Slashdot Mirror

← Back to Stories (view on slashdot.org)

Facebook To Add Remote Logout

Posted by timothy on from the best-not-get-hacked dept.

angry tapir writes "Facebook users will soon have a new way of knocking spammers out of legitimate accounts. The social-networking company is rolling out a new security feature that lets users see which computers and devices are logged into their Facebook accounts, and then removing the ones that they don't want to have access."

2 of 145 comments (clear)

  1. Re:Stating the obvious... by c0lo · · Score: 4, Interesting

    Yes, unless there is another, single-use password specifically for this purpose, sent to the contact email address.

    Pseudo-code for the spambot enhancement:
    0. break into account as usual
    1. adjust the account email address to something at your choice. Potentially, follow this by a change of the password for that account.
    2. kick out any attempt of any (legitimate or not) entity trying to login into the account.

    If the breaker is not a spambot but another human being, I don't think there is something that can be done without human intervention (i.e. the "kick-out" functionality looks to me like rather a cosmetic enhancement - like "Just don't say that I'm doing nothing at all").

    --
    Questions raise, answers kill. Raise questions to stay alive.
  2. Re:Stating the obvious... by jamesh · · Score: 4, Interesting

    Yes I can't see any solution that isn't going to hurt at least a little bit. Maybe they could have some fun with it though. As soon as someone hits the "log other session out" button, the account is prevented from sending any messages (stop you doing a spam-and-run) and a 60 second timer starts and the other session is alerted that someone wants to kick them out. If they click the 'contest' button then a fight to the death begins to prove which is the real slim shady. Each user is quizzed on facts about their friends that happen to be online (the account is locked to prevent you looking that stuff up) and whoever knows the least stuff about their friends gets kicked. The online friends judge which is the real user. If you don't know stuff about your facebook friends then you deserve to lose the account anyway :)

    If you had a webcam you could take a photo of yourself holding todays newspaper or striking a specified pose or something and your friends could decide if that is really you and if the picture is really current (because bot's don't know how to use photoshop :)

    My biggest concern is that it's going to be an arms race with facebook vs the bots and that over time the bots are going to have to be written smarter and smarter and that they'll eventually become self-aware!