No ads? Contribute with BitCoins: 16hQid2ddoCwHDWN9NdSnARAfdXc2Shnoa
Mar 252018
 

It seems likely that the company Cambridge Analytica paid Facebook for access to data and using it’s access, downloaded as much data as possible for nefarious purposes. Nobody should be that surprised at this.

Facebook does not host an enormously expensive social network just because it is fun; it does it to make money. It probably does this primarily through advertising, but selling access to social network data is always going to take place.

And from time to time, scandals when companies like Cambridge Analytica are going to take place. At which point Facebook will protest saying that it didn’t realise that the associated firm was doing such naughty things. And once the story drops out of the news, Facebook will carry on leaking data.

As the saying goes: “If you are not paying for it, you are the product.”

In the end, the only solution to something like this, is to produce some kind of peer-to-peer application that is as easy to use as Facebook, uses strong end-to-end encryption, and keeps our data private to those people and groups we choose to share it with.

The Hole

Jan 112016
 

Watching the 32c3 conference videos for free (which is relevant), and coming across the inevitable “the Internet is dead”, “corporations have bored the spirit of the Internet to death”, etc. It’s a pretty common meme amongst those who somehow believe that the Internet used to be free.

The Internet was never free, but it did have the appearance of being free.

Of course we have become used to paying for access to the Internet, but that monthly payment to the ISP doesn’t pay for the Internet as a whole. As an example none of the money you pay your ISP reaches me to help me pay for the server this web page is on. Supposedly I can ‘monetise’ your visits by publishing adverts on my web site; in practice it doesn’t. At least not for low traffic sites.

And things like Facebook or Twitter do cost lots of money to run; enough that many of the large successful companies took a long time before they became profitable.

Of course I’ve been concentrating on the monetary meaning of “free” but this applies to a certain extent to the other meaning of free – you can’t post content to Facebook that they don’t agree with (although in practice very little is censored with the main victim being pictures of breastfeeding). A company like Facebook is in this game to make money and whilst they are not going to censor your content for no reason, neither are they going to fight too hard for your free speech.

In the end you can only exercise your freedom of speech on your own servers. But with the exception of a few weirdos like me, most of us are not keen on running servers.

All normal people want to do is run an application that lets them “do stuff” and the conventional way to implement an Internet application is for an application running on the person’s desktop to speak across the Internet to a server – for example the web works this way. The big problem with such an approach particularly when something like Facebook becomes almost ubiquitous is that you are giving a large central organisation a lot of data about yourself.

Of course everyone who is not up to anything nefarious is not bothered by that, right? Well perhaps, but there are other aspects of sending all your data to a company who desperately needs to monetise your data and your eyeballs. Such as targeted advertising. And worse.

The conventional way. There are of course what could be called unconventional applications that communicate across the Internet without a centralised server managing it all. These are commonly called “peer-to-peer” (or P2P) applications and are commonly used to share files; very commonly files that the copyright owner would rather not be shared (films, applications, music, etc.). So P2P has a bit of a rogue reputation.

But it is merely a means for communicating and does not dictate what is communicated. There is nothing to stop someone from implementing a P2P-based application that communicates “posts” that are the equivalent of Facebook posts. Such an application :-

  1. Would continue to use the web browser as a display engine.
  2. Run as a separate “service” on the desktop to send and receive P2P posts in the background; displaying relevant ones on request.
  3. Automatically encrypt all postings so that they can only be decrypted by the relevant audience. Keep the automatic encryption hidden to avoid scaring those who just can’t be bothered with all that.

Of course as I am not going to be writing this (I simply don’t have the time), I have no right to say how it should be written! But writing such an application would be very beneficial if we could persuade people to use it rather than the monolith that is Facebook. Unlike some people, I don’t believe that Facebook is intentionally evil, but because of the centralisation of social networking in the hands of Facebook, it has the potential to be evil.

Those who want the Internet to be free (as in freedom) need to put their money where their mouth is and write the code.

Rusty_Padlock

 

 

Nov 172011
 

I have an Android phone that automatically uploads photos to Google; you have an iPhone that automatically uploads photos to Apple’s iCloud service. We both want to send photos to a Facebook gallery for some friends.

To solve this problem, we either have to copy photos manually from Google to Facebook, or make use of some special application to do the work for us. But isn’t this the wrong solution to the problem ?

If the different propriety clouds used an open standard for uploading photos, it would be possible to automatically upload to Google from an iPhone, upload to Apple’s iCloud from an Android phone, or … to some new competitor. Or even for those of us who prefer to do our own thing, to our own servers.

As someone who mixes and matches things, I have “islands of data” in different clouds – some photos are uploaded to Facebook (when I can be bothered), some are in Googleland, and some (the ones I regard as the better ones) are uploaded to my own server. And that is just photos; there are also contacts, notes, documents, drawings, etc. None of this can be easily moved from one island to another – sure I could move it manually, but why would I want to do that ? Computers after all are supposed to be good at automation.

This is all down to the convenience of the cloud providers of course – Google makes it easy to use their services and hard to use others because it’s in their interests to do so, Apple is similarly inclined to keep your imprisoned in their “perfumed prison”. And so on.

But it’s all our data and they should make it easy to move our data around. This not only would be useful for us, but less obviously would actually benefit the cloud providers. After all if I find it tricky moving from one online photo gallery “cloud” to another, I’m less inclined to do so.

Making it easier to move cloud data from one provider to another not only means it is easier for a customer to “escape” one proprietary cloud, but it is also easier for a customer of another cloud to move in. And it would not necessarily be that difficult to do – just produce a standardised API that works across multiple different cloud providers, and let the application developers loose.

To a certain extent this is possible right now – for example, Facebook has an API and Twitter has an API and it is possible to produce code to send status updates to both places. But the equivalent to update a Google Plus status does not seem to be available, and combining status updates in one tool just isn’t there as yet – I have a simple script which sits on top of two other tools (and very nicely pops up a window, a text input box, or takes the status on the command line). But with a standardised API, the code would be much easier to write.

 

Jul 142010
 

So the UK and Northumbria in particular has recently gone through one of the largest manhunts in recent times whilst Raoul Moat went on the run after trying to kill three people. And succeeded in killing one – the current boyfriend of his ex-girlfriend – for some reason the media believe if that you have once made a mistake and had a relationship with a nutter, it is a permanent relationship that you can’t escape from.

For seven days we were all glued to a greater or lesser extent to our TV screens whilst the police combined the wilds of Northumbria whilst he was in hiding, but eventually caught up with him and after a multiple hour stand off, he finally shot himself.

Of course as soon as it was all over, people were talking about the police hunt for him and criticising how it was done; in particular the mysterious use of two mysterious tasers that were not of a type approved for use by the UK police. Such things are inevitable.

It was also inevitable that some silly people on Facebook would start a group in support of him. And of course the Tories in government after they heard about it, started frothing at the mouth and demanding that the group be removed from Facebook because of “anti-police statements”.

There are two obvious conclusions to draw from this reaction to the Facebook group supporting Moat :-

  1. Tories have little respect for free speech if it is something they do not agree with – such as criticisms of the police – and the acid test of respect for free speech is whether you support it even when it is being used to say things you do not agree with.
  2. Tories need to get a life and stop overreacting to what is a handful of silly people on Facebook. A group with 30,000 supporters ? That’s such an insignificant number that it really isn’t worth getting worried about even if you find their sentiments offensive.

If you look at the Facebook group and the comments it very quickly becomes plain that the majority of supporters are ill-educated idiots who have significant problems with grammar, spelling, and a grasp of the known facts.

Mar 062010
 

I have just seen a news item on TV about what the pundits think the effect of social media (Twitter, Facebook and the like) will have on the upcoming UK election. The general consensus was that it probably will not make much difference, and I’m not going to disagree.

What was amusing though was that they seemed to have concentrated in what the politicians might say in their tweets or on their Facebook pages – missing the point of social networking entirely. Most of us do not pay much attention to what politicians say online on various social media sites; we stick to what our usual contacts say. It is what they say that may influence how we vote in elections.

Of course just like “water cooler debates”, it will not have a great influence over how we vote – it is just one more piece of information.

Nov 232007
 

Today the UK’s Information Commissioner announced that today’s young (and in some cases not so young!) are putting their future careers at risk with some of their ‘riskier’ posts on social networking sites such as Facebook. In addition they pointed out that they were risking identity theft by putting so much personal information online.

It is worth mentioning that information can live online for a very long time … forever if the people behind Archive.Org have their way. This is not necessarily a bad thing although it can come as a nasty shock to realise just how shallow one was as a youth!

But do employers really care what people put on their Facebook profiles ? Well I dare say some do, but they probably should not. I’ve had more than my fair share of ‘youthful excesses’ in the distant past, but I’ve been a reasonably productive employee for all of that time. Now some more conservative companies may be worried about people making an association between their Facebook profile and the company they work for … fair enough. It seems perfectly reasonable to have a policy to say that one’s Facebook profile should not be linked to one’s place of work.

But not to employ someone because their Facebook profile looks a little wild ? That probably counts as cutting off one’s nose to spite your face! And quite possibly may count as age discrimination!

Now I come to identity theft. It is true that having too many personal details online may well make you more subject to identity theft which is a serious problem (although not a new one!). But is eliminating personal details online the right way of tackling the problem ? We have also seen this week that people can be subjected to the risk of identity theft through no fault of their own. Those who do not follow computer security news closely, may not realise that this is a story that is regularly repeated although not usually on such a scale.

Whilst being careful about putting personal details online is undoubtedly good practice (because no other solution is going to arrive quickly) we need to think about better ways of defending against identity theft other than hiding personal details. I have no ideal how this might be done in detail, although one obvious thing occurs … to have multiple ‘keys’ which serve different purposes … perhaps a government ‘key’, a financial ‘key’, a ‘social networking key’ (for things like Facebook and online forums), and a ‘key’ to be used for employer identity purposes. Seperating these ‘keys’ would limit the damage if a leak did occur … essentially you would need to steal multiple ‘keys’ to steal someone’s identity.

The problem of identity theft is only going to get worse unless we do something better in the future. Basing one’s identity on things like address, birth date, etc. is not going to be anywhere near like secure enough. It has always been possible to steal someone’s identity if you have these details, but the pervasiveness of IT systems makes it easier.

In the computer security world there is a truism that ‘security through obscurity is no security at all’, and what we are currently doing to protect our identity is attempting to practice security through obscurity.

WP Facebook Auto Publish Powered By : XYZScripts.com

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close