Guest editorial by Stefan Tanase
The recent launch of Google+ has prompted many questions and concerns regarding privacy on the social network. The thing is, it's never about "major concerns" when talking about social networks and privacy or security. It's usually those little things, very subtle features or options, that many users might not fully grasp, that can cause serious damage. Only time will tell how all Google+'s features will be used and perceived by the masses.
The main idea about privacy and the web is not about reading privacy policies, not about comparing Google+ with Facebook, not even making sure your privacy settings are very strict. It’s about making sure you only share things which will never affect you if they become public. Think about it for a second. You only share something to your friends and to friends of friends. You probably have 500 Facebook friends already, and each of them has 500 more friends. Simple math would tell you that you just shared something to 500^2 = 250 000 people. Still think you have privacy? Think again.
[ SEE: Five Things to love about Google+ ]I know it might be hard to decide to post something or not, but if in doubt, just don't do it. Don't do it unless it's something you're ready to share with any person from your past, present or future -- or even beyond. Be honest to yourself first and you won't have any problems. Basic common sense.
The problem with social networks is that they are, well, social. Social networks are on a constant struggle to find an equilibrium point between usability and security, as you can't expect the perfect balance between the two. It doesn't exist.
Social networking websites need to have state of the art usability, and security features usually come in the way of that. Unfortunately, the choice social networks most often make is towards usability, not security, and I fully understand the business reasons behind that choice.
I just hope Google+ will have a different approach. The privacy ball is now in Google's court.
* Stefan Tanase is a senior security researcher at Kaspersky Lab. He specializes in web security, malware 2.0, and threats which target Internet banking systems, including phishing. See Ryan Naraine’s disclosure.