Social Application Permissions – Take Back Control

Trace Choulat

Profile

Edit profile icon

Friends

Friends of

Blog

Videos

Files

Pages

Photo Albums

January 5, 2012 by Trace Choulat   Comments (2)

As you use social media sites like Facebook, Twitter, etc., you have probably given applications permissions to access your personal information.  When you see or use a “Share this on Facebook” link you are likely giving an application access to some amount of your personal data.  Facebook alone has over 34,000 applications available.   The apps may be quite useful, like the Google Picasa app or completely trivial marketing tools such as the Lady Gaga app which appears to allow her marketing folks to post to Facebook as you.

These applications, which are not exclusive to Facebook are potential security/privacy wormholes through which your personal information can pass.  What you may consider personal, Facebook and other social sites may consider public.  In general these applications can access/harvest anything you have set available to “everyone” and anything considered “public.”

Here is what is currently considered “public” by Facebook

“What is considered "public information"?

Any content that is available to a public audience is considered public information.

Things you share on your profile (timeline)

Your name, profile picture, gender, networks, username, and user ID (account number), should you choose to provide these details, are available to anyone because this info is essential to helping you connect with your friends and family.

Name and profile picture help friends recognize you.

Gender helps us describe you (for example, "Add her as a friend").

Networks are open to everyone so network members can see who they will be sharing information with before they choose "Friends and Networks" as an audience.

Username and user ID (account number) are in the link to your profile (timeline).

Other things you share

In addition, anything you choose to share with a public audience (designated by in your audience selector) is considered public information. Learn more about using the audience selector to control who you share with each time you post.”

Mypermissions.org is a handy set of links which will take you to the app permission control pages of your accounts.  You do not provide any credentials to Mypermissions.org but you will want to login to the associated service before you click the links.

Spend a few minutes and you may be surprised what has access to your account.  If you do not need the application or you have no idea what it is for, your best course of action is to remove the application.

http://mypermissions.org/

Daniel Stewart Mccoy

Profile

Friends

Friends of

Blog

Videos

Files

Pages

Photo Albums

Thanks for blogging. This is very helpful.

Daniel Stewart Mccoy 131 days ago

Peter Zimmerman

Profile

Friends

Friends of

Blog

Videos

Files

Pages

Photo Albums

The biggest "app drudge" (or whatever you want to call it) for me was in Facebook. I've had my account since 2004, I think, and there were definitely worthless apps I'd authorized still swimming about in there from the beginning. Thanks!

Peter Zimmerman 131 days ago