When is a rose not a rose? When it’s a Facebook app you didn’t install…
Yesterday I noticed I had a new application appear on my Facebook account that I never installed, let alone used—but Send Roses had sent ‘roses’ on my behalf to a number of my contacts, a few of whom told me they, too, had this application added without their consent. They’d sent ‘roses’ to me as well, equally unknowingly.
Send Roses didn’t appear as a box on my profile, or in my list of applications. There were no images of roses to be found anywhere. When I deleted the references to roses from my mini-feed, Facebook offered to delete just the references or the application as well. So I chose to rid myself of Send Roses. I then got an error message informing me that Send Roses could not be removed. My friends, however, said that on their profiles Send Roses had been visible as an application, and could be deleted. But I still don’t know if it’s deleted on my account or still there, invisible and inaccessible.
I then discovered there’s no immediately obvious way to report possible security breaches. I couldn’t find a handy ‘contact’ or ‘report’ button, eventually locating the help system but that only provided a link for feedback and suggestions for new features, making no mention of how to get serious issues investigated. So I had to use the form for suggesting new features to ask for help.
Nobody at Facebook has got back to me yet with reassurance and an explanation. It’s frankly a piss-poor way for a massively popular website to operate. It’s like the company pretends these things don’t happen.
I can only guess as to the origin of Send Roses. As my account doesn’t, roses aside, appear to have been abused I think that maybe one of the applications I did install—in the process giving it access to my profile, as is the norm—was then used by its author as a gateway through which to add the unwanted application. So the only way I can think of preventing this happening again is to delete all the applications I’ve added to the basic vanilla Facebook configuration. And that’s what I’m going to do, along with shutting down various options in my profile to prevent other people sending me virtual gifts (so, sorry to my friends on that score).
But I can’t say with certainty that my theory as to what happened is really what happened, or whether my solution is necessary or appropriate. What’s more, it seems the people behind Facebook aren’t in any rush to advise and help with this situation, and that’s simply not good enough. There is a page on Facebook for the application, here, but—wait!–there’s a disclaimer common to all apps to be found underneath it, which made me realise that there’s a reason Facebook doesn’t provide front-level, easy access to a page for reporting errant applications:
Facebook is providing links to these applications as a courtesy, and makes no representations regarding the applications or any information related to them. Any questions regarding an application should be directed to the developer.
So we should, when encountering an application we didn’t install on our accounts, contact the developer? That’s insane. It’s like saying if you’re mugged, don’t call the police, go find the mugger and try to get him to give your things back. The disclaimer is a pathetic get-out for everything and anything that ever goes wrong. Can you imagine if other companies offline resorted to similar? Try:
Toys R Us is providing toys for sale as a service to the shopper, and makes no representations regarding the quality or durability or functioning of the toys, or any information relating to them. Any questions regarding any toy should be directed to the toy-maker.
You could repurpose the lines for supermarkets, car showrooms… anything. But it would be ridiculous. And it’s just as insane that Facebook does this, and gets away with it. Facebook provides the framework for these applications to run on, it thrives on them, it needs them to sustain its popularity. Washing its hands of any problems is as unacceptable as a shop selling goods and telling you it won’t answer questions about them or take responsibility for breakages. You open a shop, you put things in the window (Facebook provides a directory of apps), you have a responsibility to ensure that what you’re giving people access to isn’t dangerous in any way. When something is found to be dangerous or otherwise operating illegally, the duty is on the facilitator to remove the item so others don’t encounter the same issues.
Before anyone suggests this analogy breaks down where the day-to-day running of PCs and Macs are concerned, the likes of Microsoft and Apple don’t recommend you install viruses or trojans; they don’t advise you to install specific third-party apps, instead peddling their own software; and, they do suggest you take steps to protect your machines and personal information online. You can’t install protection on Facebook, you can only employ avoidance tactics.
So there you have it. Facebook won’t accept any responsibility for any of the applications you install on your profile, despite promoting them. So don’t install the applications, and remove any extras you’ve already installed. That’s my advice, until such time as Facebook changes its policy.
tags: Facebook, security breaches, unwanted applications
6 comments on “When is a rose not a rose? When it’s a Facebook app you didn’t install…”
May 16th, 2008 at 4:19 pm
Ugh, I do not like Facebook for that very reason. Every time I log in, I have to go through a long list of “install this ap” requests. I ignore them all. No offense to anyone who has sent me one.
May 16th, 2008 at 6:22 pm
@Howard: I’m completely with you on that score. But there is somewhere you can set it to ignore all such requests now and in the future. It’s not easy to find but there’s definitely a setting. x
May 19th, 2008 at 2:54 pm
Tbh this is just one reason I have more or less stopped using facebook. I found the endless spam to be annoying, and I really couldn’t be bothered with all the stuff I seemingly had to do. The last time I logged on was to respond to my nephew.
*mini rant*
My sister and her husband are allowing my 10 year old nephew to use facebook. Are they nuts?
May 19th, 2008 at 3:03 pm
I found your new blog on livejournal today, Kitty, before seeing your comment here–I tried to comment but you’ve set it up not even to allow ‘anonymous’ comments, only livejournal users and I personally can’t stand livejournal because it’s so incredibly hard to leave feedback most of the time. Case in point! But I did try…
And I think a 10 year old left to run loose on Facebook is a bit silly to say, the least, dangerous possibly as well. x
May 19th, 2008 at 4:19 pm
heh heh heh, I should have fixed that now, it defaults to not allowing anonymous comments, but I have changed that now. So feel free to try again!
May 19th, 2008 at 6:18 pm
I’ll update my blogroll ASAP. I can’t remember my comment now though!
have your say
You must be logged in to post a comment. Registration is free, and easy.