terriko: Evil Soup (evil soup)
There's an interesting article up on NYT regarding Facebook's definition of "active users" for the purpose of its IPO. Here's the boing-boing link to the story for those who are sick of NYT's paywall nonsense interacting badly with privacy settings. But really, the interesting part is this:

In other words, every time you press the “Like” button on NFL.com, for example, you’re an “active user” of Facebook. Perhaps you share a Twitter message on your Facebook account? That would make you an active Facebook user, too. Have you ever shared music on Spotify with a friend? You’re an active Facebook user. If you’ve logged into Huffington Post using your Facebook account and left a comment on the site — and your comment was automatically shared on Facebook — you, too, are an “active user” even though you’ve never actually spent any time on facebook.com.

“Think of what this means in terms of monetizing their ‘daily users,’ ” Barry Ritholtz, the chief executive and director for equity research for Fusion IQ, wrote on his blog. “If they click a ‘like’ button but do not go to Facebook that day, they cannot be marketed to, they do not see any advertising, they cannot be sold any goods or services. All they did was take advantage of FB’s extensive infrastructure to tell their FB friends (who may or may not see what they did) that they liked something online. Period.”


The article goes on to point out that at least Facebook tries to count engaged users, unlike the way Twitter or Google have been criticized for counting users. So don't be too hard on them for that.

But here's the real kicker, and the first thing I thought of when I saw the paragraphs above:

The big question is how Facebook can put all of its “active,” er, engaged users in front of advertising?


So... will we see small ads with every like button? Am I going to get ads stuck on the end of the text messages I get with my friends' status updates? Having had this "flaw" in their numbers pointed out, it may behoove Facebook to demonstrate how this is an untapped resource on the advertising front... It's actually tempting to brainstorm about this as a creativity exercise, no matter how obnoxious excessive monetizing seems to me as a user.
terriko: (Default)
New post up at Web Insecurity: Will Facebook's choice of social authentication (face CAPTCHAs) lead to huge gains in facial recognition software?

Excerpts:
For many people with public profiles, flickr accounts, etc. it's pretty easy for a hacker to identify your friends. (Even easier if your would-be hacker is a jilted lover or angry sibling, but presumably those folk could also pass a regular CAPTCHA.) The key here isn't that this social authentication isn't hackable, though, it's that the hack has to be more carefully crafted to your account, and may well require a human to do the facial recognition necessary, thus slowing down the attack and doing exactly what CAPTCHAs were intended to do.
...
So the interesting question to me is "Will Facebook's choice of Face CAPTCHAs lead to huge gains in facial recognition software?" -- we're well overdue for gains in that area, actually, given that law enforcement is hoping to use facial recognition to stop crime and even terrorism, but the technology is so poor right now that if they used it now they'd likely be arresting a lot of innocent folk.


Read the rest here
terriko: (Default)
New post up over on Web Insecurity. Here's a preview:

Facebook now enabling annoying phone calls and paper junk mail?




Sophos points out that Facebook has made yet another change to the way it handles your information: this time, allowing third-party developers access to contact information on Facebook.

Now, part of me wants to just shrug: it's always been technically possible for third party developers to get access to this information because of the current state of web security.


Read the rest here.

(But the short version is that you might just want to take your phone number and address out of your facebook profile.)
terriko: (Default)
Originally posted on Web Insecurity, but it's short so this is a full cross-post.

Apparently Facebook hates privacy so much that they pay lobbyists to stop privacy laws



This maybe shouldn't surprise anyone, but Mashable is reporting that Facebook Lobbied to Kill Social Networking Privacy Act in the USA.


It's one thing to believe that privacy isn't important, or to make mistakes that expose users, but paying people to lobby against privacy legislation that might protect your users seems like a big step further. It makes me concerned as a user of the service.


Incidentally, Facebook has already broken Canadian privacy law (they're not the only ones), and likely the laws of several other countries, so I guess it makes sense that they wouldn't want to run afoul of further laws... but I really wish they'd do this by handling privacy issues better rather than paying people to make sure the laws don't come into effect. Maybe the law was simply ill-conceived (I haven't read it) but this really doesn't sound like the actions of a socially-responsible company. Very disappointing.
terriko: (Default)
This is a cross-post from my web security blog.

I'm happy to see that Gizmodo is already recommending that people disable Facebook Places in as much as you really can. And the article has a nice step-by-step on how to limit the amount your friends can (accidentally or intentionally) violate your privacy.

But I take issue with the fact that their examples were "you're lying to your girlfriend" and "you're cheating on your wife." Seriously? I know they were trying to be funny, but the implication you get from the article is that privacy should only matter in this way if you've got something to hide. But that's not the case:

What about a parent who doesn't want to advertise to strangers the exact geo-location of the parks his kids play in every day?

What about a woman who has received threats from unpleasant people who feel that women should not be involved in open source software?  (I wish I were kidding, but this happened to me, and other people receive threats from disturbed individuals online.)

What about someone shopping for an engagement ring who meets a friend at the mall?

There's plenty of reasons one might prefer privacy. I think maybe we would do well to include this sort of example in articles, so that even those living utterly honest lives will realize that privacy is important to them and people they care about.
Page generated Mar. 23rd, 2017 04:24 am
Powered by Dreamwidth Studios