Your MySpace Web Browser Is Coming

Article found via digg

Your MySpace Web Browser Is Comingflock myspace browser

readwriteweb.com — Flock, the Mozilla-based social web browser has made the announcement that everyone has been waiting for: they will now integrate with MySpace. Building on the MySpace Developer Platform, Flock will allow users to surf the web with their MySpace friends in their sidebar. This integration will expose all of the . . .

Article is pointed to readwriteweb

comments at digg are always interesting of course.

I think this is an excellent idea, I am surprised it has taken so long to come out. I wonder if flock will have an exclusive with this, or if myspace will be opening up more and more and allow other browsers to do the same. Myspace at one time was disconnecting virtually everyone who started anything that pulled info from myspce. I remember when a program that would notify you when your myspace friends stalkies became single was sent off to the tech crunch deadpool because myspace was being so closed off.

Then facebook came out with some APIs to let developers use and integrate their social network, and google released it’s open source social apps, and now it seems that myspace is coming out of the closed off closet more and more. Good. Now if we can just get better data portability from all social networks, in a secure manner, along with more control over what is done with personal information and pictures etc, with these web sites.

Social network software rising

We’ve been consulting for several clients about social networks and keeping a close eye on the developments of various social network software and the niche sites that are springing up and using them. There have been some new developments in both areas, here’s a few we’d like to highlight.

Automattic (wordpress parent company, creators of BBpress and Akismet spam eliminator) has recently gotten 29 million dollars in funding. Automattic has decided to hold off on being bought out entirely and is looking to furtherit’s anti-spam, identity, wikis, forums, and more – small, open source pieces, loosely joined with the same approach and philosophy that has brought them this far. Today I stumbled upon a new theme for wordpress that makes it easy to use wordpress as a twitter like, many to many messaging system for groups, private or public. Can’t wait to see how people hack it up and what kind of cms social network mashups will be created using this functionality.

In other recent finds, we stumbled upon a list of 350 social networks listed at Mashable. We also found a social networking watch site with info about new social networking sites. We found several linked to articles at mahalo about a new adult social network type of site called zivity.

We also found a USA today article describing how it is very difficult to verify ages for those who sign up for social networks. an excerpt:

MySpace has recently implemented policies designed to better separate kids from adults. Among the changes, adult MySpace users must already know a 14- or 15-year-old user’s e-mail address or full name to initiate contact or view a profile containing personal information.

However, because age is self-reported, as it is at similar sites, adults could simply sign up as minors.

There are tools to verify age, but they work best for porn, wine-sales and other sites meant for adults only.

A credit card, for instance, could demonstrate that a user is of age, notwithstanding a teen’s ability to “borrow” a card from Dad’s wallet.

More robust techniques like those from IDology Inc. and Sentinel Tech Holding Corp.’s Sentry check addresses, birth dates and other information users provide against public databases, such as voting and property records.

But many social-networking sites cater to both adults and teens – and teens can be difficult to verify.

Minors “do not possess as many unique identifiers as adults do,” said Adam Thierer, a senior fellow with the Progress and Freedom Foundation, a technology think tank that shuns government regulation. “They are not voters yet. They don’t have home mortgages or car loans. Most don’t have drivers licenses until they are 16.”

Many states restrict the disclosure of drivers license data on minors, and school administrators guard their registration records fiercely.

“Do parents really want … that kind of information available on their children?” Collier asked.

Connecticut Attorney General Richard Blumenthal said raising the minimum age to 16 from 14 would help because many teens have drivers licenses by then. He has called for federal incentives for sites like MySpace to perform age verification.

Attorneys General Jim Petro of Ohio and Greg Abbott of Texas, meanwhile, support verification via credit card, while Massachusetts’ Tom Reilly has called for unspecified “age and identity verification.”

“Don’t tell me it can’t be done,” Blumenthal said. “It’s a question of whether the company in good faith really wants to know those ages and sacrifice some of the excitement and coolness that comes with anonymity.”

Getting a reliable system developed could require expenditures and perhaps result in a smaller base of users, he said, “but if we can invent the Internet, … surely there are means to verify the ages of those individuals, or such means can be developed.”

Facebook takes a stab at verification by restricting access only to those with a valid e-mail address from a high school, college or participating company. It is happy to have 8 million registered users, less than 10% of MySpace’s.

Industrious Kid Inc.’s imbee, for kids 8 to 14, requires parents to submit credit cards to vouch for their children.

Of course, an adult may “vouch” for an alter ego and use that to chat with kids. Thus, all imbee profiles are initially private, and adults can’t do much without tricking a parent into letting them join a child’s network, said Tim Donovan, imbee’s vice president of marketing.

Zoey’s Room, a site for girls 10-14, has verified each of its 300 members with a school or youth group. It charges $15 a year.

“It does cost to create safe communities,” said Erin Reilly, co-founder of the organization that runs Zoey’s Room. “I would rather have a manageable population and keep them all safe … instead of looking for a million unique visitors.”

IDology believes its technology could help keep children safe. A verified adult could be given greater access and the ability to share profiles openly. Anyone not willing or able to be verified, including teens, would be left with limited access and private profiles.

But any technical solution tough enough to work would penalize legitimate users who cannot be verified, said John Cardillo, Sentry’s chief executive. Even 18- and 19-year-olds aren’t fully in public databases yet, he said.

MySpace, instead, has been trying to catch minors after the fact.

It has technology to scan for inconsistencies and teams of employees to investigate further. For example, a user who claims to be 18 might mention a sixth-grade class elsewhere in the profile, or feature a photo of a birthday cake with only 13 candles.

Safety experts warn that creating too many barriers could drive kids to another social-networking site with fewer controls, or perhaps free-for-all chat rooms.

And ineffective solutions, they say, could give parents and children a false sense of security, increasing the dangers.

Ron Teixeira, executive director for the National Cyber Security Alliance, said parents should teach children an online equivalent of “Don’t take candy from strangers.” That way, he said, kids will know what to do should social networking be replaced by the next big fad.

 It seems that social networks are increasingly in demand for communicating today, and there will continue to be new ways for users to share information. We had even seen a short video somewhere that talked about ways to use linkedin as a business networking social app. Certainly there will be much learning for everyone on the best ways to use these powerful communication tools, and there will undoubtedly be more technology coming to help keep everyone happier, more productive and in touch.

It is our hope that the openid standard will continue to flourish, and that it will be easier for people to take a certain amount of profile information from one network to another, so we don’t have to keep typing in tons of information for every social circle we want to participate in. Of course safe guarding data, privacy, ease of use, and data portability should be at the fore front of these emerging technologies.

We are getting there. There are many great ways for people to communicate and share today, there are certainly going to be some growing pains, but the numbers show that there is great need for millions of people to do more online together, and the companies that do it right stand to make millions happy.

AT&T Looking at Internet Filtering

AT&T Looking at Internet Filtering
Wed Jan 23, 2008 10:18 AM EST
Article found via Newsvine / Associated Press

AT&T Inc. is still evaluating whether to examine traffic on its Internet lines to stop illegal sharing of copyright material, its chief executive said Wednesday.

CEO Randall Stephenson told a conference at the World Economic Forum that the company is looking at monitoring peer-to-peer file-sharing networks, one of the largest drivers of online traffic but also a common way to illegally exchange copyright files.

“It’s like being in a store and watching someone steal a DVD. Do you act?” Stephenson asked.

AT&T has talked about such plans since last summer. They represent a break with the current practice of U.S. Internet service providers, who are shielded by law from liability if their subscribers trade copyright files like movies.

Stephenson said he still sees value in peer-to-peer networks despite some problems. The networks are increasingly used for legally distributed files like movie trailers and software.

Comcast Corp., the second largest U.S. Internet provider after AT&T, has chosen another way to deal with the congestion caused by file-sharers, by hampering some peer-to-peer traffic regardless of whether the content is legal.

The U.S. Federal Communications Commission said earlier this month it would investigate complaints from consumer groups and legal scholars that Comcast’s practice violates the open access principles of the Internet.

Five Most Overlooked Open Source Vulnerabilities Found By Audits

Foudn via yahoo news / Techweb
Five Most Overlooked Open Source Vulnerabilities Found By Audits

By Charles Babcock
InformationWeek Tue Jan 22, 5:45 PM ET

After reviewing 300 million lines of code in 2007, Palamida, a vulnerability audit and software risk management company, says it’s identified the five vulnerabilities most frequently overlooked by users in their open source code.
ADVERTISEMENT

The five are listed in alphabetical order. Palamida did not attempt to assign a frequency ranking to the five, CEO Mark Tolliver said. Also, the Palamida list reflects known vulnerabilities that have been aired and fixed by their parent projects but are still encountered in the user base, such as businesses and government agencies. The projects named are not frequent offenders when it comes to security vulnerabilities, but their code is so widely used that unpatched vulnerabilities show up in Palamida’s enterprise and nonprofit agency software scans. In all cases, a patch is available to fix the vulnerability.

Open source code is “not any more vulnerable than commercial software” and in some cases, less so, said Tolliver. Open source projects tend to acknowledge their vulnerabilities and fix them promptly, he added.

The company conducts audits on enterprise software, spotting uses of open source and identifying origins of code. It both sells products to conduct audits and offers audit services and risk management consulting.

Palamida’s list of five frequently overlooked vulnerabilities is as follows:

Geronimo 2.0, the application server from the Apache Software Foundation, contains a vulnerability in its login module that allows remote attackers to bypass authentication requirements, deploy a substitute malware code module, and gain administrative access to the application server. The access is gained by “sending a blank user name and password with the command line deployer in [Geronimo’s] deployment module,” the Palamida report said. A blank user name and password should trigger a “FailedLoginException” response in Geronimo 2.0 but doesn’t.

A patch for the vulnerability exists at https://issues.apache.org/jira/secure/attachment/12363723/GERONIMO-3404.patch.

Geronimo competes with Red Hat’s JBoss and other open source application servers.

The JBoss Application Server has a “directory traversal vulnerability in its DeploymentFileRepository class in releases 3.2.4 through 4.0.5. It allows remote authenticated users to read or modify arbitrary files and possibly execute arbitrary code,” the Dec. 7 report concluded.

A patch is available at http://jira.jboss.com/jira/browse/ASPATCH-126.

The third frequently encountered vulnerability on the list is the LibTiff open source library for reading and writing Tagged Image File Format, or TIFF, files. The LibTiff library before release 3.8.2 contains command-line tools for manipulating TIFF images on Linux and Unix systems and is found in several Linux distributions.

Using the LibTiff library in a version before 3.8.2 allows “context-dependent attackers to pass numeric range checks and possibly execute code via large offset values in a TIFF directory,” the Palamida report states. The large values may lead to an integer overflow or other unanticipated result and constitutes an “unchecked arithmetic operation,” the report said.

A patch is available at http://security.debian.org/pool/updates/main/t/tiff/tiff_3.7.2.orig.tar.gz.

The fourth vulnerability on the list is found in Net-SNMP, or the programs that deploy the SNMP protocol. It’s found in version 1.0, version 2c and version 3.0. When certain versions of Net-SNMP are running in master agentx mode, the software allows “remote attackers to cause a denial of service (crash) by causing a particular TCP disconnect, which triggers a freeing of an incorrect variable,” the report said.

A patch is available at http://downloads.sourceforge.net/net-snmp/net-snmp-5.4.1.zip?modtime=1185535864&big_mirror=1.

The fifth overlooked vulnerability is found in Zlib, a software library used for data compression. Zlib 1.2 and later versions allow a remote attacker to cause a denial-of-service attack. The attack designs a compressed stream with an incomplete code description of a length greater than 1, causing a buffer overflow.

The patch consists of upgrading zlib to version 1.2.3 at www.zlib.net/zlib-1.2.3.tar.gz.

The fact that the vulnerabilities exist doesn’t mean that anyone should stop using open source code. But users should adopt vulnerability patches or update to the latest, stable version of the code, said Theresa Bui, VP of marketing at Palamida. A complete description of the five vulnerabilities, along with their Common Vulnerability and Exposure number, can be found at Palamida’s Dec. 7 Web site listing. The CVE is a project of the Mitre Corp. that gives vulnerabilities a shared definition and reference number across security vendors.

See original article on InformationWeek.com

CIA Says Hackers Have Cut Power Grid

Hopefully if they are reporting this it means that we have fixed all the potential problems in this area. Just another reminded that as our society becomes more and more dependent upon technology, we also become more vulnerable to problems – be it intentional maliciousness or just breaking down.

Story found via PcWorld:
CIA Says Hackers Have Cut Power Grid
Several cities outside the U.S. have sustained attacks on utility systems and extortion demands.
Robert McMillan, IDG News Service
Saturday, January 19, 2008 6:00 AM PST

Criminals have been able to hack into computer systems via the Internet and cut power to several cities, a U.S. Central Intelligence Agency analyst said this week.

Speaking at a conference of security professionals on Wednesday, CIA analyst Tom Donahue disclosed the recently declassified attacks while offering few specifics on what actually went wrong.

Criminals have launched online attacks that disrupted power equipment in several regions outside of the U.S., he said, without identifying the countries affected. The goal of the attacks was extortion, he said.

“We have information, from multiple regions outside the United States, of cyber intrusions into utilities, followed by extortion demands,” he said in a statement posted to the Web on Friday by the conference’s organizers, the SANS Institute. “In at least one case, the disruption caused a power outage affecting multiple cities. We do not know who executed these attacks or why, but all involved intrusions through the Internet.”

“According to Mr. Donahue, the CIA actively and thoroughly considered the benefits and risks of making this information public, and came down on the side of disclosure,” SANS said in the statement.

One conference attendee said the disclosure came as news to many of the government and industry security professionals in attendance. “It appeared that there were a lot of people who didn’t know this already,” said the attendee, who asked not to be identified because he is not authorized to speak with the press.

He confirmed SANS’ report of the talk. “There were apparently a couple of incidents where extortionists cut off power to several cities using some sort of attack on the power grid, and it does not appear to be a physical attack,” he said.

Hacking the power grid made front-page headlines in September when CNN aired a video showing an Idaho National Laboratory demonstration of a software attack on the computer system used to control a power generator. In the demonstration, the smoking generator was rendered inoperable.

The U.S. is taking steps to lock down the computers that manage its power systems, however.

On Thursday, the Federal Energy Regulatory Commission (FERC) approved new mandatory standards designed to improve cybersecurity.

CIA representatives could not be reached immediately for comment.

Americans more wired, new-media survey finds

Americans more wired, new-media survey finds
From yahoo news / Reuters
By Gail Schiller

NEW YORK (Hollywood Reporter) – About 38 percent of U.S. consumers are watching TV shows online, 36 percent use their cell phones as entertainment devices and 45 percent are creating online content like Web sites, music, videos and blogs for others, according to a new-media survey from Deloitte & Touche.

The findings of the online survey of 2,081 Americans, conducted October 25-31, were provided to The Hollywood Reporter before their official release next month.

The “State of the Media Democracy” notes that in Deloitte’s first edition of the survey just eight months earlier, 24 percent of consumers used their cell phones as entertainment devices, meaning that usage has soared 50 percent.

About 62 percent of “millennials” (consumers 13-to-24-years-old) are using their cell phones as entertainment devices, up from 46 percent in the previous study conducted February 23-March 6, 2007. And among Generation X consumers (25-to-41-year-olds), the number grew to 47 percent from 29 percent in the earlier survey.

About 20 percent of consumers said they are viewing video content on their cell phones daily or almost daily.

The percentage of consumers watching TV online jumped from the 23 percent figure reported in the previous study. Roughly 54 percent of those surveyed said they are making their own entertainment content through editing photos, videos or music, 45 percent said they are producing that content for others to see, and 32 percent said they consider themselves to be “broadcasters” of their own media.

“I think for advertisers one of the conclusions is you don’t make decisions to advertise either on television or the Internet when you want to hit all the demographics, but rather you need to have a multiplatform strategy,” said Ken August, vice chairman and national sector leader for Deloitte & Touche’s media and entertainment practice, which commissioned the study. “It shouldn’t be an either or proposition.”

Among the study’s other findings:

— 54 percent of consumers said they socialize via social networking sites, chat rooms or message boards, and 45 percent said they maintain a profile on a social networking site.

— 85 percent of consumers still find TV advertising to have the most impact on their buying habits, but online ads are second best, with 65 percent of consumers saying they have the most impact, beating out magazines at 63 percent.

Reuters/Hollywood Reporter

More and more Americans getting hooked on electronics. There are many good and bad things I see with this news. We can share information and entertainment quicker, and I enjoy this new era of information sharing. I believe we will see more problems with technology compatibility in several areas as well. We already have competing formats with everything from software and operating systems, to different cell phone companies having various accepted formats for multimedia messages and such. There will certainly be much more confusion among people as to what works with what, but lets hope the barriers come down in those areas in the future as well. More on this in another post later.

Pluck hooking up media outlets with social networks

from yahoo news / reuters

Pluck hooking up media outlets with social networks

By Robert MacMillan 30 minutes ago

NEW YORK (Reuters) – Online media syndication company Pluck Corp said on Wednesday it would give traditional media companies the ability to link their Web sites to online social networks like MySpace and Facebook.

The move would allow people to leave comments on news Web sites that then show up on their social network profiles, allowing the traditional media outlets to reach people where they are spending increasing amounts of time on the Internet, said Pluck Chief Executive Dave Panos.

This is important to media companies that are trying to build up their online audiences as they lose readers and advertising revenue for their print editions.

“If I comment on a story about the presidential primary, the story itself is going to be noted on my Facebook profile, and so is the comment I made,” he said.

Companies using Pluck’s technology include USA Today publisher Gannett Co Inc (GCI.N), Discovery Communications, the Canadian Broadcasting Corp, Runner’s World publisher Rodale and Better Homes & Gardens publisher Meredith Corp (MDP.N).

“People are interested in sharing experiences around news,” said Jim Brady, executive editor of The Washington Post Co’s (WPO.N) Web site, washingtonpost.com, which also is participating.

Brady said that could build up more loyal readers for the Web site while exposing the Post’s news to many of Facebook’s 55 million users worldwide. MySpace, owned by News Corp (NWSa.N), has about 110 million users worldwide.

“We’re not trying to be Facebook or MySpace,” he said. “By giving ourselves a hook into the bigger social networks, it allows us to get more pollination.”

The move allows traditional media companies to associate themselves with popular social networks whose members — typically younger than the average newspaper reader — are considered the most valuable to advertisers on- and offline.

“If you’re a media company, you’re now attracting more users to your site,” Panos said. “For them, I think it’s about reaching a broader audience, and maybe a younger demographic.”

Reuters Group (RTR.L) (RTRSY.O) which made a $7 million investment in Pluck last year and has an undisclosed ownership stake, also is a participant.

Media companies will be able to link up with Facebook starting in the first quarter of 2008, Pluck said. Networks that are part of Google Inc’s (GOOG.O) OpenSocial technology for independent software developers — which includes MySpace as a member — will be able to use Pluck’s technology by mid-2008.

(Editing by Carol Bishopric)

I am glad to see so many social network deployments these days. Competition keeps things healthy. Hopefully we will all benefit from multiple companies pushing various software for social networks and they will all keep getting better and better. We are currently testing a few social network platforms for various clients of different sizes with different needs. There is also much talk around the shop about sharing information among the social networks. You can see this similar goal being developed with google’s open social, and the openid platform. Of course avoiding end user privacy issues is always a concern, but making things easier for end users to log into and use the various social sites and choosing which information to share or keep private and semi private is going to be of paramount importance.

Colleges Create Offbeat Videos to Try to Build Web Buzz

We love to see more niche markets getting creative with public relations, and using newer media to get an unusual message out is just the kind of thing that colleges should be doing. It’s a young hip demographic, certainly viral videos will be more effective online than any amount spent on print advertising. The social aspect of college should be a focus and getting viral videos spread through social networks may get groups of students interested.

From the wired campus blog:

These days colleges’ PR offices are creating more and more videos to promote campus events and get their institution’s name out. And some have tried to adopt the lighthearted or edgy tone that seems most popular on YouTube.

The collegewebeditor blog has been tracking such efforts, and today they point out an unusual holiday video created by the University of Maryland at College Park.

Connie Chung, an alumnus of the university, makes a cameo appearance, but the star is the college’s mascot, Testudo, leading students and staff members from across campus to gather for a holiday photo. The overall feel seems something out of a Disney film, and somehow it seems long, even though it’s only two minutes. It’s too soon to tell whether it will be the next big viral video — so far the version on YouTube has only been viewed a couple hundred times.

Last month, the blog featured a roundup of quirky promotional videos featuring college presidents, highlighting various presidents jumping out of planes, answering questions on a late-night TV show, or riding a motorcycle. None of those have been blockbusters either, though.