Monday, July 18, 2011

Facebook Security FAIL Example

After writting the comparison last night I was a little more aware of what I was doing on Facebook today. I got a tweet about a coupon that Lindeman's was giving out on Facebook, so I headed over to their site.

The process was easy! I click that I "LIKE" them, then I can get a chance to get a $5 off coupon (basically a free Entemann's). So I "LIKE'd" them and then I was taken to this pop-up:


Click on that picture to blow it up so you can read it a little bit clearer...

I would bet almost everyone just clicks the ALLOW button and moves on. I admit it, I usually do too. This is a list of what you would agree to share with the app to get access to a coupon! Let's read through these:

Access to basic information
  • Your Name
  • Profile Picture
  • Gender
  • Networks
  • User ID
  • List of Friends (why do they need to know my friend's for a dessert coupon?)
And the big whammy:
  • Any Other Information I've Shared with Everyone
Read that last one again......

Send me email
  • It allows them to send me an email. Why do they need to do that, all the coupon apps print right inside Facebook. Ok fine, maybe they were going to email it to me...
Access my profile information
  • My "Like's"
  • Music
  • TV
  • Movies
  • Books
  • Quotes
  • Birthday
  • Current City
  • Education history
Ok fine, you want to build profiles on who is accessing coupons. Joke's on them, I fit none of their typical couponer profiles!

Most of this I am ok with, but I see NO need for them to see who my Friends are. And most of all the have NO reason at all to see "Any Other Information I've Shared with Everyone"

Obviously I had no more interest in this coupon...

Nater

No comments: