Wednesday, April 28, 2010

Security Now 243 - The Official TWiT Wiki

Subverted SSL

[link to original | source: wiki.twit.tv | shared via: feedly]


Facebook’s New Open Graph API


[link to original | source: www.sitepoint.com | shared via: feedly]


Shocker: Facebook Does What’s Best For Facebook


There's a debate in progress over Facebook's new "like" buttons and "Open Graph API", with open web advocates questioning the true "openness" of the new platform, and Facebook arguing that the move is good for the web.

For those not clued in, here's a 10-point guide to the debate and my take on who's right:

1. OPEN GRAPH: Facebook launched its "Open Graph" on Wednesday, including "like" buttons that let users express interest in any piece of content on the web, sharing that data back to their Facebook profiles.

2. PUBLISHER INCENTIVES: Publishers are rushing to add these "like" buttons to their sites, plus other "Social Plugins" from Facebook (and more complex Open Graph implementations), since every time someone "Likes" something on your website, it creates a link back from the person's Facebook page. Websites can also display the most relevant content to any user based on their friends and likes. All of which means more traffic and revenue for publishers.

3. SOME PARTS OPEN: Publishers are also adding data to these pages to identify specific items — like, say, identifying that a piece of content is a song, and including the title and band name (aka semantic data). This makes it easy for Facebook to organize their database of everything on the web — this semantic data is also accessible to rivals like Google.

4. SOME PARTS CLOSED: The "likes" data isn't really accessible to Facebook's rivals — unless they implement Facebook logins on their sites, Google and the rest can't get unlimited access to your "likes". So, Facebook is building a database of the world's preferences, but won't give others access unless they promote Facebook on their sites (by using Facebook logins).

5. OPEN ALTERNATIVES: There are open alternatives to Facebook logins (eg. Open ID), but publishers rarely use those because they don't drive traffic and signups like Facebook logins do.

6. NO EXPORT: Facebook also doesn't let users export all their "likes" at once. If a rival builds a better service and you want to export and re-import all your "likes" to the new one, you can't do that easily. So Facebook is building a database of information about you, but you don't really own it: Facebook does.

7. LESS CHOICE: Open web advocates argue that it's bad for users if you're locked in to one system — rivals can't build better systems and provide choice.

8. KEY TO SUCCESS: Facebook's critics are correct, but unless Facebook keeps the "social graph" locked up in its database, the company can't take over the web with a widely-used ID system and capture value for itself (ie. make lots of money).

9. MARKETING TERM: The implicit allegation is that Facebook is merely using "open" as a marketing term, since the Open Graph API isn't fully open. That's somewhat true since Facebook's value proposition relies on keeping some of that data "closed".

10. FACEBOOK WINS: Facebook has won the web by solving the identity problem for users and publishers. They've also helped to advance efforts around the semantic web. Rivals will try to fight back with a truly open solution, but without the correct incentive (lots of traffic for publishers), how can they compete?

Bottom line: when a company solves a problem, should we be surprised that they solve it in a way that creates value for both customers and the company itself? Isn't that how capitalism works?


Reviews: Facebook, Google

Tags: facebook, open id, open web, Zuckerberg


[link to original | source: Mashable! | published: 1 day ago | shared via feedly]


Tuesday, April 27, 2010

Opinion: Steve Jobs' trademark snafu could be costly - Hardware - Technology - News - iTnews.com.au


[link to original | source: www.itnews.com.au | shared via: feedly]


Telstra opens Point Cook to retail ISPs - Telco/ISP - Technology - News - iTnews.com.au


[link to original | source: www.itnews.com.au | shared via: feedly]


Expert: Invalid Warrant Used in Raid on iPhone Reporter’s Home | Threat Level | Wired.com


[link to original | source: www.wired.com | shared via: feedly]


Rudd launches National Security College - Security - Technology - News - iTnews.com.au


[link to original | source: www.itnews.com.au | shared via: feedly]


The iPhone Leak Gets Ugly: Police Raid Gizmodo Editor’s House, Confiscate Computers


Wow. Last week, Gizmodo published a massive scoop when they got their hands on what is mostly likely the next iPhone. At the time there was plenty of talk about the legality of Gizmodo's actions (as they admitted to paying $5000 for the device). Now Gizmodo has just published a post saying that editor Jason Chen had four of his computers and two servers confiscated last night by California's Rapid Enforcement Allied Computer Team, who entered the house with a search warrant.

Gawker's COO Gaby Darbyshire responded to the actions by citing California Penal Code 1524(g), which states that "no warrant shall issue for any items described in Section 1070 of the Evidence Code", which protects information obtained in protection of a news organization. Darbyshire also points out that the California Court of Appeal has previously found that these protections apply to online journalists (O'Grady v. Superior Court).

In Gizmodo's post, Chen recounts last night's events. Chen wasn't home when the raid began, and came home after officers had already been in his house for hours. Chen's door was broken open because he wasn't home to open it. He wasn't arrested, but police seized external hard drives, four computers, two servers, phones, and more.

The document detailing what police intended to seize refers to Apple's "prototype 4G iPhone" and is also referred to as "stolen" (Gizmodo has contended that the device was found in a bar, not stolen). Also note that all of this went down on Friday night, and Gizmodo didn't say anything until today.

Here's Chen's full account, via Gizmodo:

Gawker founder Nick Denton has tweeted about the situation, saying it will show whether or not bloggers are considered journalists.



[link to original | source: TechCrunch | published: 10 hours ago | shared via feedly]


Sunday, April 25, 2010

Ubuntu 10.04 Gets Cloud-Based Contact Syncing


Along with a built-in music store, Ubuntu 10.04, the free Linux distribution arriving later this month, will offer a 30-day trial of cloud-based contact syncing through its Ubuntu One storage service. It's a promising peek into nifty features to come. More »

[link to original | source: Lifehacker: Ubuntu | shared via: feedly]


Ubuntu One Music Store Open for Testing


Ubuntu: The DRM-free digital music store we previously peeked at has now opened to the public—at least the public that's using the Ubuntu 10.04 Beta. It's fairly easy to use, and automatically syncs your purchases to your free cloud storage. More »

[link to original | source: Linux - Lifehacker | shared via: feedly]


iPhone & iPod Management on Linux Just Got Easier | The Linuxologist iPhone & iPod Management on Linux Just Got Easier | Bringing Linux to the Masses


[link to original | source: linuxologist.com | shared via: feedly]


Source Code To Google Authentication System Stolen


Aardvark writes "More details are coming out about the extent of the break-in at Google a few months ago. The NY Times is reporting that one of the things stolen was the source code to Google's single sign-on authentication system, called Gaia. Though Google is making changes to the system, the theft raises the possibility that attackers could analyze the code to find new exploits to take advantage of in the future. No wonder that Eric Schmidt recently said they've become paranoid about security."

Read more of this story at Slashdot.


[link to original | source: Slashdot | published: 5 days ago | shared via feedly]


50 Places Linux is Running That You Might Not Expect


[link to original | source: www.focus.com | shared via: feedly]


No plan for crackdown on internet racism


[link to original | source: www.theage.com.au | shared via: feedly]


Cleanternet.org | campaign for a cleaner and safer Internet


[link to original | source: cleanternet.org | shared via: feedly]


Facebook Open Graph: The Definitive Guide For Publishers, Users and Competitors


Facebook just shook the tech world by announcing several major initiatives that collectively constitute an aggressive move to weave the social net on top of the existing Web.The rumors were that the leading social network would launch a "Like" button for the entire Web. Instead, Zuckerberg & Co. unveiled a bold and visionary new platform that cannot be ignored.

The bits of this platform bring together the visions of a social, personalized and semantic Web that have been discussed since del.icio.us pioneered Web 2.0 back in 2004. Facebook's vision is both minimalistic and encompassing - but its ambition is to kill off its competition and use 500 million users to take over entire Web.

Sponsor

Whether we like it (pun intended) or not, we have to understand what this move means. It impacts users, publishers, competitors and, of course, Facebook itself. In this post, we summarize what Facebook announced and ponder the impact this will have on everyone.

Facebook Open Graph: Publisher Plugins

The Open Graph is a set combination of publisher plugins, semantic markup and a developer API.

"This new API turns Facebook into a read/write storage of user's tastes."

Login with Faces & Facepile: The simpler publisher plugins enhance Facebook Connect. They makes it easy and compelling to sign in by leveraging Facebook cookies and showing faces of Facebook friends who are already members of the service.

Like Button and Like Box: These plugins add the liking feature to any content, typically the whole page. Both can be enhanced with semantic markup, described below. But the very basic intent for these is to get users to Like on the site and post a link to Facebook, which is then permanently stored on a user's profile and points back to the original site.

Activity Feed and Live Stream: These plugins show static and dynamic activity on the site. Activity Feed lists recent likes and comments from the site, while Live Stream shows a real-time view of activity on the site and is intended for interactive events.

Recommendations: This plugin surfaces personalized recommendations for the user based on what friends and everyone else is liking on the site. It is intended to drive the users to other pages on the site.

Facebook Open Graph: Semantic Markup

Facebook announced simple, RDF-based markup to make the plugins smarter. In a nutshell, the markup enables publishers to say what object is on the page - a movie, a book, a recording artist, an event, a sports team, etc. This automatically enables semantics, that is, an understanding that the user is not just interacting with a webpage, but that he or she is liking a specific kind of thing. Semantics then leads to bucketing of the objects into categories like books, movies, music, etc., and gives rise to all sort of applications, including personalized recommendations.

Perhaps even more importantly, the markup helps Facebook connect the users across common interests across different websites. For example, if both Pandora and Last.fm annotate a page about The Beatles using Facebook's markup, then users will be able to see their friends, who like the Beatles across different sites. This is very significant, because the data around friends is sparse and scattered around the sites. Previously, Facebook would surface this data in the stream without persisting it. Now, the information about a friend's likes of movies, music, books, recording artists, events, sports team, etc. will be permanent on Facebook profiles and readily available in context around the Web.

Facebook Open Graph: New API

The new Facebook API is elegant and streamlined. It makes it easy to access user information (with permission of course) such as profile, friends, etc. All of the calls are REST based and return JSON objects. For example, my profile information can be fetched like this: http://graph.facebook.com/alexiskold. The authentication is based on OAuth 2.0 protocol and makes it simple not only to connect, but to also prompt for permissions to access user information.

This new API turns Facebook into a read/write storage of users' tastes. And not just one user - all Facebook users.

Implications for the Users

happy_sad_face.jpgWith this release, Facebook asks users if they are willing to trade off privacy for personalization. To be clear, no personalization is ever possible without users telling a system about their tastes. What Facebook is asking for is necessary in order to then create personalized Web experience. Whether users want this sort of thing is a different question, but assuming that you want to know more about your friends you will.

Friends' interests around entertainment, sports, travel, etc. will be categorized and available. It will be easy to figure out what your friends are into both on Facebook and around the Web. In addition, Facebook is going to be using its own engine to bring you recommendations for related content. This will further accelerate the discovery and cross linking between friends. This will likely further impact the amount of search people do around the Web. As Fred Wilson pointed out - passed links replace search.

Yet, the crux of user implications is neither of the above, but one single issue: privacy. It is unclear at this point that this issue is a concern for actual Facebook users, but it is clear that tech world is raising its eyebrows: Marshall Kirkpatrick, Dave Winer, Jeff Jarvis and many others expressed their concerns. People are saying that not only Facebook will know too much about us (because Google is already there today), but that it will be able to control too much.

Personally, I am skeptical that the average Facebook user is going to care all that much. People are notoriously naive about being watched on the Web, and this is likely to be no exception. More likely than not, Facebook users will enjoy the personalization aspects of the new platform and won't think much about it - until Facebook starts openly targeting them.

This was not been part of f8 of course, but Facebook is likely to use the information for targeting. After all, advertising is a major part of its monetization already so why won't it make it even better? If this targeting is too spot on, lots of users will probably get annoyed. Facebook is likely to sooth them via Facebook credits and heavy discounts, negotiated because of their massive volume.

How exactly users react remains to be seen, but they will probably like the new Facebook more because of increased relevancy and interaction with friends around the Web.

Next page:Implications for Publishers

Implications for Publishers

publishers.jpgOn the surface, this Facebook offering is a no-brainer for publishers. Who does not want more social activity on their site? However, in reality this is far from a slam dunk. To understand why, consider two types of sites: sites that are either social networks or have social networking integrated, and the sites that have their own commenting and ratings systems. In the first camp you will find Last.fm, Flixster, Goodreads, etc. None of these sites were a launch partner, understandably so. Social connections around music, movies and books are their bread and butter as are the ratings, reviews and recommendations. If they switch to Facebook for all of this, what do they have left?

So any site that already has social networking built in has to decide to abandon that before jumping into the Facebook Open Graph. The even worse problem is the ownership of ratings and comments. Are publishers really ready to give that up? Nobody seriously thinks that users are going to be rating through Facebook and then through the site again. So how is this going to work? It is unclear at this point, but it's likely publishers will ask for ways to replicate or export comments and likes that users sent to Facebook via their site. Perhaps an open API that allows publishers to manipulate the data is the answer, but it is easy to see how some publishers would be very concerned.

"You don't need to look too closely to see that Facebook is creating a feedback loop, which includes it, users and the rest of the Web and excludes its competitors."

However, if you run a website like eCommerce or a blog or a service like Pandora that currently does not have a lot of social built-in, this offering is a no-brainer as it will instantly start recycling your pages through the massive Facebook power of passed links.

Implications for Competitors

competitors.jpgThis is aggressive and brilliant move by Facebook - and Twitter, Google, Yahoo, MySpace, AOL, eBay, Amazon and others, except for Microsoft, should be really worried. It appears that Microsoft is content with just partnering with Facebook, perhaps rightly so. Possibly a Bing deal is in the works, which would make a lot of sense.

For all other players on the Web, the worry is that Facebook is trying to close the loop in exclusively owning user eyeballs. Apparently Facebook is not content with just connecting people; it wants to connect people and things. And not only that, it wants to do it around the Web. And not just any people - friends. You don't need to look too closely to see that Facebook is creating a feedback loop, which includes it, users and the rest of the Web and excludes its competitors.

There are several things that other big players might try to do, the worst of which is to try to mimic Facebook. The "me too" that we've seen way too many times recently has not worked, and will not work now. The second best choice is to try to block it. As strange as it sounds it might just work. Between publisher and user issues there are a lot of concerns, and a carefully orchestrated and coordinated campaign may seriously hurt this initiative. Remember, Beacon was brought down fairly quickly by a combination of user backlash and derogatory press.

The third option - to embrace and extend this platform, to innovate on top of it - is likely to be the best move. Innovation has always trumped stagnation on the Web. The problem is that it might not be that easy to embrace this initiative. After all, it does not look like Facebook asked everyone to gather around the table and cooperate on this. It might not be open to cooperation, but if it is then this is the way forward.

Technically speaking, what Facebook has done is elegant and correct. From markup, to plugins, to API, all of it is modern and awesome. The missing bit is that Facebook appears to be the only repository of data in this equation - and that makes the whole offering seriously closed. Publishers and users don't have a choice as to where to store the data. It is going to Facebook and Facebook alone. Perhaps there is a way to rework the system in a way that fixes that. We will look forward to see how this unfolds.

Implications for Facebook

zuckerberg.png Clearly this announcement is yet another turning point for Facebook. Before the conference Facebook was the biggest social network on the planet. If its vision actually happens, Facebook will be the biggest network of people and things on the planet- or to put it differently, it will be the taste graph of the planet.

Obviously there is a different technology that Facebook will need to be building. It already perfected the social networking part, but semantic analysis, recommendation systems, vertical categories like movies and books, as well as having completely open read/write storage of tastes is completely new to the team. The biggest challenge that Facebook will face is to inject, re-deliver and most importantly make use of the data that is flowing into it.

Facebook will be doing some serious number crunching and UI revamps to prepare for this next phase of its life. But perhaps the biggest experiment and test will be delivering relevancy. Google succeed with this in search; Facebook will now have the challenge to bring relevancy to the recommendations and taste-based advertising arena.

Next page:Implications For the Semantic Web semantic_web_stack.jpg

Implications For the Semantic Web

One of the most exciting parts of the Facebook announcement to me personally is the possible breakthrough in semanticizing the Web. We've written previously about the Semantic Web here, and it has been a personal passion of mine. What Facebook has done has a chance to make vast parts of the consumer Web including movies, books, music, events, sports, and news semantically tagged. Publishers and websites finally have a strong incentive to mark things up and get return traffic from Facebook.

"This is a great chance for the Semantic Web to finally hit consumer verticals and become real."

The actual protocol that Facebook suggested is very simple. To describe the object on the page, the site owner needs to specify the title, type of the object, image, url and the name of the site using simple meta tags. The format is extensible and additional tags can be added. For example, for a book a site can add an isbn number. This format leaves room for ambiguity. The goal of classic semantic markups traditionally has been to refer to entities precisely; for example adding the director to a movie, or a year to remakes. The Facebook protocol does not seem to have this.

There were lots of previous efforts to markup the Web. To name a few, RDF, microformats, Google Rich Snippets, Yahoo's Search Monkey (based on RDF and microformats), and lastly, abmeta, which was developed by me with help from Peter Mika at Yahoo. Of all these formats, Facebook's is most similar to abmeta because the markup is placed into meta tags, and is simple and human readable. This simplicity is the key to broad adoption.

fb_protocol.png

abmeta.png

So all around, this is a great chance for the Semantic Web to finally hit consumer verticals and become real.

Implications for Developers

source_code.jpg Every new rich platform that has been rolled out in the past couple of years presented a big opportunity for developers and this one will be no exception. While we do not know exactly what sort of applications will be build on top of new Facebook, we know that they will be very powerful. This platform has the potential to give rise to to new kind of personalization and attention economy that people have been talking about for years. It has of course, a chance to majorly backfire, but I am optimistic.

This will be a gold rush for application that is likely to last for at least a year, like the last one did. It's too early to tell whether this will be a platform that survives and does not hurt is participants. However, it is very likely that the best applications built on this platform will be owned by Facebook. Still, there is a huge new opportunity here for developers and the sky is the limit.

Checkmate?

Facebook made a major chess move. It might have checkmated its competitors, or perhaps it might have to lose another piece like it lost Beacon. Whichever is the case, right now there are deep implications for Facebook and its competitors, publishers, users and the Web at large. What Facebook has announced cannot be ignored and can not be undone. Everyone needs to figure out the next steps and understand what to do.

Time will tell where we land, but my gut is that positive things will come out of this. If nothing else, let's give Facebook credit for innovation and re-imagination the Web.

Discuss


[link to original | source: ReadWriteWeb | published: 1 day ago | shared via feedly]