Facebook users call for application “walled garden” to protect against attacks

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

What many folks don’t realise is that Facebook is much more than a social networking website, it’s a platform with over half a million active applications running upon it.

Inevitably some of these third-party applications are written with malicious intent – designed to steal information, spread virally, or spam unsuspecting Facebook users. Anyone can write a Facebook application, and it can be made available to the site’s over 500+ million users without any vetting by Facebook’s security team.

So, it’s no wonder we see so many malicious attacks by rogue Facebook apps every day.

Last week, I asked a simple question of our blog readers

Should Facebook follow Apple’s example, and have a “walled garden”, verifying all apps?

and the response was a resounding “Yes”.

Poll on whether Facebook should verify all apps

I’d love to see Facebook to follow the example set by Apple when governing the iOS App Store. Apple checks every app submitted to its store, but Facebook does nada preferring things to be relaxed, free and easy. It would certainly make life much harder for those scammers, identity thieves and con artists who are actively exploiting users via rogue applications right now if a rigorous verification system were put in place.

Or, at the very least, Facebook could do what some members of the Sophos Facebook community suggested, and give users a security option meaning they would only be able to install Facebook apps that had been verified – and not be pestered by apps that hadn’t bothered to go through the process.

Sign up to our free newsletter.
Security news, advice, and tips.

The question now is – are Facebook brave enough to take the step for the benefit of their users? Let’s not forget – this is people’s personal identities and information that are at risk.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.