When you were young and your heart was an open book, you used to say live and let live. But if this ever changing world in which we live in makes you give in and cry, say live and let die.

Paul McCartney

Facebook Security

16 February 2009

It seems like every day raises new reasons to be concerned about Facebook and the security of your personal information. Just two weeks ago, I was about to send out my reply to “25 things you may not know about me”. Fortunately, I had the good sense to balk. My list contained 25 personal facts, but certainly no deep, dark secrets. Even so, they were 25 things I wouldn’t mind sharing with good friends and family, but with long-distant acquaintances and former students? I don’t think so.

This week’s newest Facebook meme raises real security concerns. This isn’t about revealing some misguided prank of youth or the fact that someone’s favorite song in high school was “My Sharona” (not mine, mind you). This is about getting Facebook users to broadcast the answers to standard website security questions. It’s called the “Name Game” or “Ten Names” and it works like this: (the game is in ; my commentary is in gray)

And if you’d be a real dear, please leave your security settings so that everyone can view your notes. You’ll think this is fun, but somebody else is likely to have far more fun with your answers.

Good, start with this, so my bots can link your answers to your name without too much work.

Let’s just lead off with some useful information.

More about your parents, please.

Let’s get you off track with something innocuous.

Not commonly used, but some personal information used by some sites.

Let’s complete your name, but in a different place, so you won’t suspect anything. Oh, and let’s ask for your hometown since I know banks use that as a security question.

More to dampen any suspicion my previous boldness may have aroused.

Now you really don’t suspect anything.

More answers to questions on some e-commerce sites.

Pet’s names and current street names are also common questions, as well as some of the most commonly used passwords, since good passwords can be so hard to remember.

While you’re mulling your alternative life as a porn star, spill the beans on these two common security questions.

A few things that don’t matter will help clear your head.

You’ve already given the pet’s name, so just give it again. And you’ve probably already forgotten everything you’ve just volunteered.

So, there you go. You’ve put your security information out there for everyone to see. And it was fun, too, now wasn’t it? Reminds me of that bumper sticker, “The worst day fishing is better than the best day working”. Or was it phishing?

Now, where did I put that number for Equifax?