By now we’ve all learned that posting too much information on Facebook can be a security risk, and that we should be careful about giving apps too much access to our private information. Even so, it’s hard to know which apps are safe. The new, free App Advisor tool aims to help with those decisions. Before you install an app, it offers an overall reputation rating with a link to detailed information about why the app got the rating it did.
Also free, and from the same publisher, secure.me is an app that will check the security of your Facebook account (or your child’s), including posts, photos, friends, and even the overall mood of your profile. By using secure.me and App Advisor together, you can keep a tight rein on your private information.
When you visit the App Advisor website at http://apps.secure.me using Chrome, Firefox, or Safari, it offers to install a browser extension. It doesn’t integrate with Internet Explorer, but under IE you can still search for detailed information on specific apps by name, category, permissions requested, or developer. There’s also a random scrolling feed of app icons, each with a color-coded safety rating. See one you recognize? Click it for reputation details.
The browser extension adds one tiny button to the toolbar. If the current website is associated with an app, clicking the button will get a reputation summary. If not, it offers a link to App Advisor online.
Really, though, you’ll rarely need to click the button. Whenever you navigate to a site associated with an app the browser extension slides down a banner reporting on the app’s reputation level: very poor, poor, medium, high, or very high. Occasionally it may report that the site’s reputation hasn’t yet been determined.
The reputation banner includes a “View Details” button that links to the site’s full App Advisor report. This report details the Facebook permissions requested by the app, lists possibly unwanted behaviors reported by users, and summarizes ratings assigned by other App Advisor users.
Within the permissions pane, App Advisor separates permissions related to your personal data from permissions related to data about your friends. It flags each permission element as public (green), private (yellow), or critical (red). Pointing the mouse at any permission element gets a popup explanation. For example, the “Friends’ Birthdays” permission is critical because the information could be used in identity theft.
In some cases you’ll find a list of extended permissions for actions the app can perform, things like posting on your behalf, accessing Facebook chat, and accessing your profile even when you’re not online. App Advisor warns that these are potentially risky and offers a link to a settings page where you can revoke these extended permissions.
App Advisor can extract information about permissions from the apps themselves, but the behavior information comes from users. Any user of App Advisor can report that the app doesn’t work, or that it seems like malware. Other potentially unwanted behaviors include sending email, sending app requests, and posting on friends’ timelines. With the click of a button you can enter your own behavior report and optionally add a review.
User ratings come specifically from App Advisor users; they’re not related to star ratings in Facebook’s own App Center. The page where you note unwanted behaviors is also the page that lets you enter your own app rating.
App Advisor in Action
Out of several dozen apps I checked, all but a few received ratings from App Advisor. For the most part, the ratings made sense, but simply resolving to accept only those with high or very high reputation could be a mistake. For example, the People app from Windows 8 lets you view your news feed, make new posts, comment on posts, and so on, all within the modern UI. It has a very poor reputation because it needs a ton of permissions to manage those tasks for you. That’s just the nature of the app.
Clearly you have to use common sense. A Facebook surrogate needs full access to your profile; a bubble-popping game asking for that same level of access would be highly suspicious. If an app you want to install gets a poor rating from App Advisor, dig into the details and consider whether the behaviors described make sense for that type of app.
Other Facebook security apps can also get dinged because they need significant permissions in order to check your security. Bitdefender Antivirus Plus 2013 comes with an app called Bitdefender Safego that watches for dangerous links in Facebook posts. App Advisor gives it a very poor reputation. Norton Safe Web Lite serves a similar purpose and comes with Norton AntiVirus (2013) . According to App Advisor, its reputation is medium.
The one thing I missed was an easy way to get App Advisor’s take on already-installed apps. App Advisor is a watchdog over apps, not an app itself, which makes sense. But that also means it doesn’t have access to your list of apps. Still, it can check for reputation any time you use an app, so you won’t be blindsided.
If an app has no user behavior reports or ratings, its reputation will depend completely on the permissions it has requested. As more users download App Advisor and rate or report apps, it should become more and more accurate.
Suspenders and Belt
They say that Facebook isn’t the product; you are the product. The looser you are with personal information, the more valuable you become to Facebook’s advertisers. Still, if you’re careful, you can enjoy the social connections the platform offers without opening your personal life to the world.
First, tighten up your Facebook security settings according to PCMag’s advice. Second, install secure.me to check for problems with security and privacy in your posts and other content. Finally, check with App Advisor before you install a new app. Now if your office Christmas party karaoke video goes viral, it’ll be because you chose to make it public.
More Security reviews:
|Tech Support||Knowledge base and email.|
|OS Compatibility||Windows Vista, Windows XP, Linux, Mac OS, Windows 7, Windows 8|
Copyright © 2012 Ziff Davis, Inc