Cross-posted from the Goal Keeping DBA:
In recent days I’ve seen folks jump on Facebook groups and become fans of pages which I know, from a glance, are not what they appear to be. Part of the reason I know they aren’t goes back to my experience as an IT security professional. Part of it goes back to my experience as a web developer. So when I see one of these groups that makes a claim I know cannot be met with the architecture and design of Facebook or Twitter or whatever technology you want to speak of, I know it’s false and that means the group or page has an ulterior motive. But my signals or clues are based on my experience. This is especially concerning for me since a lot of my youth are on these sites and they may not realize a threat for what it is. And that threat could lead to something far worse than a stolen password, a hijacked account, or an infected computer.
So what I want to do is figure out a way to deconstruct those cues so that a regular end user without a security or web development background can learn them and make reasonable assessments themselves. There’s too much of this nonsense going on. And that’s the reason it has made my goal list. I want to figure our how to make an easy to understand, informative presentation with realistic instruction on how to judge potential security threats for social media sites. A presentation targeted not at IT, but at the end user. I know this isn’t going to be an easy undertaking, but I think it’s gotten to the point where it’s necessary.
If you’re interested in collaborating with me, shoot me an email at kbriankelley {at} acm {dot} org