Malicious ‘Friends’:
Once friends are approved on a social networking profile, vigilance is required to make sure that the friend’s profile hasn’t changed to include inappropriate content, an inappropriate profile image or malicious code. The simple act of reviewing proposed friends may make the administrator’s system vulnerable to attack. Although most users of such social networking site already understand this, disclaimers about friends and content on their profiles should be posted. Clear policies about accepting friends should be posted as well. Some sites such as MySpace allow you to control which friends get listed on your main profile page, whereas others such as Facebook randomly place any of your friends on the main page, in which case, care must be taken in approving friends.
This vulnerability is the same as attacks whereby developers work to get a site high in Google or other search engine results, and then changing the content of their pages to purposely introduce attacks.
Again, the main recommendation is to use computer resources off the CDC network to manage and maintain the profile. This requires separate hardware and connection to the Internet.
No comments:
Post a Comment