Facebook's security feature

Disclaimer: Accessing social networking sites from a corporate network with VPN is a security breach and may result in legal action. But this policy can be broken with hidden approval and unofficial support :-). Check this feature at your own risk and in no way, I would be held responsible for any of your lawsuits.

Last night, my brother finished browsing and I logged onto Facebook. After clicking the login button, I got a warning message saying: You are signing in from a location we're not familiar with. For your protection, please take a moment to answer a few security questions. Then, I realized my brother had forgotten to disconnect the UK VPN which he was using for awhile. I closed the browser and started the screen-recording application, Camstudio. With my brother’s permission (At his own risk. Hope he doesn't read this post.), I signed into facebook with the VPN connection.

After logging in, the URL pointed to Roadblock and the screen indicated a 4-step security check. After the Captcha verification, the screen displayed a warning: To pass, you cannot get any answers wrong. If you aren't sure about a question, please skip it. You can only skip 2 questions.

• The first photo was one of my ex-colleagues
• The second photo was one of my school mates
• The third photo was also one of my ex-colleagues
• The fourth photo confused me a bit. I thought of skipping, but after scrolling down, I found him to be my school mate
• The fifth photo didn’t load for a long time and I pressed the skip button
• The sixth photo was my boss. After correctly answering 5 questions, I was not prompted to take the 7^th question

Now, the security check got over and I got a thank you message saying my account was successfully restored.

I googled for this feature and found someone who couldn't login because of this feature.  Those who have gone abroad and accessed facebook would have been very much surprised by this feature.The facebook’s security feature clearly gives a different perspective of implementing security. This incident reminds me of one of my ex-colleague’s session on the difference between a Programmer and a Developer. I feel I am a programmer yearning to become a Developer :-)

PS: Due to the encoding done by the hosting site (Viddler), the video will be a bit blurred. As I recorded the video in a wide-screen flat monitor, please change your screen resolution to 1280 by 1024, if you feel the video quality is not good.

Edit: The video got deleted.

Facebook's security feature video

Email routed to Manager

One of my college-mates is getting married and he decided to give us a party. So, he started an email thread and asked our suggestions. As usual, the thread was getting diverted from the discussion and my friends started fighting.

(Un)fortunately, I was also in the list and he being a hostelite, was in touch with a lot of friends in all the departments. I being a day-scholar, have seen most of them in hostels (when we bunk classes) but never interacted with them.

There were a lot of responses and one day there was a reply from Anuj. I wondered as to which department this guy belonged to. After opening the mail, from his signature, I came to know that he was a Project Manager in my friend's company. (Please click the above image and read the email. For privacy concerns, I have obscured a major portion.) 

From his email, I came to know that my friend had resigned a few months back and all the emails to his ID were routed to this Project Manager. Though the manager had requested us to remove the Email ID from the Emailing List, I was worried as to how many official/personal emails would have Anuj read.

If a person had resigned, the mails addressed to him would bounce back saying: The recipient's e-mail address was not found in the recipient's e-mail system. But, this was a very strange experience and this practice of automatically forwarding the emails to the managers is unethical and an intrusion to one's privacy. It's better to disclose such policies well in advance to the employees.

From this incident it’s clear that if you resign, do inform your friends about the job change and ask them to update their Address book. Also, don’t give your office email ID to the banks and other official purposes.