STUDY: Facebook’s Mutual Friends Feature Presents Security Concerns, Privacy Risks

How safe is Facebook’s mutual friends feature? Not very, according to a recent study at the University of Pittsburgh.

How safe is Facebook’s mutual friends feature? Not very, according to a recent study at the University of Pittsburgh.

The study found that the social network’s mutual friends feature “creates myriad security risks and privacy concerns,” adding that even though users can adjust their privacy settings, hackers can still access information that is intended to be private.

University of Pittsburgh School of Information Sciences Associate Professor of Information Assurance and Security James Joshi was the study’s principal investigator, joined by Mohd Anwar, a former faculty member in Pitt’s School of Information Sciences and now assistant professor at North Carolina A&T State University, and Lei Jin, a PhD candidate in Pitt’s School of Information Sciences.

The trio used computer simulation programs to conduct “attacks” on 10 randomly chosen groups of between 500 and 5,000 users, as well as sample groups based on shared interests, and the attacks were able to reveal 60 percent of targeted users’ private friends, as well as 67 percent of private distant neighbors.

Joshi said:

Oftentimes, mutual-friends features have not been created in tandem with privacy setting designs, and inadequate thought with regards to security and privacy issues has been given. With such a huge user base in such systems, a minor privacy breach can have a significant impact.

Being able to see mutual friends may allow one to find out important and private social connections of a targeted user. An attacker can infer such information as political affiliations or private information that could be socially embarrassing. More important, the information that’s gathered could be used, in combination with other background information about the targeted user, to create false identities that appear even more authentic than the actual user.

It is important to understand all possible privacy threats to users of social networking sites so that appropriate mechanisms can be developed. This work of ours is an effort to comprehensively understand such threats related to the mutual-friend feature so that appropriate measures can be taken.

Readers: Are the results of this study a cause for concern?

Recommended articles