebook without losing your job!

1 comment:

Anonymous said...

hey thanks for the instructions Nemesis! I found all this very useful and will share the knowledge next time someone asks how to use 'limited profile'.

Amazon Gift Cards!

Thanks for viewing!

Copyright © 2008, All rights reserved.