Sophos Asks Facebook For 3 Security Improvements

Sophos has presented three suggestions for Facebook to improve security and privacy on the site, in an open letter posted on the consultancy's site and circulating virally on the social network.

Sophos has presented three suggestions for Facebook to improve security and privacy on the site, in an open letter posted on the consultancy’s site and circulating virally on the social network.

Based on our own reading of this letter, the three suggestions together could possibly eliminate spam, malware and hacking — at least until scammers come up with a new set of tricks, which unfortunately continues to be an inevitable part of the technology development lifecycle.

Sophos’ three suggestions are:

  1. Reverse the current default settings to not share data about users unless they opt in –rather than requiring people to opt out.
  2. Only allow vetted and approved developers to publish applications on Facebook.
  3. Make every single page of the entire site operate only on secure web pages addresses starting with https://

We realize these suggestions sound simpler than they really are; once enacted, they might be simple, but transitioning to them would prove challenging. But if the end result is a better experience for everyone, then it might be worthwhile.

Do you agree with Sophos’ recommendations for improving Facebook security and privacy?