Facebook improves safety, security tools; experts not impressed

Facebook has launched Two Factor Authentication and improved HTTPS on its website, but it still has a long way to go.
Written by Emil Protalinski, Contributor

Facebook has always tried to make its safety features social, like everything else on the website: the company's theory is "by keeping each other informed, people make Facebook a more trusted environment." The company today pushed out new safety resources, tools for reporting issues, and additional security features.

The first two were already announced last month in conjunction with a White House summit for preventing bullying, while the other two are new. Here's a summary:

  • More Resources for Families: the Family Safety Center has been redesigned. There are now more resources, including useful articles for parents and teens and videos on safety and privacy. In the coming weeks, Facebook will also be providing a free guide for teachers, written by safety experts Linda Fogg Phillips, B.J. Fogg and Derek Baird.
  • Social Reporting Tools: the new social reporting tool (Photo Gallery) allows people to notify a member of their community, in addition to Facebook, when they see something they don't like. By encouraging people to seek help from friends, Facebook hopes that many online issues which are a reflection of what is happening offline can be resolved face to face. This tool launched last month, but Facebook has now expanded it to other parts of the site, including Profiles, Pages, and Groups.
  • Two Factor Authentication: Facebook has started to introduce a new feature to help prevent unauthorized access to your account. If you turn it on, Facebook will ask you to enter a code anytime you try to log into the site from a new device.
  • HTTPS Improvements: Facebook announced HTTPS support, which helps protect your personal information on public networks or private networks you're unsure of, earlier this year. Facebook has improved HTTPS support so that if you start using a non-HTTPS application on Facebook, the site will automatically switch your session back to HTTPS when you're finished.

The timing of this update is interesting, as just yesterday Internet security firm Sophos wrote an open letter to Facebook, asking the company to address some of the ongoing safety and privacy issues on the social network. One of the suggestions was for Facebook to use HTTPS for everything, by default.

Unsurprisingly, Sophos still isn't happy with Facebook's improvements today. "Facebook has got a longer road ahead of it if it's really serious about protecting its users," Graham Cluley, senior technology consultant at Sophos, said in a statement. "HTTPS is still not on by default, and isn't present at all for users who visit the mobile version of Facebook's website. Users continue to contact us in their droves concerned about rogue applications, survey scams and Facebook's attitude that privacy isn't something that users should be entitled to by default."

Editorial standards