Honeypotting, Social Networking and You (or When You Can’t Trust Your Friends on Facebook).

I don’t know how people keep getting caught up with their online social presence like they do, what with the dozens of stories that seem to come out each week about someone who’s been burned by their social networking activities. I’d like to say that I’m lucky that it hasn’t happened to me but it’s got nothing to do with luck and everything with the company I keep. All of my friends are aware of the impact putting up compromising pictures on the Internet and there’s an unspoken agreement that nothing of the sort will make it up there. However for those people out there who have “friends” who delight in posting embarrassing pictures of them online and haven’t learnt the privacy settings of Facebook there’s a lot you can do to make sure that they don’t come back to bite you in the ass.

The idea I’m talking about is called honey potting.

The nomenclature comes from the IT Security/hacker crowd and is used in reference to a system that’s set up to be attractive to people with less than righteous intents. In essence you’d set up this system so that a would be hacker would target it first and you’d set up alarms in order to alert you to when someone’s going in there. The core of the idea is that not only do you know that the intruders are coming you also control exactly what they see in that honey pot environment. Extrapolating that idea to the world of social networks and the potential for embarrassment contained therein the idea would then be to craft an online persona that’s more easily found via a cursory Google search than those compromising Facebook pictures are.

For me this was done accidentally when I created this blog. My name is tagged on every post and after 3 years of blogging any search for my name usually ends up with this blog at the top or something equally safe such as my LinkedIn profile or Twitter page. Facebook is much further down and contains barely any details on me at all (apart from a few pictures) meaning that the impression that a potential future employer will get will be mostly shaped by what they see on those other sites. Sure it’s not exactly a quick fix that people would be looking for but it works.

This strategy won’t help you too much if your employer asks for your Facebook login upon applying for a job though. Should they do that however I’d advise you to turn tail and run as far away from them as you can since a company that requires that level of invasion will more than likely screw you in more ways than you can imagine. I have no sympathy for people who willingly put compromising information on a public forum but an employer has no right to ask for that level of access.

Of course this doesn’t excuse the questionably ethical process of tracking down all the information on a potential candidate. Whilst the ultimate solution is abstaining completely (although that can lead to the undesirable situation of the Internet making your persona for you in the mind of the searcher) most won’t choose to do that. Hell even if you can manage your friends it’s still a good idea to craft an online persona that looks the way you want it to be, rather than one that constructs itself.

Leave a Reply