H4cked Off: DisgraceBook

Facebook attempts to become more secure. All very admirable, but does it succeed?

In my last two blogs I've written about my recent experience at the hands of a hacker.

I've now managed to retrieve all the internet services he stole, but my Facebook account is still suspended, and seems unresponsive to my efforts to reactivate it. I can almost understand why a free site with 600 million users doesn't have a phone support service, but they do appear to be missing a trick.

Facebook recently revealed that it has raised $1.5bn (£0.95bn) in investments, putting its overall valuation at around $50bn (£31.5bn). It has raised this capital by flogging portions of itself off to investors.

Would it have had to do this with a premium rate support service, say £1 per minute? It'd make an absolute killing - largely from kids and teenagers on their parents' phone lines admittedly, but cash is cash, and parents are easily ignored when you're a $50bn business. But I digress.

Having lost my account I'm in exalted company. Facebook founder Mark Zuckerberg's own fan page on his site was hacked shortly after mine. Coincidence? I can picture the master hacker at work: "We've got Sumner, now for Zuckerberg."

Unsurprisingly, getting the big Z's page back under control has proven to be a higher priority for the company than any issue of mine. Whatever happened to ‘customer first'?

The social media site is often criticised for the fact that most of its security features are off by default, with the universal law of inertia meaning that most users' data is available to prying eyes. In an effort to generally beef up security, Facebook this week introduced Secure Socket Layer (SSL) encryption. So information sent between users and the site will be encrypted in transit. Unless your system is infected by a keylogger. Or a bot. Or you're subject to a man-in-the-middle attack.

For those not in the know, that's where the hacker sits between the parties (say the user and Facebook) when relaying communication between the two. They believe they're talking to one another, unaware that it's all being digested and managed by the malicious party.

This is exactly