I have been spending some time creating demo applications that connect to the Facebook API. While Facebook seems to have done a pretty good job at securing this service and keeping the user in control of what content is posted to their accounts, I still worry about the possible security breaches.

As the Facebook platform and user base grows it becomes an increasingly juicy target for spammers, hackers, and thieves.

CBC reported on this in April, but I think the risk is much higher now because of the release of the API and all the new applications coming out. My friends are adding and removing tons of applications daily; some are neat, most are useless, hopefully none are malicious. What worries me the most is that people add these applications under the impression that they are safe.

It wouldn’t be hard for someone to make a desktop application that says it connects to Facebook only to steal your login information and all the data in your account.

The Facebook developer community is said to be growing by 1000 people per day. I wonder how many of those people are looking for ways to use the service maliciously.