According to the blog post one of the most common privacy complaints was that users were unsure who could see their postings and that these settings could be clearer across the whole Facebook site.

To make the system more straightforward, Facebook are moving most of the privacy controls from the settings page to right next to the posts, photos and tags they affect.

Other changes include:

• In line controls - each item on a user’s wall has individual privacy options, such as public, friends and custom
• Tag takedown - the ability to remove tags of self, ask the person who tagged you to remove it, or block the tagger
• Universal tagging - users can tag anyone, not just Facebook friends. Other person can choose not to accept the tagged post on their profile
• Location tagging - geographic locations can be added in all versions of Facebook, not just mobile app
• Profile view - the option to see how others view your profile is added above the news feed

The new privacy options will begin to be rolled out across the site from Thursday 25 August.

Telecommunications provider Nokia took down its developer community website after a hacker obtained database tables with user account information. Nokia conducted a thorough investigation, and have discovered that a database table which contains developer forum members’ e-mail addresses has been hacked into. Hackers exploited the vulnerability in the bulletin board software that allowed an SQL injection attack.

Primary Details On The Investigation

During the initial investigation, the company believed that only a small number of the records had been accessed. However, further investigation proved otherwise. It has been found that a significant number of records are stolen. Records stolen includes the members’ e-mail addresses, public profile information, birth dates, homepage URL or usernames for AIM, ICQ, MSN, Skype or Yahoo. Passwords or password hashes are not hacked. The records stolen are not sensitive, though.

Additional Details On The Probe

Nokia said only 7 percent of forum users provided public information. It believed the security of members’ accounts are not at risk because the database that was hacked, does not contain sensitive information such as credit card details or passwords. The only potential threat to forum users is unsolicited e-mail, they added. Nokia apologized for the incident, and is currently communicating with the affected forum members. Immediately addressing the hacking situation, Nokia took down the developer forum website offline.

Nokia’s Developer Community Website Also Hacked

The company’s developer community website was also defaced. The individual or group responsible for the hacking, replaced the site’s display picture with a picture of a cartoon character Homer Simpson. The hackers also sent a message to tell that the website was “Owned by pr0tect0r AKA mrNRG”.

Nokia Warned To Beef Up Security

The ones responsible for the hacking also left a message to criticize Nokia for its lax Web security, and warned the company to improve its security measures to guard against future antisec attacks. At the end of the message, it suggests that the hacker doesn’t not intend to abuse the stolen data.

Hacking Connected To Another Incident

The hacking incident at Nokia is related to another recent cyber attack. The individual or group behing the Nokia hacking is connected with a recent attack against Defense.pk. Defense.pk is an independent news and forum site that discusses Pakistan’s military.

After Hack

Nokia Statement

April 11, 2011: Sony announces the case between George Hotz and Sony has been settled out of court and that Hotz has agreed to take down his website.

April 13, 2011: Anonymous releases a statement announcing they will intensify their attacks and calls for a day of protest against Sony on April 16, 2011.  Anonymous releases a video with the message, “In the eyes of the law, the case is closed, for Anonymous it is just beginning…prepare for the biggest attack you have ever witnessed, Anonymous style.”

April 16, 2011: Sony Online Entertainment is breached by hackers and 25 million users’ personal details have been stolen.  European users’ credit card/debit card information may also have been compromised.

April 17, 2011: Anonymous breaches into the Sony Playstation Network and steal ~77 million users’ personal information.

April 19, 2011: Sony detects the Playstion Network breach and begins damage control.

April 20, 2011: The Playstation Network is shut down, citing technical problems.

April 26, 2011:  Sony releases a statement disclosing the Playstation Network breach, and reveals that the Federal Bureau of Investigation has been called in to assist in the investigation.

May 4, 2011: Kazuo Hirai, chairman of Sony, discusses the series of attacks with a US Congressional committee.  During this meeting, Hirai reveals that the hackers left a ‘callin card’ implicating the hactivist collective, Anonymous.  The investigation revealed a file named “Anonymous” with the motto “We are Legion”.  Hirai says, “Security teams were working very hard to defend against DoS attacks, and that may have made it more difficult to detect this intrusion quickly – all perhaps by design.”

Later that day, a statement released supposedly by Anonymous, denies theft of credit card data but does not deny breaking into Sony’s computer systems or accessing personal data.  The statement said, “We are trying to fight criminal activities by corporations and governments, not steal credit cards.”

May 5, 2011: It’s announced by hackers that a third wave of attacks will begin on Sony in the near future.

May 7, 2011: Sony falls victim again to a data breach, a massive leak of 2,500 “old records.”  This information was made available through a Sony website and had been indexed by Google.

May 20, 2011: F-secure notices a phishing page found on a Sony web server.

May 21, 2011: Sony Music Indonesia is defaced by k4L0ng666.

May 22, 2011: Sony BMG Greece is hacked via SQL Injection and the data leaked on Pastebin ( a favorite public repository for Anonymous) which contained 8,500 usernames, email addresses, telephone numbers and password hashes.

May 23, 2011: The hacking group, LulzSec, leaks Sony’s Japanese Websites via SQL Injection in www.sonymusic.co.jp.  The leaked database did not contain names, passwords or other personally identifiable information (PII).

May 24, 2011: Sony Ericson is hacked by the Lebanese hacker, Idahc, via SQL Injction.  OVer a thousands records were dumped to Pastebin.  The names, email addresses, and passwords of 2,000 were contained in the leak.

May 26, 2011: LulzSec releases 4.5 million records.  Denying any responsiblity over the misuse of the leaked data records.  Over 1 million users’ passwords, email addresses, home addresses, dates of birth, and administrator login passwords.  This also included information taken from AutoTrader users database, Summer of Restless Beauty users database, Sony Wonder coupons database, Sony Wonder music codes database, and Seinfeld Del Boca Vista database.

June 2, 2011: Sony BMD Belgium (sonybmg.be) and Sony BMD Netherlands (sonybmg.nl) databases leaked.

June 2, 2011: Tim Schaaff, President of Sony NEtwork Entertainment International releases a testimony statement stating, “Sony Network Entertainment and Sony Online Entertainment have always made concerted and substantial efforts to maintain and improve their data security systems.”

June 3, 2011: apps.pro.sony.edu is hacked via SQL Injection and 120 names, phone numbers and email addresses are dumped.

June 5, 2011: Sony Pictures Russia (www.sonypictures.ru) database is leaked.

June 6, 2011: Sony Music Brazil is defaced and hacked.  The hacking group “The UnderTakers” brought the website down for more than 12 hours.