• United States



by Senior Editor

10 Security Reasons to Quit Facebook (And One Reason to Stay On)

Mar 22, 20109 mins
Application SecurityData and Information SecurityFacebook

You can't go a day without logging in to see what your friends are up to? Consider these reasons and you may decide to quit Facebook and reduce your risk.

Last year, Baby Boomers quit Facebook at a faster pace than they joined.

That’s according to data published last year by the site Inside Facebook. After a huge growth in Facebook membership among the over-55 age group took place at the end of 2008 and the beginning of 2009, that same demographic began to defect in large numbers, just months after signing up.

Boomers were the the only shrinking age demographic on the site. What do Boomers know that others don’t? Boomers have discretion, according to Scott Wright, a security consultant based in Canada who also researches and writes about social media and security awareness on his site

While the numbers certainly continue to indicate that more people are joining Facebook than quitting, certain web sites that help people “kill” your online self have gained popularity, too. Facebook recently issued cease and desist orders to several of these sites, including one called Web 2.0 Suicide Machine.

Also see The 7 Deadly Sins of Social Networking

Why would someone decide to sign off Facebook forever? Here are ten observations from security and privacy pros about the risks of social media.

Your privacy is history

Wright took part in a panel discussion recently on the topic of privacy and said he was intrigued by the opinion of one academic who pointed out that the notion of privacy differs widely among generations.

“The 20-something view of privacy is basically that their parents not see what they are doing. That’s about it,” said Wright.

Facebook founder Mark Zuckerberg apparently agrees. Zuckerberg made controversial remarks to a live audience earlier this year at an awards event and stated that openly sharing information with many people is today’s social norm. He went on to say “We view it as our role in the system to constantly be innovating and be updating what our system is to reflect what the current social norms are.” Many have translated this to mean Facebook doesn’t think its users want much privacy, and the policies of the site reflect that view.

Whether Zuckerberg is right or wrong depends on who you ask. And that leaves us to consider: As younger generations define privacy in new ways, it really good for us? Bethan Tuttle, an Washington-based independent consultant and privacy advocate, says no. Tuttle said she is concerned about some of the newer changes to Facebook that force users to share certain information because, in her words, without privacy, we don’t have civil liberties.

“If you can’t maintain privacy online and off, then you can’t speak freely,” said Tuttle. “These security issues need to be addressed in such a way that our privacy can be protected.”

Tuttle thinks the massive and quick growth Facebook has experienced in the last two years, coupled with a lack of privacy-centric leadership has left end user privacy as casualty. (Read more in Six Ways We Gave Up Our Privacy.)

They don’t have your best interests in mind

As Tom Eston, creator of the web site points out, the very business model Facebook, and other social networking sites like Twitter, stands on is making user information as public as possible in order to generate new ways to make money.

“They are really startups if you think about it. They don’t have a true business model,” said Eston. “Their philosophy is the more you share, the more information they have to make money with.”

With that in mind, can you really count on them to protect you? And do you know just how much information you are sharing that can be used not only by Facebook, but by the application developers that create those fun quizzes and games? Wright says most people don’t.

Case in point: A quiz designed by the ACLU that shows Facebook users just how much information they hand over to application developers every time they agree to install a new app. Want to take that quiz to find out who you were in a past life? Each time you do, almost everything on your profile, even if you use privacy settings to limit access, is made available to the creators of that application.

Frequent redesigns affect privacy settings

“Just when people figure out the privacy settings on Facebook, they go and change them again,” said Wright. “It always seems like it is being done in everyone’s best interest, but if you really examine it, they have never done anything other than to try and get people to share more information.”

The latest Facebook redesign in December now makes public, and searchable, certain user information that was previously private, such as which pages you are a fan of and your profile picture. And many of the features you can make private are left public unless you go in and adjust your privacy settings, which is no small task, according to Tuttle.

“I am really good online but it took me several tries to get my Facebook privacy settings where I needed them to be,” she said. “I think Facebook actually implemented some great changes with this redesign, but they need to make those easier and more stable. Privacy settings need to not be changed so many times in such a short period. People need to know weeks ahead of time exactly what to do and a method of not waking up one day and finding out all of their information has gone public.”

Social engineering attacks are getting more targetedIf you are using Facebook, surely you have received messages by now on your wall asking “Have you seen this video?” or “Is this you in this photo?” If you click on the link, you run the risk of being infected by malware. These are known as social engineering attacks, and they are becoming more sophisticated said Wright. (Read more in 9 Dirty Tricks: Social Engineers’ Favorite Pickup Lines.)

“They are becoming very targeted. Even seasoned security professionals are falling for them,” he said.

The more information you share, coupled with a decrease in privacy, only means it is even easier for cyber criminals to get information about you that can be used to trick you into clicking on a bad link.


Blackberry owners using the mobile Facebook application have been experiencing increased amounts of spam lately that claims to be from Facebook, said Eston.

“I think it’s a security concern,” said Eston. “Mostly because spammers can use that vulnerability to make you think the message is coming from Facebook when it is not.

Many users simply wonder “Why is Facebook sending me this?” and instinctively open the message and log in to what turns out to be a fake screen that steals credentials.

You don’t really know your friends

A report from security firm Cloudmark that was released at the end of 2008 concluded that close to 40 percent of new Facebook profiles are actually fake. If you are one of those people with hundreds of “friends,” what are the chances you might have a fake friend or two out there in your network? Pretty high, said Wright.

Having lots of friends is dangerous is because it opens you up to additional security risks. Wright said those who get targeted for hacking are the ones who have lots of friends. The more friends you have, the more reach a criminal will have when he breaks into your profile and sends out a bad link to everyone.

eighth reason to quit facebook

You can’t help yourself from being dumbthe site has brought to light the safety concerns around social networking. Pleaserobme aggregates the Twitter feeds of people who play Foursquare, a location-sharing application that allows users to “check in” from their various geographic whereabouts. The problem is, in playing the game, many users are also publicly broadcasting that their home is likely unattended and a good “opportunity” (as the site terms it) for thieves.

The recent attention around

As Tuttle puts it, you need to think about what you are doing and many people are not. Whether you’re updating your Facebook status or playing a location-sharing game through Twitter, you’re putting yourself out there in potentially dangerous ways, particularly if you don’t know all of your “friends” that well (See “You don’t really know your friends” above).

“If you are posting that you have arrived at a hotel at 11:00 at night and you are a female with a cute photo, you’re giving someone incentive to put on their shoes and go look for you. Are you even thinking about that?” she said.

The great unknown

The layout and privacy settings keep changing. There is a lot of analysis and speculation about a potential Facebook IPO in the future and generally a lot of discussion of Facebook’s future business strategy. What does this mean for users? Wright said some fear it means an increase loss of privacy as the social networking site inevitably looks for ways to make money by offering up valuable user information to advertisers and developers. Will you stick around to see how the site evolves? Or will others take a cue from the Boomers and opt out?

“One of the things I find most interesting is that there are still many people who are scared to death of social networking sites,” said Wright. “These are usually the people who don’t see value in them. In the end, they may be the wisest of us all.”

Ex’s, creeps and parents

George Straight once sang, “All my ex’s live in Texas, that’s why I hang my hat in Tennessee.” There is little doubt that if Straight were break up with a girlfriend in today’s information age, he’d have to do more than simply move across state lines to avoid being found again. Facebook is making it possible for people who break up to be cyber stalked, even if they aren’t friends anymore, said Eston. Although the virtual connection is broken along with the actual relationship, having mutual friends makes it easier for your ex to keep tabs on you. The same goes for any creepy guy or girl you are trying to avoid.

Or you may get a friend request from a parent, which Wright claims many 20-something users he talks to considers the worst thing that could ever happen in the history of social networking.

“That is big driver for quitting,” he said. “Once the parent friends some of these people they immediately think ‘I’ve got to get out of this!'”

Of course, if you’re the parent and you’re concerned about kids revealing too much on social networks, this is the promised reason you might want to STAY on Facebook—it might make your kids quit.