SWSZ Episode 3 - January 10, 2009 - Facebook and security for social media with Tom Eston

Saturday, January 10th 2009 @ 2:57 AM (2 ratings)    post viewed 2393 times

In the audio podcast (about 57 minutes) that goes with this post, I have an interview with Tom Eston, a well-known security professional, blogger and podcaster. Tom is an expert on Facebook security and privacy, and shares his views on the risks of using social media sites like Facebook, MySpace and Twitter. Tom has some great stories and advice. I'm very glad we were able to do this interview!

>To download this audio as an MP3 file, click on the "down arrow" on the left side of the player bar at the top of this page.

Introduction 0:00

Just a quick introduction to this episode.

News

SSL Vulnerability isn’t the end of the world. - 1:25

The Streetwise Security Zone reaches 50 members. Thanks! - 4:10

Book Review: "The Groundswell" by Charlene Li and Josh Bernoff (of Forrester Research) - 5:30

This is a great book for learning about how businesses should view the explosion in social media tools such as Facebook, Wiki’s, MySpace, Twitter, etc. I got some great ideas for how we can make use of the tools available in The Streetwise Security Zone. Of course, I wish it mentioned more about the operational risks of these tools. But that’s what we’re here for.

Interview: Avoiding the Landmines in Social Media Sites Like Facebook and Twitter - 7:30

Tom Eston and I discuss some of the key points that Tom likes to make people aware of when using tools Internet sites like Facebook. We discuss some really good examples and ideas in this interview.

Tom’s Introduction - 8:00

Tom’s blog:  http://www.spylogic.net (social media, penetration testing, etc.)

Tom’s podcast: Security Justice (http://securityjustice.com - live discussion of hot security topics, recorded in an Irish pub in Cleveland)

Scott’s Background - 11:00

The Honey Stick Project - 12:30

Tom’s Experience With Measuring Security Awareness - 17:00

Security Awareness Strategies - 21:00

Social Media and Business - 25:00

Social Media Risks and Stories 26:00

Why You Might Be Trusting Sites Too Much - 29:00

Building Security Into Products and Service Technology - 31:00

Facebook Experiences - 33:00

Tom’s Guidelines at a 50,000 Foot View - 34:00

Why Selecting "Private" Doesn’t Mean Information Won’t Be Divulged - 38:30

Read Privacy Policies - 30:00

Why Sites Don’t Promote Privacy - 39:30

The MySpace Suicide Story - 40:00

Sites Want to be Common Carriers With No Liability - 42:00

Link-Whoring (Accepting Friend Requests From Strangers) - 42:30

Facebook Application Risks - 44:00

Why You Should Choose Passwords Different From Other Application Accounts - 48:30

How Easy It Is To Find Identity Information From Facebook - 51:00

Sarah Palin’s Yahoo ID Theft Enabled by Wikipedia - 53:00

Based on this discussion, we know there is a lot more guidance that would be valuable to people. So, Tom and I plan to do another session focusing strictly on how to set Facebook privacy settings, and why. Stay tuned for more!

If you enjoyed this podcast, don’t forget to submit a rating in iTunes. You can get there by clicking on the subscribe via iTunes link above.

You can also rate this podcast by clicking on the Star rating system below this text.

Thanks for listening!

(If you'd rather see written transcripts of my audio podcasts, please let me know.)

rate this post: