Study Finds Facebook’s Mutual Friends Feature “Creates Security Risks”

facebook-privacyA study from the University of Pittsburgh School of Information Sciences has found that Facebook’s Mutual Friends feature is a potential security risk that also raises concerns about user privacy.

The study used a computer simulation program to attack 10 random groups of Facebook users consisting of between 500 and 5,000 users. Using shared interests, the simulated hack was able to reveal 60 percent of the users’ private friends. While the ability for hackers to see Facebook users’ friends doesn’t seem like a malicious threat, the study’s authors pointed out that a lot of potentially damaging information can be gleaned by a simple list of who an individual is friends with.

“Being able to see mutual friends may allow one to find out important and private social connections of a targeted user,” wrote University of Pittsburgh School of Information Sciences Associate Professor of Information Assurance and Security James Joshi, the study’s principal investigator. “An attacker can infer such information as political affiliations or private information that could be socially embarrassing. More important, the information that’s gathered could be used, in combination with other background information about the targeted user, to create false identities that appear even more authentic than the actual user.”

While the vulnerabilities uncovered by the study are disturbing, it’s unclear how Facebook users can address it. Do you think Facebook users should be more judicious about who they’re friends with, or should Facebook itself take charge of eliminating these potential hacks?