An article came out yesterday from Clement Genzmer who is a security engineer at Facebook. His tagline is "searching and destroying malicious links". Those of us in the business of digital security and safety can certainly identify with that, especially the part where we aim to identify the criminals and work with law enforcement to have them brought to justice. Truthfully, what I'm really in it for is the constructive aspect — an innate feeling and desire to build something new and offer positive "things" to society. And that is what brought my attention to the article about Facebook's evolution in security and safety in the hopes of protecting consumers.
Facebook announced the following security measures in a bid to keep their ecosystem free and clear to enable its users to visit and share their lives without fear of infection. I like having security "just doing its thing" and doing it well. That involves security engineers and researchers to be vigilant and ever testing new products and services. Testing to see that we are ahead of cybercriminals and that our proactive and reactive measures are constantly working.
- Malicious Links
- Facebook in addition to their own systems has partnered with Web of Trust to obtain more information to help its ecosystem. It is good to see industry working together.
- Measures have been stepped up at Facebook to help detect and block rogue URLs.
- Self-XSS Protection
- Working with browser providers, Facebook has also increased its own routines to catch potentially virulent URLs being pasted into this framework.
- Login Approvals
- And not new, although re-announced, this is Facebook's own "multi-factor authentication" system. In order for it to work, when logging into your profile, Facebook will send a code to your mobile phone. Input that code, and you are logged in.
Might there be a way for miscreants to circumvent these? Sure, and that is why security requires vigilance and a certain amount of passion by its practitioners. Make no doubt about it, as we must pay taxes, so do online thieves (as the physical plane ones) will attempt to steal our information.
I applaud Facebook for working diligently to help bolster its safety and security architecture for what technically can be defined as a world's third largest country. When first responders or Emergency Medical Technicians (EMTs) arrive on a medical scene, the first thing taught in training is to make sure the environement is safe and secure and to ultimately ensure that no further damage is done. Facebook is attempting just that, to ensure that consumers are not damaged by malicious links or account hijackings. Keep up the good efforts and destroy those malicious links!
Leave a reply