Security in Social Networks: important for Facebook AND OpenSocial

TechCrunch reports that an OpenSocial app has once again been hacked, this time it’s iLike on Ning:

This time, he claims to have easily accessed the iLike application on Ning. Specifically, he says he can add and remove songs on users’ playlists. And more damaging, he can also access a user’s friends list in the client-side code. Give him a Ning username and he can give you details on their friends: relationship to user, last date of update, photo, profile creation date and part of their email address.

When you have an API that lets applications access and work with so much personal data, it’s an understatement to say that managing security is tricky. In a very real sense, the security of your network is based on the strength of your least secure application.

As the number of applications within social networks blossoms, and as these applications get access to more powerful functions (this is almost inevitable), they must also keep a close watch on security. A lot of the value in networks like Facebook is in the accuracy of the profiles they host, and having a secure, identity-theft-deterrent site is an important part of gaining a user’s trust.

Welcome to our community! If you like what you see, you may want to subscribe to our RSS feed!