Sunday, May 9, 2010

Facebook’s Gone Rogue; It’s Time for an Open Alternative

Worth reading. No -- mandatory reading.

I hope some outfit comes up with a new solution that is private by default, fully modular and allowing users to customise every aspect of their profile to precisely define exactly how MUCH they want to share and with WHOM. Better yet, how about a system which uses Facebook's own APIs to support seemless export of all your own profile data into this new system (either that or script it up). Imagine being able to use Facebook's own tools to eliminate itself from the market. That would be a nice touch.

But of course, all this information costs money to store it right? So there is clearly an economical problem - but that's solvable. Want to make money with targeted advertising? No problem. This new Facebook insists that all ad networks and affilitates send THEM the ads and relevant metadata. New Facebook then filters ad delivery to the end user directly. Bingo - user data isn't shared. You then just focus on making enough money to sustain the service and ensure that user information is considered sacred. No fancy ass crap about exposing APIs to mine for data, no changing of default privacy settings, etc.

I'm pretty sure that users could live with targeted advertising if they knew that their information wasn't being shared and their privacy being taken seriously.

Now who wouldn't sign up for a service like that?

- J.
PS: On a side note, this is how you get security to be seen as a business enabler.


Anonymous said...

Hi jarrod,

You need to update this bit 'While I am an employee of Dimension Data the views expressed here are my own and not those of my employer (blah blah blah usual caveats apply).'

Hope the new job is going well - ounds like it. Cheers, Leslie

Drazen Drazic said...

Am enjoying your Facebook series of blog posts. Keep 'em coming.

End of the day, it's a money making venture and Zuckerberg and co will and do all they can to get that money rolling in.

Interesting to see the security side of things in terms of information getting out there really ramping up. I doubt it's even registering as a concern for Zuckerberg at the moment but the more awareness, the better.

The personal data in there has never been confidential in the sense of the true definition of "confidential". People just need to understand this. It never will be either.

What a great gig it would be to pen test the site! Educated guess is that the results would be quite interesting. :)

Jarrod said...

Hi Drazen,

Dead on. Who bother to reads the T's and C's these days when I can just click 'I Agree' and move on!

BTW if you want to see someone regularly pentesting Facebook, check out The Harmony Guy's work:

Whilst obviously not full disclosure, his work is very illuminating.

- J.