MUMBAI / BANGALORE, India – October 19, 2010 – IT security and control firm Sophos poll of over 1000 people has revealed that more than 95% believe that Facebook should follow Apple’s example and security check all third party apps running on the site.
Sophos’s survey follows a summer of malicious apps, causing havoc on Facebook, compromising hundreds of thousands of users’ profiles and spreading virally across the network.
“Facebook is much more than a social networking website, it’s a platform with over half a million active applications running upon it,” explained Graham Cluley, Senior Technology Consultant at Sophos. “Inevitably some of these applications are written with malicious intent – designed to steal information, spread virally, or spam unsuspecting Facebook users. Anyone can write a Facebook application, and it can be made available to the site’s over 500+ million users without vetting. It’s no wonder we see so many malicious attacks by rogue Facebook apps every day.”
Should Facebook follow Apple’s example, and have a “walled garden”, verifying all apps?
Yes, it would be better for security: 95.51%
No, there shouldn’t be restrictions on what Facebook apps are written: 4.49%
Source: Sophos online survey, 1025 respondents
“Apple has successfully run a ‘walled garden’ on its iPhone App Store, meaning that only approved apps are allowed to be run on the iPhone, iPad and iPod Touch,” continued Cluley. “Although some people may not appreciate the level of control that Apple has over what apps you can run on your device, it certainly has been instrumental in keeping malicious hackers and malware off the platform.”
Every day, Sophos sees new malicious apps on Facebook that are happily spreading on the social network, compromising users’ profiles and stealing information. Clearly Sophos’s poll respondents feel it’s time that Facebook put in place compulsory verification systems for third-party applications, to help prevent security threats.
# # #
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use, and that deliver the industry’s lowest TCO. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs—a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards. Sophos is headquartered in Oxford, UK and Boston, US. More information is available at www.sophos.com