Big data, big problems? Here’s one possible solution

big-data-parts-640By now it’s kind of a truism that Big Data is going to be Big Business.

Marketing companies want to comb big data sets to determine what you’re likely to buy, so they can show you the right offers at the right time. Health care providers want to analyze big data so they can determine when and where outbreaks might happen and stop them before they become virulent. Various three-letter agencies based in DC want to mine that data so they can determine who the bad guys are before somebody decides to blow something up. The list is almost endless.

The problem with Big Data is, well, it’s big. It’s everywhere. It’s in multiple locations and incompatible file formats, with the same information duplicated in hundreds of different ways. Making sense of it can be a nightmare from which many organizations may never awake. But it doesn’t necessarily have to be that way.

I just had a fascinating discussion with a company called Chiliad (pronounced Kiliad, from the Greek word for a “group of one thousand”). Chiliad’s Discovery/Alert 7.0 software allows organizations with massive amounts of data spread across multiple locations to pretend that it’s all in the same place and in the same format, making it easier to search.

Without getting too heavily into the nitty gritty, Chiliad works by installing a small appliance bit of code on every network where the data resides. Each appliance The code indexes all the data that’s available from each source, and communicates with the other appliances on the other networks. Chiliad’s software lets you use English language queries to get at this data and refine your searches. It then flags correlations between different bits of data and brings the relevant connections to the surface – leaving the data exactly where it is, without changing, converting, or even cleaning it.

So, let’s say you’re searching a medical database to find out if Vitamin D is helpful in treating metabolic syndrome. (Something I do at least once a week–not.) Chiliad’s results may tell you that it is, but they can also point out that Vitamin D is helpful in combatting diabetes and high blood pressure as well – something that may not have been otherwise obvious. And the software can do it virtually instantaneously (at least it did in the demo, from which this screen shot derives).

If broadly deployed, tools like Chiliad’s could make this kind of data correlation as easy as using Google. In fact, if there were a consumer version of Discovery/Alert – or I had a few hundred thousand dollars to spare – I would want to use it on top of Google, so I could sort results to get the most up-to-date information on a topic (something Google is particularly bad at). I’d buy that in a heartbeat.

What’s interesting from a privacy perspective are Chiliad’s clients. For the past decade Chiliad has worked with the Department of Homeland Security and the FBI, helping the spooks sort through 15 billion records from more than 100 sources. The Feds use Chiliad to monitor all flights, trucks, cars, ships, and passengers entering this country. If you’ve ever passed through US Customs, your data has flowed through Chiliad’s software.

Beyond that, though, Chiliad couldn’t tell me what kinds of data the DHS is interested in. Even they don’t know all of the data sources the DHS combs through each day, and if they did, well… you know the rest of that joke.

Now Chiliad is moving into medical records, another area where the data is jumbled, massive, and highly sensitive, with lots of privacy landmines. The idea is that by allowing hospitals and pharmaceutical companies to search across patient records and research data from multiple sources, doctors may be able to pick out patterns that may not have been visible when looking at smaller data sets – like, say, seeing that a particular treatment is vastly more effective for a certain malady. And Chiliad’s auditing capabilities will allow admins to know exactly who saw what data and when they saw it, keeping it in compliance with regulations like HIPAA.

Chiliad marketing veep Ken Rosen says Chiliad’s experience working with the DHS makes it uniquely qualified to handle highly regulated personal data such as medical records.

The other problem with Big Data is that, if it’s misinterpreted, the results could be disastrous. Let’s say the DHS has analyzed a few petabytes of consumer purchase data and determined that terrorists like to order takeout pizza, pay cash for their groceries, take lots cross Atlantic flights, and visit Jihadist Web sites. If you happen to do all of these things – and you’re not a terrorist — it’s conceivable you could be mistaken for one, based entirely on what the data seems to be saying about you.

Obviously, the NSA is not going to release the algorithm it uses to determine whether suspect A is a potential terrorist while suspect B is not. On the other hand, Rosen says the Feds take individual privacy quite seriously.

“I’m not pretending to be naïve and say that every person in government takes it just as seriously,” he says, “but one of the hottest issues among our government customers is the need to guarantee that information on individual US citizens does not fall into the wrong hands. There’s rigorous scrutiny to ensure that information isn’t analyzed inappropriately.”

And, he adds, the Feds aren’t generally interested in individuals so much as the connections between networks of people. “They need to understand the entire conspiracy, the complete story,” he says.

So if the spooks do mistake you for a wanted terrorist and toss you into Gitmo, at least you might end up there with people you know. Hopefully, though, better, smarter search tools for manipulating Big Data will make this outcome less likely, not more.

This piece originally appeared on ITworld’s TY4NS blog.

Disembodied head of Data (Brent Spiner) courtesy of FastCompany.

Dear Klout: Close, but no cigars

klout-scoreYou may not know this but I am a freakin’ expert on cigars. If it’s rolled up in dried tobacco leaves and smuggled in from Cuba in diplomatic pouches, I am your guy.

This must be true, because I read it on my Klout profile.

The world has gone a little Klout crazy, lately. There have been several stories lately about how Klout scores are now one of the things employers look at before hiring someone, especially for positions in sales and marketing. Want a job at Salesforce.com? You’ll need a score north of 35.

You can use a high Klout score to get discounts on concert tickets, access to VIP lounges at airports, or a nicer room at the Palms Casino Resort in Las Vegas.

Klout scores are a gumbo made mainly from how many friends/followers you have on the major social networks (though it seems to lean hardest on Twitter), how often you tweet or update your status, and how frequently other people repeat what you say. It’s an algorithm, but I can’t imagine it’s a very sophisticated algorithm.

Wanna know what else Klout scores are? Total b***s**t.

For the record, my Klout score is now 63. I’m told that’s a respectable score, but it’s as meaningless a number as I can think of. It was only 49 last April when I wrote this post about Klouchebags. The reason it climbed is most likely because I’ve started using Twitter a lot more over the past couple of months. Gee, I feel so much more influential now.

So I don’t really pay much attention to Klout. But today I received a tweet from someone I know only via Twitter. She wrote:

I noticed that U R knowledgable in cigars over at Klout, so I 1 upped U ;)

Cigars? Me? Really? But sure enough, Klout seems to consider me a highly regarded expert on Robusto Cubanos.

Also for the record, the last time I attempted to smoke a cigar was during the first Reagan administration. I still remember it, not at all fondly.

So maybe I write about cigars? Not really. Using the magic of Google, I searched for all the influential cigar statements I have allegedly made.

On July 5, 2011, I posted the following tweet:

The answer: Theoretically, yes. But I’ve never seen it.

I also made references to cigars in three pieces I’ve written over the past three years – one was a joke about Rush Limbaugh lighting his cigars with welfare checks, another was something about Michael Arrington. I’m pretty sure there were may have been a few Bill Clinton/Monica Lewinsky jokes in there somewhere, but Google couldn’t find them.

Dear Klout: Not close, and no cigars.

Other topics Klout says I’m influential about include Technology, Social Media, and Blogging (probably true); Forbes (probably not true); Peanut Butter (love the stuff, rarely write about it); Addiction (nice!); Pinterest (ick); and a bunch of generic categories like Branding, Employment, Job Search, and Money.

These latter categories aren’t so much topics I’m influential about as much as topics Klout desperately wants its users to be influential about so it can monetize its services.

Here’s what I think. I think Klout is making this stuff up as it goes along, and companies that are sucked into this are just that – suckers.

Yes there are people out there who have more influence and reach than others, often for reasons that elude all logical understanding. (Robert Scoble, I’m talking to you.) It used to be just people in certain high-profile positions in the media, and now it might be the Joe or Jane down the street.

But having a zillion Twitter followers and churning out dozens of tweets every day doesn’t make you influential, it makes you annoying. When people retweet or repeat what you say, it’s most likely because they already agree with whatever you just said. That’s not influence, that’s an echo chamber.

I think the whole Klout score mystique is a brilliant scam that’s going to melt down like a beach house built out of butter. In less than two years I predict Klout will be bought by somebody like AOL or Yahoo and allowed to quietly die in its sleep.

Trust me. When it comes to houses made from dairy products, I’m extremely influential.

This post originally appeared on ITworld

Wonka meme pic courtesy of NonesNotes.

Passwords suck. Here’s what you can (and can’t) do about it

LinkedIn-Password-Hack-600x380

Last June, 6.5 million Linked-In passwords were stolen by hackers and posted online. eHarmony lost 1.5 million passwords; Yahoo Voice another 450,000. Among the most common passwords used: 123456, welcome, and the ever popular “password.”

The problem isn’t that these sites should have done a better job protecting user data (though they should have). It’s not that their users chose passwords that were too easy to crack and then recycled the same ones for every site (though they did).

The problem is that passwords suck.

“To use the Net these days you have to have dozens of passwords and logins,” notes Terry Hartmann, vice president of global security solutions for Unisys. “Every time you go back to a site it feels like they’ve introduced new rules to make passwords more complex. Eventually, users revert to using one password for everything.”

In short: The password system is broken, and cyber criminals are taking full advantage.

Of course, all is not lost. There are things you can do, like use software to store and manage your passwords. There are things that sites can do, like requiring multi-factor authentication or biometrics to identify users. Even the Federal government is trying to do something about it. But the password problem isn’t going away any time soon.

Password Vaults

Password management programs are like spam filters — boring but essential tools for managing your digital life. A good password manager not only remembers all your logins, it can replace the simple passwords you’ve chosen with complex ones and let you quickly change them if a site’s been hacked.

The best part: Instead of having to remember dozens of unique passwords, you have to remember just one – the master password for your vault. And unless you always log on from the same machine and same browser (in which case you probably are reading this on an AOL dialup connection), you’ll want a cloud-based program like LastPass, 1Password, or Roboform that can apply your logins to any PC, phone, or tablet you use.

The downside: You still have that one password to remember. If an attacker has managed to plant a keylogger onto your system, he or she also has that password, notes Robert Siciliano, an online security expert for McAfee who uses a password vault to store more than 700 logins.

And if a cloud-based password vault is hacked – as LastPass was in May 2011 — it could be game over. Fortunately for LastPass customers, no sensitive information was breached. The next time, though, users might not be so lucky.

Multi-Factor Authentication

So even complex passwords stored in an encrypted vault still aren’t enough. For added security some sites rely on additional factors to identify users, typically something users have in their possession. Even if attackers have your password, they’d still need the other factors to access your stuff.

Financial institutions are required by law to use multiple factors when handling online transactions, but they may do it in the background by authenticating your machine or its location, says Siciliano. If you live in San Francisco and someone in Shanghai is attempting to access your account, for example, that transaction may be blocked, or that person may be required to provide an additional factor by answering a security question, identifying an image, or entering a number sent to a device provided by the bank.

Google and Facebook now offer two-factor authentication as an option; you can have them send a temporary PIN to your cell phone whenever you log in from an unfamiliar machine, which you must provide along with your password when you log on.

But aside from banks and a handful of big sites, multifactor authentication is still not widely used, in part because it’s less convenient. And, of course, it still typically employs a password (which sucks).

“Two-factor authentication doesn’t always pass the grandma test,” says Siciliano. “That means more support calls, more password resets, and higher costs. That’s why it’s typically only used by companies with a lot to lose.”

Biometrics

The beauty of biometrics is there’s nothing to remember. Fingerprints, voice and facial recognition, iris scans – there are dozens of physical characteristics unique to your body that can be used to identify you. Unisys’s Hartmann says major banks are piloting biometric identification systems now, and expects them to begin rolling out next year. Apple’s recent $360 million acquisition of AuthenTec, maker of fingerprint scanning technology, suggests that some form of biometric identification may be built into future Apple products.

But biometrics has its own problems. Fingerprint scanners have been gamed by gummy bears; facial recognition systems have been fooled by photographs. At last July’s BlackHat conference, security researchers demonstrated a way to trick iris scanners by reverse engineering the image data.

Biometrics stored in a central database can become the target of hackers, who could steal identities by substituting their own biometric data in place of their victims. As with passwords and other personally identifiable information, biometric security would depend entirely on whoever is storing the data (we all know how well that worked at LinkedIn).

Requiring biometrics at login could make anonymity difficult if not impossible for political dissidents, whistleblowers, or people who inhabit multiple identities for personal or professional reasons. Fears over Minority Report-style government surveillance also give many consumers pause.

Despite all that, Joseph Pritikin, director of product marketing at AOptix Technologies, a maker of iris scanners deployed at airports and border crossings, predicts smartphones employing biometrics will be one of the key identification devices of the future, in part because the data can be stored securely on the device itself.

“It will be a combination of something I am and something I have, most likely a smart phone,” he says. “Their hardware-based encryption would be difficult to compromise.”

One ID to rule them all

The ultimate goal is to replace the seemingly infinite number of passwords for a single online identity. Which is why in April 2011 the Obama Administration launched a public-private initiative, the National Strategy for Trusted Identities in Cyberspace, to develop an identity ecosystem that would allow consumers to use any verification system and have it work seamlessly across any site.

Such a system would be able to verify that you’re old enough to buy wine online or that you qualify for a student discount, without necessarily sharing all your personal information with each site, says Jim Fenton, Chief Security Specialist for OneID, an Internet identity management system. And it would allow you to operate pseudonymously, if you chose.

But the wheels of government churn slowly. Last month [August 2012] the NTSIC’s steering committee held its first meeting. Among the issues it will eventually have to tackle are how much information is shared between parties and how much control consumers will have over that information, says Fenton, a member of the steering committee’s privacy group.

In other words, help is on the way, but it won’t get here soon. In the meantime, we’re stuck with passwords. And that sucks.

This article originally appeared in a different form on PCworld.com.

Cool graphic courtesy of GeekBeat.tv.

Is Facebook on its death bed?

fb coffinOk, I admit: The question that serves as the headline for this post seems on the surface a bit absurd, if not downright crazy. Any day now Facebook is likely to announce its 1 billionth member, giving it a population more than three times that of the United States. And it has barely scratched the surface in many developing countries.

According to Internet World Stats, Facebook has less than 200 million members in Asia, about 110 million in South America, and only 40 million in Africa. Plenty of room for growth there. So what’s my problem?

The reason I ask if Facebook is dying is simple: It’s because my kids have pretty much stopped using it. Just the other day my 16 year old son told me he rarely logs in, because he’s tired of other people’s whiny status updates. He’d rather spend his time surfing Reddit or Stumbleupon (when he’s supposed to be doing his homework, naturally). In other words, he’d like to do his own random discovery, rather than rely on his Facebook friends to do it for him.

My 13-year-old daughter, a much more social creature, was all over Facebook for the first two years she was on it. She has at last count at least three accounts, possibly more, which she uses for different purposes – some of them just to play those stupid spammy Facebook games and quizzes.

But lately she has discovered Tumblr, where she can build her own blog and find others that interest her – without getting all this stuff she doesn’t care about pushed at her by her parents, relatives, and assorted friends. (I am already banned from ever commenting on anything she posts; I can lurk, but I’m not allowed to “Like.”)

In other words, the generation that follows Gen Z (for Zuckerberg) has grown disenchanted with the very nature of Facebook. And I gotta say, I’m starting to see their point.

More and more when I am bored and looking for distraction on the Web I go first to Twitter. Last night, for example, I spent a ridiculous amount of time following the #47percent hashtag and all the snark that erupted from Mitt Romney’s “off the cuff, inelegant” comments about the half of America he apparently detests.

I was using my iPad, whose Twitter app is far superior to the Twitter.com experience (and miles ahead of any mobile app Facebook has ever extruded). It let me quickly view links without having to launch my browser or leave the app. So I spent a solid hour skimming through tweets and pulling up articles as they piqued my interest.

twitter ipad app

Contrast that to Facebook, which at the same time fed me a stream of people’s photos of their dogs, gardens, fashion shows, and the like, sprinkled in with occasional political polemics. A search for “47 percent” there pulled up way fewer results and was far less satisfying.

In other words, on Twitter I can find the stuff I’m interested in. On Facebook I can only see the stuff other people are interested in.

From a privacy standpoint, Twitter is much more transparent in how it operates. Anyone can follow you, and if you tweet something in public, anyone can see it. As my tweep @jimfenton points out, “Facebook gives the illusion of privacy but doesn’t deliver it.”

I might also add that Twitter generally fights for the right of its members to stay private, even if it doesn’t always win. I can’t recall a single high profile case where Facebook put itself on the line protecting its members. Am I missing something?

So for me, I’m finding myself spending less and less time on the Big Blue Brother, and more time chilling at 140 characters a clip. My kids are moving on, too. Which makes me wonder: What about you? Has Facebook jumped the proverbial Squalus carcharias for you, too?

This post originally appeared on ITworld.

Facebook coffin photo from Dvorak Uncensored.

Auto Robotica: What will we do when our cars are smarter than we are?

jetsons-car,jpg

Last week I had the pleasure of attending the IFA 2012 consumer electronics show in Berlin as a guest of the IFA organizers. When not drinking Pilsner and eating bratwurst I managed to squeeze in a panel on the future of the car, featuring representatives from Ford, Microsoft, Inrix (the leading provider of aggregated traffic data to onboard GPS systems), and TuneIn Radio, makers of a music app for cars. I also interviewed Pim van der Jagt, a managing director for Ford Europe.

Bottom line? In a few short years our cars will be connected and talking to each other. They will also be able to collect vast amounts of data about who we are, where we go, and what we do. Some of these things will undoubtedly make our vehicles much safer; some may erase what little roadside privacy we have left.

This is more than just Jetsons-like fantasy. Last month the National Highway Traffic Safety Administration (NHTSA) and eight major car manufacturers launched a year-long test of car-to-car communications in Ann Arbor. Some 2800 cars, trucks, and city buses have been equipped with gear that will broadcast their size, speed, and location to each other as they roll down the road, using a special band of WiFi spectrum reserved for vehicle-to-vehicle communications. If another car gets too close or a pedestrian suddenly steps into the intersection, drivers receive an alert and can react accordingly.

Some 70 percent of all accidents can be avoided if cars are networked, says van der Jagt. But that’s really just the beginning. Technology already exists that would allow your car’s computer to take control of the brakes and accelerator to avoid a collision, or to moderate the speed of each car to keep traffic flowing. And while we’re still a long ways away from being able to climb into the backseat and take a nap while our cars drive us to our destination (sorry Google Car fans), systems that can take the wheel during certain situations – like when stuck in bumper-to-bumper traffic — are likely to appear much sooner, says van der Jagt. The only question is whether drivers would be willing to hand the wheel over to their computer.

Because the cars in the Ann Arbor test only need to know the location of other vehicles within 300 meters, there’s no need to connect to the Internet or record your car’s location, says van der Jagt. And since the system doesn’t collect any data from the car’s registration or VIN, there’s no way for Ford or anyone else to know who you are and where you’re going, he adds.

But that’s just one aspect of the connected car. The car of the future will also be personalized. It will be able to tell who just climbed behind the wheel and adjust the seats, mirrors, environmental controls, and radio stations accordingly. Using your smart phone, it will be able to connect to your data in the cloud, download your Outlook calendar, remind you about your next meeting, calculate when you’ll get there, and send an email to other attendees if you’re running late. It will know the music you like to listen to, the routes you like to take each day and how fast you drive to get there. Van der Jagt says Ford is even working on sensors built into the seats that can monitor your heart rate to determine if you’re about to fall asleep at the wheel or just had a heart attack. For those features, the car (and its various mobile service providers) will definitely need to know who you are and where you are.

The question then becomes, what happens to all this data? At this point, Inrix collects all its traffic data anonymously, and Ford and Microsoft’s philosophy is the customer owns the data. But exactly what that means is unclear. Are identity and location data stored, and if so, by whom and for how long? What other entities will have access to this information? Will the cops demand this data in order to nab speeders? And what about companies that want to monetize that data – like an insurance company that offers discounts for good drivers while penalizing those who put the pedal to the metal on a semi-regular basis, as Progressive Insurance already does via its “black box” electronic data recorders? What’s to keep a mobile service provider from selling that data to the highest bidders?

We’ve already seen what happens with cell phone data that’s collected by the wireless companies: Police made more than 1.3 million requests for location data last year alone, roughly two thirds of them in non-emergency situations. It was up to the wireless companies’ attorneys to determine whether those requests would be honored and their customers’ location data shared. Federal courts have recently ruled that sharing such data without a warrant is not a violation of our Fourth Amendment rights against unlawful search and seizure. And while commercial use of location data is still in its infancy, in part because wireless companies fear a privacy backlash, that won’t last forever. That data too could be a target of law enforcement requests.

If the tests in Ann Arbor prove successful, car-to-car networking is likely to be mandated by NHTSA – and may appear in cars as early as 2018. The notion of cloud-connected cars is less certain, but also seems inevitable. The question will be whether we will gain the legal right to control how our car data is used, or if the mobile service companies will be the ones with their hands firmly on the wheel.

This post originally appeared on ITworld.

Tangled Up in Google+ Blues

bob dylan google plusI first noticed the problems about a month ago. I tried to promote a TY4NS blog post on Google Plus but nothing happened when I clicked the G+1 button. I figured it was probably a glitch in the plug-in code. I have an attention span of about 4.2 seconds for this sort of thing, so I just moved on.

A few days later I got an Gmail message and decided to add the sender to one of my G+ circles. But Google wouldn’t let me. Another glitch, I figured.

But when these things kept happening to me, I overcame my ADD, bypassed the icons and went directly to my account page. Three days ago I discovered the ugly truth. Google+ had suspended my account.

I felt bereft, lost in the wilderness, a creature void of form. I was burned out from exhaustion, buried in the hail, poisoned in the bushes and blown out on the trail. (Sorry, when I get anxious I start channeling Bob Dylan lyrics. It’s a musical form of Tourettes.)

What exactly had I done to deserve this? That notice wasn’t much help. Either I had somehow violated G+’s Names Policy, which requires I used my “common name,” or I had broken one of the rules in the G+ terms of service.

The Names thing was a nonstarter. My G+ name is my name – Dan Tynan. Had I used Dan T., or Danny Boy, or the Tynan the Terrible as my account name, I could understand why they pulled it. But I didn’t. (Ironically, among all the social media sites I frequent, my G+ profile is the most complete and accurate.)

So was it something I said? Google’s User Content and Conduct Policy forbids a wide number of possible offenses: promoting dangerous acts, transmitting malware, engaging in hate speech, revealing confidential information (a la Guy Adams and Twitter), hijacking accounts, exploiting children, spamming, dirty SEO tricks, impersonating other users, promoting drugs or guns, and bullying.

I scored a big fat goose egg on all of those. The only thing left that could possibly have triggered it: I had G+1’d a couple of stories from my NSFW sarcasm site, along with something with a naughty word in it from The Oatmeal. That could conceivably fall under the rule prohibiting “mature or offensive content.”

My sarcasm site had already been booted out of the Google Adsense program because we had the temerity to post R-rated photos of scantily clad lasses, though not unlike anything you’d find in Maxim or Sports Illustrated’s swimsuit issue. And we were occasional potty mouths (though we’re punters compared to what mainstream pubs like Wired have done with the F word).

The problem with that theory: My partner in snark, JR Raphael, has posted many stories from eSarcasm without penalty. Even more: He was for a time one of G+’s recommended users, most likely because of his Android Power blog for Computerworld; he currently has something like 900 gazillion followers. And Matt Inman, creator of The Oatmeal, has his own extremely popular G+ profile, so that couldn’t be it.

My third theory: Google bots have gone rogue. I think the software G+ uses to spot offending accounts is turning up a lot of false positives, resulting in people getting accounts suspended for no reason whatsoever.

A search for ‘Google account suspended’ turns up hundreds of examples much like mine. This happened a year or so ago, too, but back then it was linked to a purge of people using pseudonyms. These ousters seem to be completely random.

Like this one:

I have an account suspension although my name matches my payment information registered with Wallet and other products. Seems that the left hand doesn’t know what the right is doing. Should be very easy to verify one’s LEGAL NAME when you have their credit card information on file with your company already.

Despite the fact that I finally broke down and submitted a copy of my driver’s licence, I am STILL SUSPENDED and three appeals denied. At this point I feel like it is discrimination against those with unique names (thanks once again mom).

Or this one:

My personal Google+ account is suspended that I have spent a year networking on with past clients, friends and colleagues all over the United States with mutual interests.  Why?  What kind of dictatorship is this without fair warning as to the suspension ?  Am I a freakin’ mindreader?  I was an early adopter of Google+ and all my sharing with friends and family are part of it.

Or this one:

My Google+ account has been suspended for weeks!  Picasa is the slideshow on my website & potential clients can not see my photos – this is having a negative effect on my business! I have gone in & removed all my posts, information, photos & changed the name on my profile. I am at a loss.

The good news is that I asked G+ to review my suspension, and a couple of days later my account got reinstated. But I’m one of the lucky ones. Some people on Google’s Product Forums say they’ve been waiting months for reinstatement.

Quite innocently, I asked Google’s PR team if they could come up with an explanation as to why this was happening. They said they could not answer questions about individual accounts (though I asked a broader question than that), and sent to me to an amazingly unhelpful page with even less information than what’s on that notice above.

What can I say? I offered up my innocence and got repaid with scorn.

Here’s the important part: I was locked out of Google+ for a month, and I didn’t really miss it. Had I been locked out of Twitter, or Facebook, or even Quora, for godsakes, I would have. That bodes really badly for Google’s hopes and dreams for G+, I think.

If you’ve got a marginal social media service and you’re trying to compete against the big guys, the last thing you want to do is alienate your core users by arbitrarily booting them and then ignoring their pleas for help. Yet that’s exactly what Google seems to be doing.

No shelter for G+ users here, and no salvation either. Just a lethal dose.

This post originally appeared on ITworld.

Once something sticks to the Web, how do you get it unstuck?

web-stuckA few months ago I got an email from a woman about a story I’d written nearly three years ago. To protect her privacy I’ll call her Samantha Sugarlips.

In that story, which I’d written for my somewhat more sarcastic blog, I mocked this woman for posting photos and other personal information to Facebook, then turning around and suing the social network for allowing other people to view them. At the time it seemed like nothing more than a desperate attempt to generate publicity for Samantha, an aspiring actress, especially given the fact that she had posted similar photos to her own Web site as well as to MySpace. (As it turns out, the real story is quite different — but that’s a topic for another time.)

My blog post was hardly the only one to talk about the suit, but I had a bit of fun at her expense and included some of the photos available on her other pages. Those photos, with links to my story, kept showing up in Google Images whenever anyone searched on her real name. Now Samantha was writing to me to ask if I would please remove that post, as she was embarking on a new career and my story could prove embarrassing if not outright damaging to her reputation.

I thought about this for a bit before agreeing. If I had written a straight news story, and if Samantha had been a public figure, I probably would have declined. There’s a long history of people in power trying to erase or distort the past, and that’s not something I can endorse. That’s one reason why no amount of gentle persuasion is likely to convince news sites to remove those stories about her. But this was a silly story that was well past its pull date and of no importance to anyone but Samantha — and it seemed quite important to her.

I compromised by leaving the story in place but redacting her name where it appeared. I replaced most of her photos with pictures of adorable kittens. I removed any tags that included her name and changed the filename for the one photo I kept of her where I had obscured her features. I submitted a request to Google asking them to remove the old page from its cache and created a new URL for the redacted story. I told Samantha that it would be a while but eventually Google would drop the story featuring her name and photo from its cache and replace it with the redacted one. I thought my work was done.

I was wrong.

Recently Samantha wrote to me again, telling me she had Googled her name and found an unredacted copy of my story on a very popular Web site. And of course she had — I had posted it there, in order to drive traffic, and then totally forgotten about it. Oops. I wrote to that site and explained the situation. Within an hour they had removed it. (Though it’s still in Google’s cache as I write this.)

But Samantha still wasn’t out of the woods. Searching for her name and the name of my site produced a number of other hits that were largely out of my — and her — control. For example, I had left a comment on a popular tech blog linking back to my original story. I tried to remove that comment recently and could not, because that blog had dumped its old commenting system in favor of Facebook more than a year ago. A Google search on Samantha’s real name still points to the redacted story, even though her name cannot be found there, most probably because of this link and others like it.

Among the others:

* Some bot-driven online dictionary had a “definition” for her real first name and used the title of my story as part of that definition.

* A tech news publication in the IDG family linked to that story and quoted a piece of it containing Samantha’s last name.

* Someone in Yahoo Answers had linked to the original photo of Samantha on my blog in response to a question about male strippers. The link no longer worked, but it still had her name in it.

* A XXX image-sharing site featuring some truly nasty male enlargement ads had scraped one of the original images of Samantha’s G-rated Facebook profile that I had captured and reposted it for reasons unknown. (I emailed the address on the DNS record for this site, asking for it to be removed; 12 hours later it was gone. Even I am amazed at that.)

The good news is that Samantha is a smart cookie. She knew that the best way to bury bad news online is to replace it with good news. So over the last two years she created a ton of profile pages on social sites like Flickr, Vimeo, YouTube, Facebook, LinkedIn, Tumblr, and About.me, to name a few, and managed to get them ranked higher by Google than the news stories about her unfortunate law suit.

How did she manage that? By continually creating new content and uploading it to each of those sites. This is something companies like Reputation.com charge megabucks to do for people whose online reputations are in tatters. Samantha was doing it all on her own.

The other smart thing Samantha did was ask politely. Many people in her situation would have been angry and made demands, or worse. I’ve had a few lawyer threats thrown at me lately, and I can tell you that’s probably the worst thing you can do to a journalist — 99 percent of the time it backfires. Samantha’s request was so simple and reasonable it was hard to ignore. Had she come at me with guns blazing, I might not have been so willing to accommodate her.

The lesson here? Once something sticks to the Web it’s very hard to get it unstuck, thanks in large part to bots and other algorithms that operate independently from humans. Things take on a life of their own. And though Samantha did better than most at cleaning up was was ultimately not a very big mess, she couldn’t get to all of it.

The good news is that this incident has not impacted her new career, and with luck it never will.

It’s a cliche, but it still bears repeating: Before you do anything in the public arena, think long and hard about how your activities are going to play out on the Web. Don’t post anything stupid or do anything silly online just for attention — and don’t let your friends catch you in the act and share it with the world, either. One day it could come back to bite you. Trust me.

This story originally published at ITworld. Cool graphic found at Getoutofstuck.net.

Dear Silicon Valley: We are not for sale

Not For SaleBill Davidow has a great essay over at Atlantic Wire, the electronic version of the 155-year-old magazine, that should be required reading for every would-be entrepreneur and venture capitalist on the planet. Really, for anyone in the tech game.

Davidow has quite the resume. He started with GE, moved to Hewlett Packard in 1965, and then Intel. He’s a consultant, executive, book author, and venture capitalist with a PhD in electrical engineering from Stanford. He was making multi-million-dollar deals when Mark Zuckerberg was still making poopy in his Pampers.

So yes, he’s a graybeard, schooled at the feet of giants, who’s seen quite a bit of Silicon Valley history in his day. And what he sees today appalls him. In the essay titled “What Happened to Silicon Values?” Davidow takes today’s tech giants to the woodshed for treating their customers like dirt. He writes:

Over the past five decades… I’ve become increasingly concerned about one thing that is seldom discussed: the valley is no longer as concerned about serving the customer, and even sees great opportunity in exploitation. We are beginning to act like the bankers who sold subprime mortgages to naïve consumers.

Ouch. And yet, not entirely undeserved. Davidow scolds nearly all of the big boys  — Amazon, Apple, Comcast, Facebook, Google, Microsoft, Twitter, Zynga – for treating us like so much natural gas buried in the shale just waiting to get fracked.

Davidow blames greed, of course, as well as a two-tiered stock ownership system that allows the founders (and their VC benefactors) far too much control over the company. He also notes a sea change in how Silicon Valley operates. Back in his early days, tech companies sold mostly to industrial firms who spent millions of dollars with each vendor and had an equivalent amount of influence.

Today many Valley firms market to individuals, who have much less sway. Collectively, high tech companies need us; individually, not so much.

It gets worse. Because tech markets crave standardization, they tend to create monopolies, which in turn lock consumers into a product or a company. Disgruntled customers find it harder and harder to walk away. Per Davidow:

Lock-in creates dominant players — witness Google, Facebook, Microsoft. And in this monopoly-driven environment, customers get exploited. Microsoft forces them to upgrade to expensive, overly complex, and bug-ridden software.

Apple controls our virtual landscape, bounded by iTunes to the north, the iPhone to the south, the iPad to the east, and the iPod to the west, giving it increasing power to deprive customers of choice. It exercises that power aggressively. Google appears to have a culture that condones shamelessly violating consumer privacy.

I know this first hand; I recently decided to try using Bing as my browser home page instead of Google, but quickly abandoned that idea. Why? Because nearly everything else I use every day in my work life – email, calendar, blogs, etc – are all Google products. I wasn’t willing to switch wholesale, but it was too much hassle to get from Bing to all those services starting with the letter G.

But mostly, it’s a failure of attitude in the minds of Valley CEOs. It’s the notion that customers are simply natural resources to be mined and then discarded, an approach that borders on contempt. Davidow writes:

It is hard to believe that Dave Packard or Andy Grove would ever tell a group of entrepreneurs that he did "every horrible thing in the book to just get revenues right away," or brag to trade publications that his company used behavioral psychologists to design "compulsion loops" into products to keep customers engaged. But Mark Pincus, the founder of Internet gaming giant Zynga, has done just that.

Solutions? Davidow has none. As long as the market rewards this kind of behavior, it will continue. But I think companies can learn. We’ve seen it with Microsoft. Humbled by its continued failures in the mobile arena, it’s no longer the haughty our way-or-the-highway company it used to be back in the late 90s. We’ve seen it with Facebook, which has gotten backhanded by its customers (and the FTC) on several occasions where it took a few too many liberties with our data. Apple isn’t quite the closed-wall company it used to be, though that transition is slow in coming. Google, on the other hand, seems to be getting worse.

(And as for Zynga, personally I hope it and its CEO go down hard and don’t get back up. It’s hateful in every way. But I digress.)

Overall I think Davidow nails it. The question now is, what can we as consumers do about it?

Originally published at InfoWorld

Samsung building its own ‘Facebook Killer’? Yeah, and I’m Justin Bieber

sambook(1).jpgThe rumor that Samsung building its own Facebook killer social network has been circulating on the InterWebs – or at least it was, until Samsung shot it down early this morning.

It started with a Korea Times article published two days ago about a Samsung product called “Family Story” that was allegedly referred to within Samsung as “Samsung Facebook.” Family Story is a way for users of Samsung products to share photos and other content between their Samsung phones, cameras, Blu Ray players, Smart TVs, and Smart refrigerators (yes, really). 

That Korea Times story – or rather, its English language translation – found its way onto the Boy Genius Report, a rumor blog not known for its assiduous fact checking. Fox News picked up the BGR story from there, and the Internet rumor mill was off to the races.

My guess is that something got lost in the translation between the Korean language version of that KT story and the English one.

I had the pleasure of touring Samsung’s headquarters and manufacturing facilities as a guest of the company a few years ago. It was fascinating insight into both the culture of South Korea and of the company itself, which are closely intertwined. And I learned a few things that would make me instantly suspicious of a story like this one:

1. Samsung makes everything.

We only see some of the products they build over here, but in South Korea they are a vital part of virtually every industry, as well as accounting for nearly one quarter of all Korean exports.

I’ve never seen a single company play such a huge role in a country’s economy. It would be as if GM or Exxon accounted for a quarter of our Gross Domestic Product. I felt like I wasn’t visiting the Republic of South Korea, I was visiting the Republic of Samsung.

True, Samsung also likes to design its own software and services – like Family Story. But what they don’t do is compete head on with other makers of software services. (That sounds like something Sony would do, and do badly.)

Samsung’s in the manufacturing biz. They build software and services to complement their devices and make them more useful. Period.

2. Samsung works with everyone.

Well, everyone except their fierce Korean rival, LG Electronics. They make tons of Android phones for every carrier, they make Windows phones, they make phones running their own mobile OS, and despite the patent litigation currently raging between them and Apple, they make key components of every iPhone and iPad.

I would not be at all surprised to find out that Samsung was building a version of the “Facebook phone” that’s been kicking around the Webbernet rumor mill for the last three years. That’s another reason why Samsung wouldn’t want to compete directly with Facebook – they would rather have FB’s hardware business.

3. Samsung is intensely secretive.

Samsung, and the South Koreans in general, take security and privacy extremely seriously. On my visit we were not allowed to take any photos that included any part of any Samsung building, lest we turn out to be industrial spies. I was forbidden to take a photo inside the Samsung Museum of a TV+Microwave device they invented in 1970. They make Apple look like Chatty Kathys.

Samsung employees are forbidden to even name their competitors in conversation. The names of rival companies are blacked out in the Powerpoint slides they present to reporters. I met with the VP in charge of their printer division, who had the temerity of mentioning the two initials for worldwide leader in printer manufacturing in casual conversation. He was, I was informed later, disciplined for that infraction.

So the thought that some Samsung executives were casually chatting about an upcoming Facebook rival with a KT reporter is frankly laughable. It’s much more likely they were chatting about the already announced Family Story product, which may well be called “Samsung Facebook” internally. That’s not at all the same as building their own social network.

4. Samsung isn’t stupid.

You don’t get to be a $220 billion giant or dominate so many industries – TVs, home appliances, phones, cameras, printers — by doing stupid things. Launching a brand new social network to compete head on with Facebook’s 900-million subscribers would be unbelievably dense.

Yes, Google felt compelled to launch G+, but then it’s competing directly with Facebook for advertising dollars – it had to play in the social recommendations space or get left behind. Microsoft felt compelled to develop So.cl for the same reason.

Samsung isn’t in the online advertising industry. There is no point in it trying to compete there. And anyone who knows anything about the company will tell you that. Unless of course you’re only interested in stirring up juicy rumors to generate traffic.

Sambook image courtesy of VR Zone

This post originally appeared on ITworld.

Dear Google: WTF?

google-voice-logoAs a general rule, when it comes to doing things smarter or better than everyone else, Google kicks ass. Sure, there are some notable faceplants. Google Buzz? Google Wave? Even Google+ isn’t exactly a world beater.

But in general, working at Google = genius, more often than not. With one enormous exception: transcription services for Google Voice.

I have a Google Voice number, and when I don’t pick up, Google records a message and then emails a speech-to-text transcript of the message. At best, these transcriptions are barely decipherable. Sometimes they enter the world of high comedy.

Take this recent message I received:

Hi Dan, My name is Amanda keep on calling for the new company and he A T I was a miserable dotcom. I saw your recent article high tech gadgets a death in God and I want to reach out to you and submit a product for your review from the company either the need. That’s going the seats. Please feel free to gimme a call back at any time. My number is [deleted]. Alternatively, My email is a page at our field group, dot, com and I’ll talk to you about the Pat, Thank so much and have a great day.

There’s something kind of poetic about all of that. Why, yes, now that I think about it, ATI was a miserable dotcom. Are high tech gadgets killing God? That’s a bit of a stretch, but I suppose it’s worth considering.

Really, Google. What are you trying to tell me? That a company with more money than God can’t solve this problem, even though things like Siri handle far more difficult tasks far better?

I think you need to pour a few more of those Google billions into figuring out what people are trying to tell me when they call me.

That’s what I’d call going the seats.

My love/hate relationship with Facebook

good-vs-evil facebook eggs-resized-600

I love Facebook. I also hate it. And sometimes I’m indifferent, but not often.

As the big IPO day looms closer, lots of folks are taking a second look at this thing that started out as kind of a goofy diversion for college kids and has grown into the beast with 900 million heads.

For example, an Associated Press/CNBC poll this week notes that nearly half of Americans believe Facebook is a passing fad. On the other hand, roughly the same percentage don’t. And when you get past the cranky “get off my lawn you damned kids” senior citizen crowd, the numbers zoom upward dramatically. Nearly 60 percent of adults under age 35 think Facebook is a good bet. A stunning 81 percent of them log onto Facebook — most of them do it every day – versus only 21 percent of codgers.

Do the math, and you realize that half of the people who say Facebook is a passing fad have never used it and never will. They will also die sooner than almost everyone else.

How about Facebook’s business raison d’etre, advertising? There things don’t look so rosy either. Facebook itself admitted that ad revenues are not keeping up with its pace of growth, especially on the mobile side. And General Motors made a point of announcing this week that it is pulling its Facebook advertising, calling it ineffective. Ford, on the other hand, is increasing its ad buys on the social network. And brands like Coca-Cola, Starbucks, McDonalds and Wal-Mart are seeing a big lift from their Facebook pages, if not necessarily their ads. Again, it’s a love/hate thing.

The jury is still out as to whether advertising alone will enable Facebook to reach Google-like revenues, or if it will resort to doing other less pleasant things with our data.

On a personal level, I’ve been using Facebook since late 2006, or a few months after it was opened to the general public. At first it was just to mess around with this thing called “social networking,” and most of my “friends” were PR people who were trying to pitch me something. But at some point I actually began to use it in the way that God and Zuckerberg intended. And about a year after that I noticed my friends and family using it too. Even some of the most determined Luddites in my social circles were opening up Facebook accounts, just to see what all the fuss was about.

As someone who spends too much time in front of glowing pixels, the main thing I love about Facebook is that it helps me feel connected. Some might also call that an illusion of connectedness, but I don’t.

I now know, for example, how many of my aging ex-girlfriends are spending much of their time. Strangely, none of them are still pining for me some 20 or 30 years later.

The stories, photos, videos, and other effluvia people post on Facebook give me a window into their psyches, their philosophies, and their politics. Sometimes that’s a good thing, sometimes it isn’t. But every day I’m exposed to stuff I wouldn’t otherwise have seen.

Granted, there are days when I open up my News Feed and think “Who the frak are all these people? I don’t remember friending any of them.” On the other hand, I have made actual “friends” with some of my random Facebook friends. There are people I’ve gotten to know on Facebook whom I really like, even if we have yet to meet in three-dimensional space.

And of course there are total jerks, just as in life. But unlike in life, you can unfriend them with a few clicks. Try doing that with the a-hole in the cubicle next to yours some time. That is also something I love about Facebook.

What I hate about Facebook is its arrogance about user privacy – or at least, I used to hate its arrogance. I think Facebook has actually gotten much much better about this over the last two years. Having been soundly spanked in the media (I got a few licks in myself) and scolded by the FTC and European privacy agencies, Facebook seems to have discovered that it cannot simply do whatever it feels like with the yottabytes of data we have all voluntarily handed to it — regardless of how its hoodie-wearing CEO thinks the world should feels about sharing.

It no longer foists new services or redesigns upon its users in quite the same capricious way as it had in the past. Usually there’s some warning and even a trial phase. Granted, though, if you don’t want to use Timeline you are kinda screwed. Facebook’s apps and tagging policies still mostly suck. And while the privacy tools Facebook now provides are a vast improvement over what it used to offer, they’re still too complicated for most people. There is no easy one-click-way to say “turn off all this annoying crap and share this stuff only with my actual friends, please.” That’s also something I hate.

Facebook posts being used as an excuse to fire employees and or determine your creditworthiness and/or insurance coverage? Gotta hate that too.

As my colleague, Enterprise Windows blogger J. Peter Bruzzese notes, Facebook is most definitely a distraction, especially at work. He advises that IT departments block it. I say, good luck with that. I am reminded of the story of the English King Canute, who sat on the edge of the North Sea and ordered the tides to stay out.

Needless to say, Canute walked home with wet sandals. Apparently that demonstration was his way of saying “See, even an all-powerful king has his limits.”

If people want to use Facebook at work, they’re going to use Facebook at work. And at home, on their phones, their TVs, and anywhere else Zuckerberg Inc decides to put it.

Can you use Facebook in a way that gives you the benefits of connectedness and sharing without your data being used against you? That is a question to which I have no answer. Nor I think does anyone else. But I suspect we’ll soon find out, for better and possibly worse.

Good egg/bad egg image courtesy of Dubin & Lee, corporate headhunters.

This post originally appeared in Infoworld

Cyber security bill is just another gift to the content cartel

communism mp3sJust when you thought it was safe to go out on the Interwebs comes a new effort by Congress to put a snoop on every cell phone and two spies in every cable modem. 

Contrary to what you may have read, the Cyber Intelligence Sharing and Protection Act is not SOPA II. But in many ways it’s worse. 

CISPA aims to beef up our nation’s cyber defenses by allowing government agencies and private organizations to share information about potential threats, even if that intel might otherwise be classified.

Who could possibly object to that? Well, anyone who’s taken a close look at the bill. Thanks to some vague and overbroad language, CISPA as it currently stands would apply to any “theft or misappropriation of private or government information, intellectual property, or personally identifiable information” – way beyond what might logically constitute a threat against this nation.

In other words, CISPA could be used to shut down sites that have published classified information (like WikiLeaks or The New York Times), as well as prosecute individuals for sharing copyrighted content or blowing the whistle on corrupt organizations.

As the Electronic Frontier Foundation notes:

The language is so vague that an ISP could use it to monitor communications of subscribers for potential infringement of intellectual property. An ISP could even interpret this bill as allowing them to block accounts believed to be infringing, block access to websites like The Pirate Bay believed to carry infringing content, or take other measures provided they claimed it was motivated by cybersecurity concerns.

According to CISPA, Uncle Sam could enlist the help of your ISP, wireless carrier, Google, Facebook, or any other private entity to identify cyber threats, and you wouldn’t be able to sue these entities for violating your privacy so long as they acted “in good faith.”

TechDirt’s Leigh Beadon digs a little deeper:

CISPA states that the entity providing the information cannot be an individual or be working for an individual, but the data they share (traffic, user activity, etc.) will absolutely include information about individuals. There is no incentive in the bill to anonymize this data—there is only a clause permitting anonymization, which is meaningless since the choice of what data to share is already voluntary.

You say you live in a state whose laws prohibit some of these abuses? Sorry Charlie, CISPA would preempt them.

Your only protections against abuse: Yearly audits by the Privacy and Civil Liberties Oversight Board. What, you’ve never heard of the PACLOB? That may be because its five slots have been empty since 2008, following accusations of White House censorship. Over the last two years President Obama nominated candidates to fill each of those slots, but they have yet to be approved by the Senate.

A blank check for private companies and the Federal government to trample the Fourth Amendment, with annual oversight provided by ghosts? That sounds like just the kind of brilliant idea our benighted Congress is likely to endorse.

A clue to what this bill is really about can be found in the first paragraph of a press release from the House Select Committee on Intelligence boasting about CISPA’s broad bipartisan support:

“Over 100 Members of Congress are supporting the Cyber Intelligence Sharing and Protection Act (H.R. 3523), which helps protect American businesses and jobs.”

Since when is a “cyber security” bill supposed to be about jobs? Small wonder that companies like AT&T, Microsoft, IBM, Facebook, and Verizon have all publicly endorsed it. (Apparently the RIAA and MPAA decided to sit this one out.)

CISPA sailed through committee and may come up for a House vote before the end of this month. Don’t like the idea? The EFF has set up a handy form where you can send an email opposing the bill to your local representatives. PopVox has set up a page where you can express your support or opposition to CISPA. That probably won’t have any effect on Congress, but it might make you feel better.

If Uncle Sam wants to keep foreign intelligence services from hacking our computer infrastructure, I’m all for it. But throwing yet another bone at the content cartel while calling it a “security” measure isn’t going to cut it.

This post originally appeared on InfoWorld.

Cool faux poster courtesy of The Desert Lamp.

Sleazy to the Max

tucker max planned parenthood jezebel

Uber frat boy turned best-selling author Tucker Max caused a kerfuffle in the blogosphere last week after he offered $500,000 to Planned Parenthood if they agreed to name one of their clinics after him.

The 36-year-old Max, successful author of ribald chronicles featuring drunken sexual conquests and female humiliation, does not exactly occupy the top slot on NOW’s list of Most Cuddly Male Feminists. Smelling a publicity stunt, PP said we’ll try to muddle along without your half mill Mr. Max, thank you very much.

Given some of the things Max has said about Planned Parenthood on Twitter (“In South Florida. This place is awful. Shitty design, slutty whores & no culture, like a giant Planned Parenthood waiting room”), that’s reason enough to reject his “generous offer” in 140 characters or less.

The offer, and subsequent rejection, happened last August. Last week, however, Forbes ran a splashy story about how Max had generously offered 500 large to PP only to be rudely rebuffed. Written by Max’s publicist, 25-year-old Ryan Holiday, the post ignited a storm of debate in the blogosphere over whether the cash-strapped nonprofit should have choked down the vomit welling at the back of its throat and taken the money. In fact, it probably generated more attention for Max than if PP had simply said yes.

Interestingly, the post happened to coincide with the recent release of Max’s new book, in which he renounces his hedonistic womanizing past (because 36-year olds who still act like frat boys are just pathetic). Here at Tynan Writes we are shocked — shocked I tell you — to discover this blatant media manipulation. Or perhaps not.

As the New York Observer’s Emily Witt reported last November, manipulating the blogosphere is Holiday’s stock in trade. Witt was sent a copy of a pitch letter Holiday was circulating among New York publishers trying to sell them on a book about his illustrious if brief career titled “Trust me, I’m Lying.” In it, Holiday detailed some of the strategies he was planning to use to boost coverage of his book:

Relying on the fact that blogs and media outlets simply take for granted whatever is stated in a release, we will state in the press release that the advance given for this book was a spectacular sum. Blogs covering publishing and media will instantly pick up on the fact that a first time author was paid such an exorbitant amount. Combined with Ryan’s experience working with bestselling authors, this will immediately put the book on the radar of the media elites.

Did this work? You betcha. Gawker took the bait, as did Media Bistro’s GalleyCat blog and a handful of others. But wait, it gets better. Holiday also planned to leak fake excerpts that were “too controversial” to appear in the book, and intended to goad some of the biggest names in the blogosphere into a flame war (while secretly tipping them off ahead of time, so they’d have a chance to stock up on napalm):

[My book] will use the sensitive egos of bloggers against themselves. …This book levels direct charges and serious accusations of wrong doing. It names names. Those names make up some of the biggest and highly trafficked sites on the web: Politico, Jeff Jarvis, TechCrunch, Michael Arrington, Ariana Huffington, Mashable, Gawker, Business Insider, Nick Denton and others. Each one of these names will be surreptitiously notified of these embarrassing revelations in advance and baited into responding. So will their competitors. We can expect their angry reactions and protests to drive serious attention and awareness of the book.

It seems like only the Atlantic Wire’s Alexander Abad-Santos is asking the right question – which isn’t “Was Max sincere?” or “Should PP have taken the money?” The right question is, Why did Forbes publish this piece of promotional garbage from a self-professed liar?

Forbes has some first-rate writers in its stable. Andy Greenberg, Kashmir Hill, and Jeff Bercovici in particular are all top notch. But sitting right next to them, indistinguishable in every way to the casual reader, are “contributors” like Holiday. And he’s hardly the only one with a political or promotional agenda who’s been given free reign to blather under the Forbes banner.

Unfortunately the answer is far more depressing than the question: Forbes publishes people like Holiday because this content a) is free, and b) draws traffic like flies to shitake mushrooms (assuming the shitakes are grown in manure). It’s sad to see a once-proud publication like Forbes stoop to this, but the practice is more common than you might think.

I was chatting with a PR consultant a few weeks ago whose main business is creating prefab content for Web sites. Often she or one of her minions will ghost write a story, slap the name of one of her clients on as author, and get it placed on prominent news sites alongside actual posts by real reporters. The story invariably mentions her client in a not unfavorable way, along with links to the client’s site to boost its search engine mojo. The alleged news site usually publishes the story without noting any conflicts. She mentioned a few of the sites that have run her stories without so much as a hiccup; I won’t name them here, but you’d recognize some of them.

“Some of the sites even offer to pay me, if you can believe that,” she said. “I tell them that’s ok, we’re good.”

About once every couple of weeks I get approached by PR people offering to place a story in one of the various venues I write for. Even though that decision is well above my pay grade, I tell them no thanks, the publications I write for don’t do that – yet. But I suspect that this policy is becomingly increasingly quaint.

After PP turned Max down, PETA — which knows a thing or two about splashy publicity stunts — offered to take him up on his offer. They said they’d use the $500,000 to pay for a mobile pet clinic featuring his face and the words “Fix Your Bitches! The Tucker Max No-Cost to Low-Cost Spay and Neuter Clinic.”

This time it was Max who refused, noting among other things that PETA is opposed to hunting, one of the things Max apparently does when he’s not busy hurling all over his latest one-night stand.

See? The man does have standards after all. Wish I could say the same for the sites that give him a free ride.

Photoshop of Mr. Max outside PP courtesy of Jezebel.

Privacy after 9/11

1984-movie-big-brother

Last week I was in Germany, as a guest of the IFA Berlin consumer electronics show. That means, of course, that I had to perform the airport security samba. I took off my shoes and my belt; stuffed my watch, keys, cell phone, and loose change into the pockets of my jacket; took my laptop and my tablet PC out of my backpack; and placed them all into gray plastic bins on the X-ray machine’s conveyor belt. (I’d already removed the Swiss Army Knife from my bag and drank or dumped any bottles containing more than three ounces of liquid.)

Then I stepped into the scanner, turned sideways, and did the “hands up” pose. Lord only knows how much of me the TSA agent saw. (I don’t envy them that job.) When I stepped out I got wanded to make sure I wasn’t hiding something under my clothing. At the end of the line I collected everything, put myself back together, and moved on – leaving the TSA and my fellow passengers reasonably assured I was not carrying box cutters, shoe bombs, or incendiary devices in my underwear.

This is the world we live in after 9/11. It’s not a huge sacrifice to go through airport security. I’m happy to do it, despite my suspicions that it is mostly just National Security Theater, designed primarily to reassure us that the government is doing more to protect us now than it was 10 years ago.

9/11 was many things – an enormous national tragedy, a huge wake-up call, a time when this country felt truly united, if only briefly. But it also marks the unofficial birth of the National Surveillance State.

This is a topic for a book, or even a series of books, not a blog post. So I can only touch on a handful of ways 9/11 has changed our notions of privacy. The first one being the Patriot Act.

This massive piece of legislation, passed by an overwhelming majority of Congress virtually without debate, broke down bureaucratic barriers between law enforcement and intelligence gathering agencies, letting them collaborate in the hunt for terrorists. But it also turned our 4th amendment protections against unlawful search and seizure on their ear.

Peter Swire, a professor at the Moritz College of Law of Ohio State University and former top privacy official in the Clinton administration, says the Patriot Act took reforms to law enforcement that had already been proposed by the Clintons and stripped out all the privacy protections.

A month after the attacks Swire wrote an Op Ed for the Atlanta Journal Constitution in which he said, in part:

While [the Patriot Act] sharply expands how government can wiretap e-mails and Web surfing, it provides no remedy if officials  exceed that authority. It also breaks down the wall that once separated foreign intelligence-gathering from domestic law enforcement, without creating new safeguards to replace those it removes…. there are strong reasons to support new surveillance
powers. But we should stay keenly aware that we are repealing
safeguards created because of previous abuse.

What happened next?

“Sneak and peak” searches conducted on suspects’ homes prior to obtaining a warrant. National Security Letters demanding to know what books certain library patrons had checked out or to see the health records of employees. Warrantless wiretapping by the NSA. And for some, renditions, torture, and detention without trial.

A June 2005 report by Washington Post reporters Dan Eggen and Julie Tate showed that more than 80 percent of the then-400 cases where Patriot Act rules were invoked were unrelated to terrorism.

An analysis of the Justice Department’s own list of terrorism prosecutions by The Washington Post shows that 39 people — not 200, as officials have implied — were convicted of crimes related to terrorism or national security…. But a large number of people appear to have been swept into U.S. counterterrorism investigations by chance — through anonymous tips, suspicious circumstances or bad luck — and have remained classified as terrorism defendants years after being cleared of connections to extremist groups.

Some elements of the Patriot Act have expired, others have been found unconstitutional by the courts, but much of it remains on the books today. Supporters will of course invoke the “it kept us safe” argument. The problem with that argument is that it’s impossible to prove. Or rather, you could use it to prove anything that didn’t happen over the last 10 years. A Martian invasion, for example. There’s correlation, of a sort, but no causation.

We can, however, demonstrate what it did to our Constitutional rights.

The second big effect of 9/11 is the explosion in data mining and surveillance. When I flew to Berlin last week, my name was checked against that Kafkaesque No-Fly list of possible terrorists. My passenger name records were almost certainly entered into some kind of database, along with credit reports, supermarket shopping records, employment histories, health records – and no doubt my Facebook friends, groups, and likes – to determine if I fit the profile of a terrorist.

A massive December 2010 report by the Washington Post (again) details the massive National Surveillance Industrial Complex that has grown up since 9/11. Nearly 4,000 separate counter-terrorism organizations have sprung up, from international intelligence gathering groups to local law enforcement, all keeping a close watch on you and me.

Their job is to find the bad guys before they do something bad. The problem is that it’s too easy to make incorrect assumptions and target the wrong people – or for bad actors to abuse the system and target people for the wrong reasons.

Government spying didn’t start with 9/11, but the events that day accelerated their efforts, offering blanket justification and unlimited budgets.

There’s always been some kind of tradeoff between security and privacy. You want the police to be able to bust down your door if there’s an attacker inside; you don’t want them to be able to come in any old time they feel like snooping around.

I believe after 9/11 we tipped too far in one direction; the question still remains whether we can ever regain our balance.

ITworld TY4NS blogger Dan Tynan wishes you all safe travels on this weekend – and any other time. Visit his eHumor site eSarcasm or follow him on Twitter: @tynan_on_tech. For the latest IT news, analysis and how-to’s, follow ITworld on Twitter and Facebook.

This post originally appeared on ITworld.

Big Brother image found at GadgetCrave, of all places.

Steve Jobs: The man and his muse

Steve-Jobs-Dance-iPhone-Funky-ChickenC-J-254467-1-150x137Lots of CEOs make products. Many make millions. Very few make history.

Steve Jobs is one of the latter. Like Henry Ford or John D. Rockefeller, he’s left a mark on his times that goes far beyond the creation of shiny new widgets.

The praise (and premature eulogies) are flowing from every direction on the InterWebs this morning, following the news that Jobs is stepping down from the top post at Apple – presumably for the last time – and becoming chairman.

But I have different memories of the man. Because for more than a decade I’ve been Steve Jobs’ muse.

I remember back in that dark post-Apple period in late ‘96, when Steve was trying to make a go of the NeXT machine, he called me at some ungodly hour of the night. He didn’t introduce himself. He didn’t have to. Only one man could possibly be calling at that hour.

“Apple wants to buy us. What do you think? Should I go back?”

I just cursed and left the phone off the hook. But I think he understood my meaning. Of course, within a year he was CEO again, and Apple started to climb out of the hole it had created for itself. 

A few years went by without much contact. Then sometime in early 2001 I got an email out of the blue. It read:

“We’re coming out with a portable music player in a few months. I’m thinking of calling it the ‘iPod’. What do you think?”

I told him the Sony Walkman had the portable music market sewn up. Nobody in their right mind would spend money for a device that only played MP3s. And ‘iPod’ — seriously? That name was so 1997.

Two years later, another call. This one was about the iTunes Store. Steve sounded so excited I really hated to burst his bubble.

The music industry will crush you like a bug, I said. Sorry, that’s just the way it is. Those guys make the Mafia look like a Boy Scout Jamboree.

And so on. The iPhone? A horrible mistake, I told him. The wireless companies will make you sorry you ever came up with the idea. And could you please drop the little ‘i’ in front of everything? You’re embarrassing yourself.

In late 2009 year I warned Steve against introducing a tablet PC. I was certain the iPad was a terrible idea that would sink his company.

“Remember Windows for Pen Computing?” I said. “Nobody has ever made a dime selling a tablet computer, and nobody ever will.”

Finally, a few weeks ago he called me for the last time. He told me he was thinking of handing the CEO job over to Tim Cook, if for no other reason than to get Apple’s Board off his back.

I told him not to quit, that he shouldn’t let the bastards get to him like that. “Did Napoleon have a succession plan? Did Genghis Khan?” I counseled.

So I’ve clearly played a pivotal role in dragging old media dinosaurs into the 21st century, showing the telecom industry that consumer choice matters,  offering ubiquitous connected computing to the masses, and making technology fun again.

Of course, I couldn’t have done it without Steve. And neither could anyone else. We’ll miss ya, big guy.

This post originally appeared on Infoworld.

Oh noooooo! AT&T snaps up T-Mobile.

att-worst-company-everJust when I thought I was out, they pull me back in. I’m not talking about Michael Corleone and the Mafia. It’s worse than the Mafia. I’m talking about AT&T.

Literally just yesterday I had the following conversation:

She: We’re running out of minutes. T-Mobile has a pretty good deal going now but that means signing another two-year contract.

Me: Sure, let’s go for it. We like T-Mobile. I have no problem committing for another two years. It’s not like they’re AT&T.

Now, of course, AT&T is swallowing T-Mobile in a deal worth $39 billion. So much for that.

This isn’t the first time this has happened to me. I used to be a Cingular customer, and I liked them. Decent phone quality, good customer service. Then they got swallowed by AT&T. Call quality turned into crap. Customer service?  A nightmare.

I had DSL service from a regional carrier a few years ago. They got snapped up by AT&T too. I’ve been a cable customer ever since.

Last year, when my AT&T wireless contract was finally up, I breathed a sigh of relief, ditched my Windows “smart” phone for Android, and jumped to T-Mobile. I should have known better. Assuming the deal goes through with regulators, I’ll soon be back in telecom hell.

AT&T claims that the T-Mobile deal will improve its crappy phone reception and poor Internet access. In my experience, though, AT&T routinely takes good things and turns them into offal.

T-Mobile’s got $20 unlimited data plans. You think AT&T is going to offer $20 unlimited data plans, I got a bridge in Arizona I want to sell you.

T-Mobile’s got an extremely well trained customer service squad. I mean, I can be pretty awful to a customer support rep when I’m steamed (and nothing makes me crankier than stupid technology snafus) but I talking to their Zen-like service reps usually calms me right down. What are the odds of AT&T – the poster child for terrible customer service — retaining that?

Also: T-Mobile usually hires spokesmodels like the luscious Catherine Zeta Jones and that dishy brunette in the pink-and-white polka dot dress [video]. AT&T has Luke Wilson. I rest my case.

There are a few positives, I suppose. T-Mobile customers may get access to the Apple iPhone and local 4G networks faster than they might have otherwise. But I can’t say I’m anything other than miserable. And I’m not alone.

As I write this, a CBS TechTalk poll shows that 77 percent of consumers oppose this deal. Here’s The Atlantic’s Daniel Indiviglio whacking it with a stick:

Consumers will be another big loser — probably. Most of the time when consolidation occurs in an industry with few participants and high entry costs, you see oligopolistic economics become even worse. Firms can set prices higher than if there were more competitors in the landscape. Technological progress also generally slows, because there’s less incentive to compete.

But that assumes that AT&T and Verizon don’t ramp up competition even more fiercely now that they’ll be near equals. Could they start lowering mobile plan prices and providing bigger discounts on devices? It’s possible, but unfortunately, oligopolies tend to move in the other direction, making consumers worse off.

You say you’re a Sprint/Nextel customer and you’re happy about it? Don’t get too comfortable. I’d be surprised if you weren’t part of the Verizon family within the month. Very soon there will be two major US wireless companies. 

And then, who knows? Maybe just one. AT&T/Verizon – one telecom to rule them all. 

At which point, I might be willing to give up my cell phone entirely. With any luck, by the time the regulators get through chewing on that merger I’ll be in The Old Geeks Home, where it won’t matter any more.

What do you think – is AT&T-Mobile a good idea? Dial in your opinions below or email me: Dan@dantynan.com.

This post originally appeared on InfoWorld.

A social network Anonymous would love

AnonymousBecauseDon’t look now, but there’s a new social network coming. No, it’s not Google Circles, no matter what the Read Write Web blog says. And it’s coming from the people you’d least expect.

4chan.

Yes, that’s right — the purveyors of the most insidious (and some of the most grotesque) memes on the InterWebs – LOLcats, Rickrolling, and Justin Bieber’s North Korean tour, to name but three of the less disgusting ones – are working on a new online community called Canvas.

More accurately: Christopher “Moot” Poole, the founder of the 4chan message board, has been quietly working on his site, canv.as, for some time now. He just got a lot less quiet about it at this week’s SXSW conference, where the 24-year-old Poole took the stage and proceeded to lambast his elders – specifically 26-year-old Mark Zuckerberg – about their failure to appreciate the benefits of online anonymity.

Per the UK’s Guardian:

"Zuckerberg’s totally wrong on anonymity being total cowardice. Anonymity is authenticity. It allows you to share in a completely unvarnished, raw way," Poole said, adding that the internet allows people to "reinvent themselves" as if they were moving home or starting a new job.

"The cost of failure is really high when you’re contributing as yourself," he said.

Chris Poole became somewhat infamous when he was named The World’s Most Influential Person in a 2009 online survey by Time Magazine. Of course, that survey was hacked by his pals at 4chan, which is also widely believed to be the source of the Anonymous campaigns that have bedeviled everyone from the Church of Scientology to the government of Egypt. At least, the two groups appear to draw from the same pool (if not, ahem, Poole) of digital prankster-vigilantes.

Canvas is in closed beta at the moment, so it’s impossible to gauge how much it is or isn’t like the 4chan boards (though Business Insider offers a preview of it here). But from the description it sounds like a grown up version (minus the grotesque bits) that allows users to take images others have posted and make then even sillier. The idea is to draw some or all of 4chan’s 8 million monthly visitors without a) alienating potential advertisers, or b) getting arrested.

In other words, Poole and his cohorts are finally hoping to cash in. This is what happens when you wake up one morning, realize you’re sick of living with roommates and need to make more money so you can get a place of your own.

In an interview with the New York Times’ Nick Bilton last March, Moot calls Canvas a “reboot” of 4chan. He also had this to say about the value of online anonymity:

I get a lot of e-mail messages from people who say thanks for giving them a place to vent, an outlet to say what they can’t say in real life with friends and work colleagues — things that they know are wrong, but they still want to say. Is it right? No, of course not. People say some disgusting, vile things. But just because we are hosting it doesn’t mean we agree with it. I don’t support what they are saying; I just support that there is a site like that to say that.

I’ve been writing a lot about online identity vs anonymity lately (and I seem to be doing it again), and I can appreciate Poole’s point. Still, I’m not buying the ‘anonymity = authenticity’ trope. I have a hard time considering someone ‘authentic’ when they post drive-by-slander under a made up name. Authenticity derives from identity, IMHO. And yes, the cost of failure is high – that’s the whole point.

If you need to vent about your boss or your friends or whomever online, that’s fine, but if you plan to get vile and disgusting, leave their names out of it, too. Unfortunately there’s no simple way to enforce that, so too many people use the relative anonymity of the Net as a barrier to hide behind.

I’m curious to see how Canvas pans out. But I suspect Poole will not be able to have it both ways – to create a community site where people are given free reign to roam anonymously, yet not have it turn into a cesspool where the rudest forms of communication drown out everything else.

Under what circumstances is anonymity acceptable to you? Post your thoughts below or email me: dan@dantynan.com.

This post originally appeared in slightly different form at InfoWorld.

Anonymous vs HBGary: A classic geek tragedy

gadkkaadlLast week, in a straight-out-of-Hollywood B-movie plot, we learned that an obscure cyber security company was trying to take out a whistleblowing site on behalf of a Fortune 50 corporation, thanks to a shadowy group of uber geeks whose identities are as yet unknown.

(Quick, get me Matt Damon. He’s not available? Get me someone who looks like Matt Damon. OK, we’ll settle for Shia LeBeouf.)

But the saga of HBGary Federal, WikiLeaks, and Anonymous is still only unfolding, thanks to yet more private emails that have been released by Anonymous into the wild. InfoWorld blogger Woody Leonhard has a nice summary of all that has transpired so far.

Here’s a quick list of the dirty dealings buried in those emails:

* HBGary Fed (HBGF) was one of five companies that were pitching a proposal to take down WikiLeaks on behalf of Bank of America. Palantir and Berico immediately severed all ties with HBGF and apologized. As far as I know, Booz Allen and law firm Hunton & Williams have yet to issue a statement, while BofA claims it never heard of or saw this proposal. (Color me surprised.)

* HGBF was also targeting top journalists, including Salon’s Glenn Greenwald and former New York Times reporter Jennifer 8. Lee.

* HGBF had a copy of Stuxnet, the virus allegedly developed by US and Israeli spy agencies to monkey wrench Iran’s nuclear facilities, and may have been planning to use it for its own nefarious purposes. (Now, of course, Anonymous has that code. Nervous yet?)

* According to Crowdleaks.org, HBGary may have been developing a new Windows rootkit (code name: Magenta) that is undetectable and impossible to kill.

* Fill in the blank. I’m sure more revelations will arise before I’ve finished this blog post.

Want to peek inside those emails? Try this search engine. (I know what you’re wondering; no, I am not in them. Not yet, anyway. Justin Bieber, on the other hand, is mentioned in two of them. Go figure.)

All of this is only known because various members of Anonymous took exception to a story in the Financial Times earlier this month in which HBGF spook-in-chief Aaron Barr bragged about infiltrating Anonymous using fake social network profiles and other publicly available information. He even claimed to know the real identities of the group’s “leaders.”

Except that it turns out he was dead wrong.

ITworld’s Thank You For Not Sharing blogger Dan Tynan spoke with one of those accused of being not only part of Anonymous, but its alleged kingpin, Commander X. It turns out that Ben de Vries is just an organic gardener in San Francisco who happened to run a Facebook group where alleged Anons liked to gather. Yet that was enough for HBGary Fed spook-in-chief Aaron Barr to conclude that he was the mysterious X, and to discuss with his boss submitting that info to the FBI.

A handful of commenters weighed in saying that they too had been named by Barr, incorrectly, as members of Anonymous. So much for Barr’s theory that he could penetrate the innards of a supersecret org through the magic of social media and his own innate brilliance.

Ars Technica, which has been all over this story in a way nobody else can touch, has a detailed account of how the Anons managed to pwn this alleged security firm. It used a standard weapon from the hacker arsenal, an SQL Injection, to penetrate HBGF’s custom content management system. That in turn gave them access to HBGF’s database of user names and passwords, which the Anons quickly cracked. Turns out that the principals at HBGF used simple passwords, and they used the same ones promiscuously for Twitter, Facebook, email, etc.

That, as they say, was the ballgame. Per Ars:

For a security company to use a CMS that was so flawed is remarkable…. Proper handling of passwords—iterative hashing, using salts and slow algorithms—and protection against SQL injection attacks are basic errors. …And though not all the passwords were retrieved … two were, because they were so poorly chosen.

Meanwhile, HBGary Federal – a division of HBGary – is all but dead. It slunked out of the RSA conference with its tail behind its legs. I’ll bet within a year that if parent company HBGary survives this debacle, it decides on a name change. There’s no getting the stink off them now.

As for Barr, he’s a victim of his own hubris. I’d be surprised (and, really, appalled) if he’s still employed in any capacity within a month. He thought he could fly with the Gods; instead he crashed and burned.

You might call it a classic geek tragedy.

What’s your take on HBGF, Anonymous, et al? Post your thoughts below or email me: dan@dantynan.com. I’ll feature the best and brightest in a future post.

This post originally appeared on InfoWorld.

Google’s not-so-little SEO problem

google dunce capOver the weekend the New York Times published a long piece by David Segal describing in painful detail exactly how Google’s search results have been totally pwned by JC Penney. Over the holiday shopping season, the retailer where my mother used to drag me to buy my Easter suits received an extraordinary bounty of Google love: Ranked number one in searches for “dresses,” “bedding,” “area rugs,” “furniture,” “skinny jeans,” and dozens of other terms (including, probably, “Easter suits”).

Is JC Penney really the destination of choice for all these categories of products? Hell no. But Google couldn’t tell the difference, because it had been gamed by JC Penney’s black-hat Search Engine Optimization firm, SearchDex. (SearchDex isn’t talking, but JC Penney fired them shortly after Segal called with some pointed questions. Draw your own conclusions.)

Apparently, SearchDex buried links attached to those search terms on thousands of dormant, fake, or abandoned Web sites, all of them pointing back at JCPenney.com. Google’s bots detected all those links, drew the erroneous conclusion that JCP was all that when it comes to skinny jeans and area rugs, and drove millions of Web shoppers toward the site. JC Penney had one of its best online shopping seasons ever.

The problem? This is known as link farming, and it’s banned by Google’s Webmaster terms and conditions. With its billions, Google can afford to pay people to do nothing but sniff out suspect search results driven by link farms and ‘86 them. And you’d think with an example this egregious Google would have noticed – especially given that they had warned JC Penney three times before about dicey search results. But no.

Per the Times:

Matt Cutts, the head of the Webspam team at Google…sounded remarkably upbeat and unperturbed during this conversation, which was a surprise given that we were discussing a large, sustained effort to snooker his employer. Asked about his zenlike calm, he said the company strives not to act out of anger.

Or maybe it strives not to anger companies like JC Penney, whom the Times points out spends millions on Google ads, in addition to lord only knows how much on SEO trickery. Cutts says the idea is absurd; the European Union, on the other hand, is investigating Google for this very practice. Segal writes:

Is it possible that Google was willing to countenance an extensive black-hat campaign because it helped one of its larger advertisers? It’s the sort of question that European Union officials are now studying in an investigation of possible antitrust abuses by Google.

Investigators have been asking advertisers in Europe questions like this: “Please explain whether and, if yes, to what extent your advertising spending with Google has ever had an influence on your ranking in Google’s natural search.” And: “Has Google ever mentioned to you that increasing your advertising spending could improve your ranking in Google’s natural search?”

SEO is in the news more than ever thanks in part to AOL’s swallowing the Huffington Post last week for $315 million. HuffPo is many things, not all of them printable on the pages of InfoWorld.com, but one thing for sure is that it is SEO driven. HuffPo owes much of its success to its ability to manipulate the treatment it receives at the hands of Google (and Yahoo and Bing).

Slate’s Farhad Manjoo wrote a funny piece last week discussing how HuffPo’s SEO success isn’t going to last forever. He was immediately attacked in the comments by SEO professionals defending their turf.

Hey, everybody does SEO, or tries to – InfoWorld included. There are perfectly legitimate things you can do to make your site more Google friendly. On the other hand, many SEO “pros” are the cockroaches of the Internet – turn the light on them and they all scatter.

Operate any Web site for any length of time and you will be approached by one of these bottom feeders. They will offer to “exchange links” or even pay you about the cost of a nice lunch for placing an article on your site or even just a few link-rich sentences. And many people do this, because they figure, why not? Nobody else is paying them to write this stuff.

The downside: If Google catches you, it lands upon you like the circus fat lady falling off a high wire. After the New York Times revealed just how thoroughly Google had been punked by JC Penney, it manually “adjusted” the PageRank for all of those terms that used to be number one down into the boonies of Googledom.

In other words, JC Penney isn’t Feeling Lucky any more.

If you’re relying on PageRank to drive business to your site, then you probably want to play it safe. But if you already don’t get any Google love, it’s a no brainer – take the money and the spammy links and run.

This is a war Google won’t win. Or at least, Google’s users won’t win. Because on the Web, the search race is not to the swift or the strong but to those who are willing to pay a dirty SEO firm to cultivate link farms. And you know what link farms require? A whole lot of manure.

Do you trust Google search results? Post your thoughts below or email me: dan@dantynan.com.

This post originally appeared on InfoWorld.com.

2011: The year of the hacker

Anonymous_wallpaper_2_by_XyZeR

I’ve said it before and I’ll say it again. This will be the year of the hacker – or rather, the year hacking goes mainstream.

It’s been brewing for quite some time. According to McAfee, a team of Chinese hackers has been infiltrating computer networks for the world’s largest oil and gas companies. Last week the Wall Street Journal reported that NASDAQ’s network was penetrated last year (though not the NASDAQ market – at least, as far as we know). And the ongoing battle between Anonymous and the folks who are aiming to take it down is really just heating up.

Before you fire up your email program or leap immediately to the comments to correct me: Yes, I know: hacker isn’t the right word for this. Hackers are not necessarily criminals or even evil doers. There are white hat, black hat, gray hat, and the occasional houndstooth hatted hackers. The appropriate word for people who attack computer systems for their own nefarious criminal purposes is ‘cracker.’ But to most people, a cracker is either something you spread cheese on or someone you try to avoid talking to at cocktail parties. These days everybody understands “hacker” – at least, the Hollywood version. Sorry, but that’s just the way it is.

And when hackers get tired of eating Doritos for dinner and have actual bills to pay, they grow up to be highly paid security consultants, who are then hired to do battle with their younger doppelgangers.

Case in point: The war between HBGary Federal, a security firm hired by the FBI to suss out who was behind the revenge attacks on assorted “enemies” of WikiLeaks, and Anonymous.

Last weekend, HBGary CEO Aaron Barr made the fatal mistake of bragging to the Financial Times about how his firm had managed to infiltrate the computers of leading members of Anonymous. Per the FT:

‘Of a few hundred participants in operations, only about 30 are steadily active, with 10 people who "are the most senior and co-ordinate and manage most of the decisions", Mr. Barr told the Financial Times. That team works together in private internet relay chat sessions, through e-mail and in Facebook groups. Mr. Barr said he had collected information on the core leaders, including many of their real names, and that they could be arrested if law enforcement had the same data.’

You’d think he’d know better. But no. Sure enough, HBGary’s servers got hacked and Barr’s Twitter account got hijacked by, yes, Anonymous. They posted Barr’s address, phone number, and Social Security Number on his Twitter feed, and sent out numerous taunting tweets on his behalf. They also hacked HBGary’s Web site and replaced it with this message, which reads in part:

“You have blindly charged into the Anonymous hive, a hive from which you’ve tried to steal honey. Did you think the bees would not defend it? Well here we are, You’ve angered the hive, and now you are being stung.”

Writing for CSO online, guest blogger Nick Selby sums up Barr’s boneheadedness:

‘I don’t know much about law enforcement, but I do think that, if you’re planning, say, to serve a felony warrant, it’s a bad idea to phone ahead and let the guy know you’ll be by in 15 minutes…. Criminals generally engage in criminal enterprises for the money (few people have a driving passion to establish, say, an industry-leading counterfeiting ring for the societal benefit), and those who stand between criminals and their goal risk the ire of the criminals. … Now, stating in a newspaper that you possess the secret identity of a criminal? This falls squarely into the category of "standing between a criminal and his goal." That’s a tip, kids. Write it down. To paraphrase Wendy in A Fish Called Wanda, one only briefs the public on an upcoming law enforcement action if one is congenitally insane or irretrievably stupid.’

Anonymous also published somewhere between 44,000 and 60,000 emails between HBGary and its corporate/government customers. And what was inside those emails was an eye opener.

It seems HBGary was working with Bank of America on a plan to take down WikiLeaks – and, strangely, CNN and Salon commentator Glenn Greenwald, whom it deemed instrumental to WikiLeaks’ continued existence, along with a handful of other prominent journalists.

HBGary was one of five firms allegedly involved in the discussion, along with law firm Hunton & Williams, data gathering firms Palantir and Berico, and consultants Booz Allen Hamilton. Business Insider published the slides this group prepared for BofA. It’s pretty chilling. To quote slide 5:

“Glenn was critical in the Amazon to OVH [hosting] transition…It is this level of support that needs to be disrupted. These are established professionals that have a liberal bent, but ultimately if pushed most of them choose professional preservation over cause, such is the mentality of most business professionals. Without the support of people like Glenn wikileaks [sic] would fold.”

What do you suppose they meant by “pushed”? As in, over a cliff?

That presentation suggests strategies such as sowing dissension within the WikiLeaks org, disinformation (ie, submitting false documents to WikiLeaks in order to discredit it), cyberattacks against WikiLeaks’ service providers, a media smear campaign, and “using social media to profile and identify risky behavior of [WikiLeaks] employees.”

Does that last one sound like blackmail to you?

HBGary is trying to sell the idea that Anonymous falsified some of the documents, but I doubt anyone’s buying it. Palantir has already publicly apologized to Greenwald and severed its ties with HBGary, which suggests the information contained in that leak is accurate.

To recap: A massive US corporation is targeting whistleblowing Web sites and mainstream American journalists, with the help of several data/security/consulting firms with strong ties to the US government. It sounds like the plot of a Hollywood summer blockbuster. It’s not.

So tell me: Who are the white hats and who are the black hats here?

Fasten your seatbelts. It’s going to get a lot more bumpy from here on out.

Does all this corporate hacking hack you off too? Vent your spleen below or email me: dan@dantynan.com.

This post originally appeared on InfoWorld.com.