Select language / زبان خود را انتخاب کنيد

Social Media Security


Web surveillance has become a huge and advanced industry. From governments and intelligence services, through companies and advertisers, to criminals and hackers, more people than your think are interested in the information you post and view on Facebook, Twitter and other so-called social networking media. Below are some tips to help you protect yourself, as much as possible, when using these platforms.

1. Don’t use your personal Facebook and Twitter account for political activity.

Why? Because if your account is monitored or hacked, not only will your personal life be exposed, but also that of your family and friends.

2. Don’t use your real name, your personal email account or picture for your political Facebook and Twitter accounts. It’s safer to use a new, separate email account that you only use for your this purpose.

Why? Because if your Facebook or Twitter account is monitored or hacked, and you are using the same personal details, including your email address, for things like banking and other things that involve sensitive information, then the damage could be much greater. If you live in a country where online activity is heavily monitored by the state, using your real name, your picture and other personal details, such as your place and date of birth, might simply be a recipe for being caught or profiled very quickly.

Note that your name, your profile an cover pictures, and your ‘networks’ on Facebook are treated as ‘public information’ accessible by anyone, so changing your privacy settings does not affect these three things.

Note also that Facebook’s Terms of Services include a policy on names, which prohibits those who join the platform from using pseudonyms. But many people do, of course. Just make sure the name you choose sounds like a real one.

IMPORTANT: It may be wise to get a whole new phone and a new phone number to use for your political Facebook, Twitter, etc., especially if you’re using smart phones to access them. Social media platforms are increasingly hassling people about their phone number and linking this to other things they do, whether for marketing or monitoring purposes. On the plus side, it is sometimes useful to provide a phone number because it helps secure and retrieve your account in case anything happens.

If you do provide a phone number, Facebook has a feature for enhanced login security called ‘Login Approval’ (in the ‘Security’ tab in ‘Account Settings’). This requires you to enter a code sent to you via a text message if Facebook did not recognise the device you (or someone else!) are using to log in. This is useful to prevent your account from being hacked. There are also other features in there, such as ‘Trusted Contacts’, to help you reclaim a hacked account or if you forget your password.

3. Use a strong password and change it every now and then. Don’t use the same password for Facebook and Twitter that you use for other things. And remember to always log out when you finish your session.


4. Use a browser (preferably Mozilla Firefox) to log into Facebook and Twitter, rather than using special FB or Twitter apps (e.g. on smart phones).

Why? Because apps save passwords and other private information; they sometimes don’t allow you to log out; and many do not seem to use a secure connection (see the next tip below). So if your phone is lost, stolen or confiscated, all this information will be potentially compromised.

Of course apps do make life easier, but you should only use them if you can be sure that their privacy and security settings are as good as your secure browsing settings.


IMPORTANT: The best way to ensure that you are browsing the web ‘privately’, i.e. without widgets and plugins sharing your data with social networking sites, is to use two separate browsers, say Chrome and Firefox, for example. Use the first one for all general web surfing (after clearing all your cookies and logging out of all social networks on this browser) and use the second only for Facebook, Twitter and other social networks (again, after clearing all cookies first). Do not use the second browser for any other web surfing. Also, on your first browser install plugins like Disconnect, which blocks all widgets from connecting to common social networking sites.

5. Always use a secure connection to connect to Facebook, Twitter, etc. (i.e. URLs that start with HTTPS rather than HTTP).


How? In your Facebook’s Security Settings, you will notice an option that allows you to enable ‘secure browsing’. By enabling it, all your activity on Facebook will be over an encrypted connection from now on. Twitter uses an encrypted connection by default.

IMPORTANT: You should definitely enable this feature if you are using Facebook on public computers, such as in libraries and internet cafés, or if you are using public wi-fi access points. Even if you are connecting from home, it’s a good idea to enable it anyway.

6. Use anonymous browsing to connect to Facebook and Twitter.

Why? Even if you have secured yourself against intruders eavesdropping on your connection, Facebook & co. may still know exactly who you are, where you are, and what you are doing on their platforms. And from experience, these companies can hardly be trusted with not sharing this information with other ‘interested parties’. (Remember when Yahoo handed over critical information on Chinese dissidents, including their IP addresses and the content of their emails, to the Chinese government, leading to their prolonged imprisonment?)

In your Facebook’s Security Settings, you will notice, for example, that Facebook knows (and records) the geographical location from where you are logged in, based on your IP address, along with information about the device you are using to access your account (your web browser and operating system). You can see this in ‘Active Sessions’, the last field in the ‘Security Settings’ tab. If you download a copy of your Facebook data (which you should do regularly), you will find a log of all the locations from which you accessed your Facebook account. You can prevent Facebook from knowing this by using private or anonymous browsing.


NOTE: The ‘Active Sessions’ feature is actually useful to check if anyone else has accessed your account. If you are not using Tor (as described in the above-mentioned anonymous browsing tip), you can check this field regularly to see if there have been any unusual locations or devices used to access your account that do not match yours (that probably means your account may have been hacked!). In this case, change your Facebook password and security questions immediately and notify all your Facebook contacts who may be at risk.

Whilst in there, delete all the previous sessions and enable ‘Login Notifications’, which notifies you, either by email or text message, whenever your account is accessed.

IMPORTANT: Note that if you use Tor or certain VPNs, Facebook may block you from your account because they may think it’s someone else trying to hack your account. If you really want to use them, it is recommended that you provide a phone number or other information to verify that it is you who is logging in.

7. Limit who can access your information on Facebook, Twitter, etc.

Why? Because privacy is security. Attitudes such as “But I don’t have anything to hide” ignore the fact that social networking platforms such as Facebook and Twitter are owned by massive private companies that make their money mainly by collecting information about users and selling it on to advertisers and God knows who. They also don’t really have any other guiding principles, so when a government or intelligence service cracks down on dissidents or targets someone using such platforms, these companies will often cave in and ‘collaborate’ in order to protect their commercial interests.

How? In your Facebook’s ‘Privacy Settings’: Set ‘Who can see my stuff’ to ‘Friends’; Limit the audience for your old posts; Set ‘Who can contact me’ to ‘Friends of friends’; Choose ‘Strict filtering’ for your messages; Set ‘Who can look me up?’ to ‘Friends’; and Turn off the option allowing search engines to link to your Timeline.

In the ‘Timeline and Tagging’ tab : Set ‘Who can add things to my timeline?’ and ‘Who can see things on my timeline?’ to ‘Friends’; Enable the ‘Review posts friends tag you in before they appear on your timeline?’ option; and View how your Timeline looks to the public and to your friends.

In the ‘Followers’ tab, set ‘Who Can Follow Me?’ to ‘Friends’ or ‘Friends of friends’, unless you want to enable other people (‘Everyone’) to follow your public posts (News Feed).

In the ‘Apps’ tab, turn the platform off completely. This will prevent apps from storing and using your Facebook information and activity. If the platform is turned on, make sure you untick all the things that other apps and sites use but you don’t want them to, and disable ‘Instant Personalization’ (this collects a lot of information of your Facebook activity).

In the ‘Ads’ tab, set the ‘Third Party Sites’ and ‘Ads and Friends’ sharing options to ‘No one’. This will prevent your Facebook information and activity from being used in ‘targeted advertising’.

IMPORTANT: An important setting that is often overlooked (and is annoyingly hidden away in a confusing place!) is limiting who can see your Friends and Following lists. To change this, go to your Timeline (by clicking on your name in the top bar), then click on the ‘Friends’ link at the top of your friends box. Click the Edit button in the top corner (looks like a pencil) and select ‘Edit privacy’. Here, set all three options (who can see your friends list, the people and lists you follow, and people who follow you) to ‘Only me’.

Finally, go to your Timeline again (by clicking on your name in the top bar) and click on the ‘Update Info’ link on the cover photo. Set all the sharing options (by clicking the editing pencil button) of each section there to ‘Me only’, or to ‘Friends’ if you know and trust everyone on your friends list and want to share this information with them. But remember, if a friend’s FB account gets hacked, then the information that you thought was not public but only shared with friends might be compromised. The important thing is not to set any of these options to ‘Public’, especially the ‘Likes’ section, and to not display your personal details, such as your email address and date of birth, on your timeline. And obviously do not enter your real or complete address.

If you don’t want the photos you upload to Facebook to be publicly accessible, you have to change their visibility settings separately. Go to your Timesline, then click on the ‘Photos’ link under your cover picture. Click on the edit pencil icon and select ‘See Photos hidden from Timeline’. In there, you can change the visibility setting for each album or picture you have uploaded. It’s recommended to set them all to ‘Friends’, especially your personal/profile pictures.

Twitter has similar – though less complicated and confusing – privacy settings to the ones discussed above.

Remember: even if no one else but yourself can see your Facebook or Twitter information, Facebook and Twitter themselves still have access to it. You should not assume that they would never share it with governments and intelligence services if asked for it. History proves the opposite.

8. Liking and following pages:

The list of pages you are affiliated with on Facebook (by ‘liking’ them) is considered public information and is normally accessible to anyone, including people you are not friends with, advertisers and so on. But you can at least hide this information away so that it is not readily available to curious intruders.

Why? In countries where political repression and online surveillance are a big issue, being affiliated with a dissident Facebook page may put you at risk, or at least highlight you as a potential target.

How? The privacy and visibility settings of your public profile include settings for your ‘Likes’. Go to your Timeline (by clicking on your name in the top bar) and click on the ‘Update Info’ link on the cover photo. Click on the edit pencil icon in the top-right corner of the page and select ‘Manage Sections’. In the pop-up window, you can untick ‘Likes’, ‘Events’, ‘Groups’ and any other section that you do not want to show on your public profile page. For the sections that you do choose to show, you can change their privacy settings (who can view this type of information) by clicking the edit button for that section on your profile page and editing the ‘privacy settings’, as explained in the previous tip. For example, you can show your personal and family details only to your ‘close friends’, or hide it from certain friends that you can specify, or you can choose to make the information visible to ‘Only Me’, which is always the safest option.

To double-check what information others can see about you, click the ‘Preview my profile’ link to see what your profile looks like to your Facebook friends, the public and so on. There are also websites, such as Reclaim Privacy, that provide independent and open tools for scanning your Facebook privacy settings.

9. Think carefully before you post, like or share anything, especially about who should or shouldn’t see it.

How? You can now change the sharing or audience option on each individual Facebook post from a drop-down menu provided within the ‘Update Status’ box. When in doubt, use the ‘Preview my profile’ link on any privacy setting page to check how your information appears to others. The ‘Protected my Tweets’ feature in Twitter provides a similar – though not individualised – option. If enabled, your tweets will only be visible to your approved Twitter followers.

Likewise, think carefully about who you allow to become a ‘friend’ or a ‘follower’, because once you’ve accepted someone’s friendship request, they can access any information you’d set as viewable by your friends. Of course you can always remove friends and block people, but it’s better to be careful from the beginning.

10. Make sure you know and understand what information Facebook, Twitter, etc. collect on you when you use them. You can do this by reading their privacy policies, as well as online privacy and security guides like this one.

For example, according to its latest privacy policy, Facebook collects information on you including your Facebook activities, such as adding a friend, creating a photo album, ‘liking’ other people’s posts or sharing links, pictures and videos. It also collects information on where you access Facebook from, with what sort of compute or cell phone, your exact location (your IP address), cookies, as well as information on other Facebook users who interact with you.

11. Logging in and out: Always remember to double-check that the web address (URL) you are using to log into Facebook, Twitter, etc. is the correct one (,, just in case you had been directed to a fake login page through a link (this is called ‘phishing’). And check there is an S or a lock sign at the beginning of the address bar (i.e. you are on an encrypted connection).

When you finish, always remember to log or sign out, rather than just closing the page or the web browser. If you want to be ultra sure that no one else can use your Facebook or Twitter account, you can deactivate your whole account each time you are finished with your session, then reactivate it next time you log in. You can do this from the ‘Security Settings’ page in Facebook, and in the general ‘Account Settings’ page in Twitter. Deactivation does not delete your account; it just removes your profile and the content associated it from Facebook or Twitter.

12. Prepare yourself for a world without Facebook and Twitter!

Your Facebook posts and Tweets, your contacts and everything else you do whilst using these platforms is stored on their servers, not yours. So if your account gets hacked one day, or is suspended for violating their terms and conditions, then you will find yourself having lost all that information. Well, unless you’ve backed it up!

How? In Facebook, on the ‘General Account Settings’ page, you can ‘download a copy of your Facebook data’. It’s recommended to do that on a regular basis. Similarly in Twitter, on the general account settings page, you can ‘request your Twitter archive’, which includes all your Tweets. There are also independent sites and programmes, such as SocialSafe and ArchiveBook, that do this.

More importantly, perhaps, you should not be totally dependent on these platforms in everything you do. Be prepared for a day when Facebook and Twitter are blocked, or simply the internet is cut off altogether. Would you stop doing political activism then or do you have alternative plans in place?


Further reading:

– ‘How to Protect Your Private Information on Facebook’:

– ‘Facebook Security Best Practices’:

– ‘How to organize on Facebook securely’:

– ‘Facebook Privacy Toolbox’:

– Also check Facebook’s and Twitter’s own ‘safety tools’, e.g.



Latest News from Syria – 18 November 2013

– Opposition forces lose important, loved commander – Aleppo independent media centre destroyed in air strike – Opposition forces battle Shi’a militias in Sayida Zaynab, Damascus OPPOSITION FORCES LOSE IMPORTANT, LOVED COMMANDER Syrians were today morning the death of Abdul-Qadir Saleh, the popular commander of al-Tawheed Brigade. […]

Read more

‘I don’t care when or where I die’

‘I don’t care when or where I die’

“I don’t care when or where I die. All I care about is for the revolutionaries and their chants to continue filling the earth with noise until there is no more injustice built on the bodies of the poor and the helpless.” – Taftanaz, Idlib, Syria  

Read more

Yarmouk Palestinian refugee camp

Yarmouk Palestinian refugee camp

The picture below is (what used to be) the Yarmouk Palestinian refugee ‘camp’ in Damascus. The Assad regime has killed more Palestinians in Syria than the 65 years of Israeli Apartheid in occupied Palestine.  

Read more

150,000 Syrians dead

Over 150,000 Syrians have died in the past two and a half years. Over 150,000 people! And that’s only the confirmed deaths. If you were to read just the names of these dead, you would be reading non-stop for three and a half days. And who’s responsible […]

Read more

Nasrallah: We will remain in Syria

Nasrallah: We will remain in Syria

“As long as the reasons [to fight in Syria] remain, our presence there will remain.” – Hasan Nasrallah, Ashoura speech, 14 November 2013 COMMENT FROM THE EDITOR: Of course Mr Nasralla did not tell us what “the reasons” are. As usual, he keeps it vague and rhetorical. […]

Read more

‘Down with the Arab Socialist Da’sh Party’

‘Down with the Arab Socialist Da’sh Party’

Syrians are now not only fighting the regime and its allies (Hezbollah, the Iran and Russian governments, etc.) but also against the foreign jihadi and salafi forces and their backers (Saudi Arabia, Qatar, etc.). One of the most notrious of these has been the Islamic State in […]

Read more

Story of child who survived the Ghouta chemical massacre

Story of child who survived the Ghouta chemical massacre

Sixteen-year-old Muhammad lost his entire family in the chemical massacre in the eastern suburbs of Damascus in August. He only survived because he was working a night shift in a hospital. His father died from the effects of the sarin gas after rushing to the scene to […]

Read more

‘He who agrees with the action of a group…’

Imam Ali said: “He who agrees with the action of a group of persons is as though he joins them in that action. And every one who joins in wrong commits two sins; one sin for committing the wrong and the other for agreeing with it.” What […]

Read more

O Douma

O Douma

A short, home-made documentary about the destruction of the Duma suburb of Damascus in late 2012, made by one of its residents. “The idea of the film was to show how a city is invaded and violated by the Syrian army,” the filmmaker wrote. WARNING: The last […]

Read more

Syrian protests: ‘No to Iranian Occupation of Syria’

Syrian protests: ‘No to Iranian Occupation of Syria’

A scene from a demonstration in Bustan al-Qasr, Aleppo, on Friday 8 November 2013, dubbed ‘The Friday of No to the Iranian Occupation of Syria’. Source:  

Read more
Page 28 of 28« First...1020...2425262728