Dan's New Blog

And it’s not Facebook. It’s Google’s new Google Buzz, which is a Facebook/Twitter hybrid product. It’s supposed to be plug-and-play: you set up your profile and Google determines your social circle based upon whom you Gmail the most. But it’s got some privacy issues, viz.:

(1) Nicholas Carlson at Business Insider is one (of many) who takes Google to task for revealing Buzz users’ closest contacts to the world:

“But we have a message for the brilliant people behind Google Buzz (and the rest of Google’s products): the rest of the world is NOT like you. These privacy concerns aren’t for the incredibly computer savvy, the patient beta testers, or Twitter and Facebook power users. Our concerns are for the people who, when encountering a new service, click ‘save and continue’ until it is completely set-up and functional, reading as little text in various dialogue boxes as they can. These people are the people we call the ‘normals’. Some of these ‘normals’ are physicians or mental health professionals who have patients they email with. Some of these people are journalists (ahem!) dealing with anonymous sources. Some of these people are spouses who are finding a safe way out of bad marriages with the help of someone their spouse doesn’t know about. Some of them are junior staffers, secretly arranging to get a 50% raise going to a new company to become a manager for the first time.”

Google has made some changes to Buzz to address these issues, but again, “normals” probably won’t take advantage of them.

UPDATE, February 14: Google has made further changes. Buzz now suggests people to follow instead of auto-following your closest contacts. You can also opt-out of publicly displaying your contacts.

(2) Erick Schonfeld of TechCrunch says that Buzz inadvertantly exposes private email addresses:

“Google Buzz borrows the @reply convention from Twitter so that if you want to reply to someone or direct a comment to them you simply put the @ sign in front of their name. Google autosuggests names from your contact list as you start typing. Normally, this doesn’t cause any problems if you select the Gmail account or chat name associated with that person’s public profile. It ends up posting their name, and not their email address. But if you select a name or account that is not public, Buzz will fill in with their private email. For example, I wanted to direct a comment at TechCrunch writer MG Siegler, so I typed in ‘@mg’ and up came three of his different emails. I picked his TechCrunch email, not realizing that his public profile is linked to a different Gmail account. What this means is that the 231 people following me on Buzz can all see MG’s private email address in my comment even if they had no direct connection to him before.”

Google says that it will be “very obvious that the email address is publicly visible, and you can always edit and/or delete that post.” Schonfeld says that’s expecting too much from the average user, and I agree.

UPDATE, February 14: Google now shows asterisks instead of private email addresses.

The common thread through these 2 problems is that Google puts the burden on the basic user of figuring out the privacy implications of everything they do on Buzz. It’s like they’ve never heard of people accidentally CCing the whole company on a private email.

Google has announced plans to get into the broadband bidness in a small way:

“We’re planning to build and test ultra high-speed broadband networks in a small number of trial locations across the United States. We’ll deliver Internet speeds more than 100 times faster than what most Americans have access to today with 1 gigabit per second, fiber-to-the-home connections. We plan to offer service at a competitive price to at least 50,000 and potentially up to 500,000 people.”

Google will accept applications from communities until March 26, then make their choice. Sounds great, but with a caveat that, over and over, we’re putting all our eggs in Google’s basket.

Gigaom reports on yet another leadership upheaval at MySpace. This time, CEO Owen Van Natta is gone after less than a year.

I pretty much ignore MySpace in my blog and presentations. (I’d love to do the same with Facebook, but I can’t ignore all the security oopsies.) I think it’s been nigh on irrelevant for some time now. But I’m posting this to highlight a great soundbite in the article:

“There was a time when celebrities used MySpace to stay in touch with their fans. Now they’re all using Twitter.”

The social networking landscape changes constantly.  Now that Google Buzz has launched, at least one notable blogger thinks it could kill Facebook. Makes my head spin.

Tired of reading about high school students suspended because they had aspirin in their bookbag? Or nail clippers? Or even — God forbid — for unauthorized hugging? Then this NY Times story is for you. School administrators in Vail, AZ have turned one of their school buses into a mobile wifi hotspot. The result? Peace and quiet:

“It’s made a big difference,” said J. J. Johnson, the bus’s driver. “Boys aren’t hitting each other, girls are busy, and there’s not so much jumping around.”

This isn’t a case of wifi acting as electronic ritalin:

“… district officials have been delighted to see the amount of homework getting done, morning and evening, as Mr. Johnson picks up and drops off students along the highway that climbs from Vail through the Santa Rita mountains to Sonoita. The drive takes about 70 minutes each way.”

Cost for a safe and quiet school bus ride: $200 for the router and $60/month for access. Cheap at any price.

CNET reports that the FBI wants Internet Service Providers to log the Websites you visit and keep the data for 2 years. Frankly, this does not surprise me, given the government’s predilection towards outsourcing surveillance to the owners of the pipes.

I’ve blogged in the past about how Tor can enable you to surf anonymously. But afaik Tor can’t help you evade your ISP’s prying eyes. You’d have to use a proxy that would encrypt traffic to and from your computer; I can’t see that working out for you very well.

As Sun Microsystems Chairman and CEO Scott McNealy said a few years back, “You have no privacy, get over it.”

Fwiw, I’m not “average”, whatever that means.

LoA: The average American pays $997 each year for cable TV, Internet access, and video games.
Me: It’s more like $300/year at my house, since we don’t have cable. It’s no big loss — I can watch Burn Notice the next morning on Hulu.

LoA: Last Sunday’s Super Bowl audience had an average audience of $106 million, eclipsing the M*A*S*H 1983 finale record.
Me: I am not one in a million. Didn’t watch a second of the game. No Who Dat bandwagon for me. I did spend an enjoyable 2.5 hours watching the Caps-Pens ovechkintime thriller.

Wired reports that the Judicial Conference Committee on Court Administration and Case Management has issued new jury instructions regarding the use of social media. Here are the instructions that U.S. District Court justices should give to juries before they begin deliberations:

“During your deliberations, you must not communicate with or provide any information to anyone by any means about this case. You may not use any electronic device or media, such as a telephone, cell phone, smart phone, iPhone, Blackberry or computer; the internet, any internet service, or any text or instant messaging service; or any internet chat room, blog, or website such as Facebook, My Space, LinkedIn, YouTube or Twitter, to communicate to anyone any information about this case or to conduct any research about this case until I accept your verdict.”

It’s about time. I’ve blogged previously about the havoc a chatty juror can cause using Twitter during a trial.

I wish state and local courts would get on top of this as well. Last month I served as a juror in a two-day criminal case in Delaware County. The judge admonished us not to read about the case in the papers, watch anything about it on TV, visit the areas mentioned in the testimony to do research, or discuss it with family members and friends. Not once in the half-hour of jury instructions did he mention the word “Internet”, let alone Google or Twitter or Facebook. Nor did he mention text messaging. It would have been soooo easy for him to say something like, “Don’t use any Web sites or electronic devices to do research about the case or talk to others about it.” But we know that the whole legal profession changes very slowly, in some cases much slower than the rest of the world. At least the judge in my trial wasn’t required to wear a powdered wig.

Swirling and drifting
No hockey today … I’m sad
Snow blankets the rink

Not great, but better than I thought I could do. Now I’m off to shovel two feet of the white stuff.

Looks like employees from several companies in Europe, Japan and New Zealand fell for the ‘ol phishing schemaroo recently. Hackers conned them out of 250,000 credits worth about $4 million. How’d the exploit work?

“The hackers launched a targeted phishing attack against employees of numerous companies in Europe, New Zealand and Japan, which appeared to come from the German Emissions Trading Authority. The workers were told that their companies needed to re-register their accounts with the Authority, where carbon credits and transactions are recorded. When workers entered their credentials into a bogus web page linked in the e-mail, the hackers were able to hi-jack the credentials to access the companies’ Trading Authority accounts and transfer their carbon credits to two other accounts controlled by the hackers.”

Access to the German Emissions Trading Authority database of registered carbon credit trades has been suspended for about a week, pending the resolution of an investigation.

[sigh]

Guess it’s time once again to trot out my list of computer security tips to live by.

Why does this Washington Post article, Google to enlist NSA to help it ward off cyberattacks, remind me of Cory Doctorow’s short story Scroogled?

In the real-world, Google isn’t the security contractor for the U.S. It’s the other way ’round — the NSA is helping Google get a handle on the big Chinese hack they announced last month. I guess it’s just that I’d prefer that there was a — pardon the expression — Chinese wall between a huge info company such as Google and government intelligence agencies. And I’m not the only one who feels that way:

“When you rise to the level of Google . . . you’re looking at a company that has taken great pride in its independence,” said [Matthew] Aid, author of ‘The Secret Sentry,’ a history of the NSA. “I’m a little uncomfortable with Google cooperating this closely with the nation’s largest intelligence agency, even if it’s strictly for defensive purposes.”

Amen.