Bill Gates has said that prognosticators often overestimate the amount of technological change that will happen in a year, but underestimate the changes that will take place over a decade. With the Zeroes coming to an end this week, and Steve Guttenberg's recent column questioning the viability of recorded music in 2020 as inspiration, here's my pick of 10 trends in music and technology that will shape the next decade.
Will the original iPod become an object of fetishization in 2020, like vinyl records are today?
(Credit: Apple Computer, via Wikimedia Commons)
Songs instead of albums
Musicians will always find ways to record their music--it's a fundamental drive, like painting for a painter or writing for a writer. But I agree with Guttenberg that fewer musicians will release suites of songs organized around a common theme or sound. As much as I love my long-playing records, they arose out of economics rather than art--they were a convenient way for companies to bundle multiple songs (particularly songs that might not have sold as singles) in an affordable package. With digital files already taking the place of physical recordings, there's almost no economic reason for the album to persist. By 2020, the concept of the album will be an anachronism with a few vocal adherents--like vinyl records are today--but most music will be released and consumed as songs.
Streams instead of downloads
Where did we get the idea that digital music has to be downloaded? It started with the CD and file-trading networks--content owners wouldn't sell us music in a form that could be consumed on our computers, so we ripped our own and swapped the files through Napster and its brethren. But now, every time a new song or album comes out, or we rediscover an old act, we have to rip or download the recordings, then transfer them to whichever device(s) we want to play them on. There's got to be an easier way!
If you had access to every song ever recorded, on any device, from any location with an Internet connection, wouldn't you rather pay for that service than buy a new CD or two every month? People say they want to own music, but when it's just a digital file, what do they want to own--a collection of ones and zeroes sitting on a segment of their hard drive? Why bother?
I think the real problem is that today's streaming services don't give you every song ever recorded and don't work on every device, and broadband data access--particularly wireless--is not ubiquitous. Those flaws stem from business problems (licensing, DRM, format incompatibility, and insufficient broadband infrastructure) rather than technology problems. And the business problems are gradually being resolved--look at the introduction of Rhapsody and Spotify for iPhone, and Apple's acquisition of streaming music service (and music locker) Lala. By 2020, most professionally recorded music will be consumed as on-demand streams and people won't pay by the track.
In the cloud rather than on hard drives
Some songs will never be available on demand--think of tracks from friends or obscure independent acts, or live covers (where licensing can be incredibly complicated, involving multiple performers and songwriters). But as users become accustomed to listening to more professionally recorded music on demand, they'll expect their personal collections to be available in the cloud as well. After all, who wants to spend time backing up a 120GB music collection on an external drive, or choosing particular recordings to eliminate in order to clear space on a cell phone?
This is where Apple's Lala acquisition really makes sense--imagine if iTunes served not only as an on-demand music service but also as a locker for songs you'd previously downloaded, ripped, or obtained elsewhere. Suddenly, the 16GB of storage on an entry-level iPhone would seem generous instead of paltry.
Fidelity rather than file size
Once our music lives in the cloud, we'll no longer have to worry about running out of space on our local drives or devices. Microsoft's SkyDrive already offers 25GB of online storage for free, and I could easily see that increasing one-hundred-fold by 2020. That's right: free terabytes of storage. It'll take a little bit longer, but eventually bandwidth--even wireless bandwidth--will increase to the point where streaming lossless digital files makes sense. Listeners will rediscover what they've been missing--detail in the midrange, and tons of information at the low and high ends of the spectrum--and the era of the MP3 will be looked back (and down) upon as the dark ages of audio quality.
Extras become standard
Again, with concerns over storage gradually disappearing, what's to prevent artists from packaging their music with artwork, lyric sheets, video outtakes, and even interactive applications? Today's artist-specific iPhone apps will become standard. Casual fans will stream a couple songs for free. Hardcore fans will pay to download the entire app and pore over it obsessively.
Production rather than consumption
Digital technology has already democratized the recording process--what used to take tens of thousands of dollars and a professional studio can now be accomplished with a laptop and a free program like Garage Band or Audacity. The results usually don't sound as good, but the experimentation process is fun, and sometimes a gem emerges. Digital technology and the Internet have also made promotion and distribution far easier than they were a decade ago. By 2020, music fans will spend almost as much time creating and sharing recordings with their friends as they do listening to professionally recorded music. Don't believe me? Think of this: 10 years ago, writers were a comparatively rare breed. Now, everybody's got a blog, or at least a Facebook page. In another 10 years, everybody will be a musician--or at least a recording artist.
Suggestions rather than searches
In a world of on-demand music in the cloud, search will become vitally important. Users will want to be able to find songs not only by title, album, or artist, but also by a few snippets of lyrics, or even by humming or playing part of a melody. (Imagine a combination of the voice search function available on Google Mobile with an advanced version of technology like Shazam, which can identify recorded music from a few snippets.) But search is only part of the question--once everything's available, how will users decide what to listen to? By 2020, personalized recommendation services, like those provided by Pandora, Slacker, and MOG, will become even more important than search, and will have to be integrated into any on-demand music service that hopes to survive.
Festivals rather than big concerts
Live music is already a long-tail world--with the exception of old, established acts and the very occasional pop sensation, very few bands can fill large arenas or football stadiums. This trend will accelerate as the last bands from the golden age of radio retire, labels take even fewer big promotional risks, and the market continues to fragment under the explosion in recording releases. In 2020, no single act will be able to sell 50,000 tickets at Qwest Field like U2 hopes to do this summer. Instead, the only shows that will pack large arenas will be festivals, where listeners can pick and choose among dozens of acts and classes of entertainment--just like they'll be doing online.
Spectacle rather than personality
With recording revenue plunging, bands must draw fans to their live shows in order to make a living. The common wisdom today dictates that musicians need a personal connection with their fans. They must blog, tweet, maintain their MySpace and Facebook profiles, and generally act like your next door neighbor who's always pestering you to see his band. There's a word for receiving "personal" messages from your favorite 100 bands--it's called "spam." Eventually, this cloud of self-promotional noise will dissipate, and will be replaced by old-fashioned word of mouth. Only acts that put on a great show--not just singing and playing songs, but entertaining in the old-fashioned sense of the word, with video and stagecraft and humor and spectacle--will cut through the noise. Bonus points for the first act that somehow integrates an audience-accessible game console into their act.
Retro takes on a new meaning
In 2020, the original iPod will be almost 20 years old. As the music world is overtaken by a nearly infinite selection of high-fidelity music, streamed over super-fast wireless connections to increasingly inexpensive portable devices, hardcore nostalgists will drag out their first-generation iPods and fill them with treble-heavy 120kbps MP3s. Meanwhile, grandpa will still be down in the basement with his collection of LP records and his lava lamp.
This is definitely a question reeking of our delightful modernity: if you were an escaped convict, would you regularly update your Facebook status?
This question is significant because Craig "Lazie" Lynch has, according to CBSNews.com, been on the run from a British prison since September. However, his Facebook page, updated with a plethora of bons mots Sunday, has stirred so many who admire freedom and, um, crime.
Lynch's musings are enjoying the attention of more than 3,000, um, friends. They have been regaled with Lynch's dilemmas, thoughts and wishes. This, for example, from Sunday: "Trying to figure out my plans for New Years. I know what I want to do but its not that easy."
Who can but sympathize with his plight? It's tough to get a reservation for dinner at a Gordon Ramsay establishment at such late notice. And if he wanted to take a lover for, say, a night at the Ritz, well, there might be problem with the credit card confirmation.
Lynch was serving a 7-year sentence for aggravated burglary before he slipped out of Hollesey Bay Prison, which is in the rather sleepy and flat part of England to the north-east of London.
An aerial view of the prison and its surroundings. Plenty of fields to hide in, no?
(Credit: CC Babylon Angel/Flickr)The police are, naturally, not well-disposed toward Lynch's updates.
"We have spoken to Facebook and we are trying to trace him from the information we have, but it's one of those things that we're also asking for help from members of the public," police spokesperson Anne-Marie Breach told CNN.
It seems, though, that late Sunday, Lynch began experiencing a little emotional pain. In what must have been an almost teary update, he posted: "right i'm coming off this page as i have better things to do."
Who might have imagined that, in his mysterious hideaway, Lynch had something better to do than continue his run as a Facebook attraction?
Still, he continued: "In fact due to the nature of some of these comments and the racist remarks that keep frequently poppin up have a dig at me by all means but why be abusive to others due to their colour or race it is petty minded fools who have ruined this site."
Petty-minded, indeed. Some of the world's great artists have suffered when their works have been ruined by unscrupulous, jealous critics, so Lynch's pain is entirely understandable.
However, he wants his supporters to know that he is grateful. For he posted: "Thank you to...all of you serious supporters out there and to my admin staff. To all you haters and hitlers out there i hope you slowly choke in your sleep."
By the way, if you ever wondered about the definition of aggravated burglary it is this: at the time of the burglary, the criminal: "has with him a firearm, imitation firearm, weapon of offense, or any explosive."
You might imagine, therefore, that Lynch is someone who might not always turn the other cheek. This might affect the level of sympathy you have for his Facebook critics.
How do you react, for example, to this update from he Saturday evening?: "Its freezing outside. Another lonely night. So far away from my family and friend. Yet I have so many supporters and haters on here. Thx for your support everyone cause this is a FAN PAGE."
One might conceive that, with the help of the large brains at Facebook, Lynch's Facebook fame might shortly come to an abrupt logout.
But here's the thing that seems a little peculiar. Lynch, according to the BBC, was serving time near the end of his sentence and escaped while he was on day release.
For some, the lure of Facebook fame is clearly uncontrollable.
Those nice people at Google, engineers at heart rather than craven, money-grabbing business people, seem to have suffered a sudden attack of commercialism.
The folks at the Silicon Alley Insider alerted me to this startlingly commercial ad on the Google home page. It can't be, I thought. So I went to Google.com myself and there it still was: a dry little thing in the right-hand corner suggesting that I should download Google Chrome.
(Credit:
Business Insider)
You might be wondering why Google might have taken this sudden, almost alarming step into advertising's dark hole.
You might consider that it comes soon after Google's extremely engaging Chrome campaign, the one that comes over all Picasso.
You might wonder whether the company has had enough of browser war talk and decided to enact browser war mayhem.
You might also wonder whether, following the rumors of a Google phone, the company has decided that it has had enough of its nice-guy persona. Like a priest who's renounced his vows in order to play the field, Google is going to make a grab for every last dollar in the technological space.
Whatever the reason, it all seems rather sweet. Which is just how Google wants it to seem.
Ever since someone tried to sell me on the curious notion that Houston was the Manhattan of Texas, I have become fascinated with the place.
So I am blissfully excited that PCWorld has caused my blood to turn my arteries into a NASCAR track with the revelation that police in the Houston-area county of Montgomery have decided to shame drunk drivers in a very modern way.
Yes, if you are caught driving while the special eggnog concoctions are making your nerve endings feel like Christmas lights, you will have your name on an especially festive Twitter page.
This seasonal offer only applies to those arrested between Christmas Eve and New Year's Eve. And the Twitter page in question will not be one newly set up for the occasion, but rather that of Montgomery County District Attorney Brett Ligon.
Naturally, some are wondering whether this little Twittering experiment might be flying the wrong way down a lane currently occupied by the concept of "innocent until proved guilty."
As Houston attorney Paul B. Kennedy says, on his own blog, with a sarcasm that not even a sliver of cabernet sauvignon could dampen: "Of course the police never make wrongful arrests."
However, in Texas they do seem to be quite keen on humiliation as a palliative. No, I am not referring to the bedroom predilections of Texan lawmakers, but rather to Denton, Texas (near the slightly less Manhattanesque city of Dallas), where every arrest gets Twittered.
It has to be said, though, that the Denton Twitter page was originally conceived by an enthusiastic layperson, rather than a zealous arresting officer.
While the Montgomery County drunk-driving information that is being Twittered is not legally confidential, you might wonder whether Twittering humiliation is a reasonable method of enacting the law.
Montgomery County Vehicular Crimes Prosecutor Warren Diepraam told PCWorld: "I sincerely doubt that the fact that I've put someone's name on a Twitter page is going to affect their right to a fair trial."
And I sincerely doubt that Diepraam believes that social networking is anything other than a vehicle for honest and legal communication. However, could he be the same Warren Diepraam from Houston, Texas who, on his Facebook page, wants people to think he looks like the moon? Surely not.
I've been enjoying all of the end-of-decade lists that have suddenly cropped up. I like knowing what I was intimately aware of and what I completely missed.
This week, the Associated Press came out with its list of "50 things that changed our lives in the aughts." First off, the reference to the "aughts" made me chuckle. Back in late 1999, I was concerned about two things: Y2K and what the heck we were going to call the first decade. Neither of those concerns turned out to be much of a problem in the end. "Aughts" certainly never caught on.
Second, and more importantly, it was interesting to see how many of the AP's 50 trends are tech-related. In all, 21 items are directly tied to technology.
For CNET News readers, all 21 items will be absolutely familiar. Here they are: apps, blogs, BlackBerrys, (digital) cameras, cell phones, connectivity, (online) dating, DVRs, Facebook, Google, GPS, information overload, iPods, Netflix, sexting, texting, (flat) TV screens, Twitter, Wii, Wikipedia, and YouTube.
Of the other 29 trends, I'm embarrassed to admit that two were completely new to me: Uggs and cougars. Better luck next decade.
I recently wrote about interest by News Corp. and its MySpace unit in Flixster, the popular social-networking site for movies.
Titled "MySpace and News Corp. Eye Flixster (But for What?)," I wrote:
Whether this is an acquisition or more of a larger partnership deal with News Corp. digital entertainment sites is unclear. Several sources said a purchase was a possibility, while others talked about a more complex deal that did not necessarily mean a purchase.Sources said any such deal is not imminent, but that News Corp. itself has been conducting extensive due diligence on the San Francisco-based Flixster, part of a plan to combine it with Rotten Tomatoes, another News Corp.-owned site run by its IGN Entertainment division.
Well, BoomTown did more gumshoeing. It is indeed shaping up to be a very complex deal, according to many sources I spoke with, centered on Rotten Tomatoes merging with Flixster, in exchange for a stake in the combined independent company by News Corp.
Flixster has attracted a huge audience--upward of 50 million--who trade all kinds of recommendations, ratings, news and even post user-generated movie reviews on its Web site and via widgets on social networking sites, mostly on Facebook. Founded in 2006 by CEO Joe Greenstein and CTO Saran Chari, Flixster has raised $7 million in funding from Lightspeed Venture Partners and Pinnacle Ventures, as well as garnering an angel investment from Silicon Valley entrepreneur and LinkedIn founder Reid Hoffman.
Rotten Tomatoes features mostly premium content, including professional reviews, trailer videos, and news. It has community feature that is just in beta, so it would be a nice fit with Flixster.
In addition, in a separate but related deal, the resulting company could then have its social, user-generated and premium content threaded throughout MySpace, which is in the midst of transforming itself from a social networking site and into a social media site for music and other kinds of entertainment.
Several sources noted that this deal being contemplated is typical of the overall strategy at News Corp., which has been targeting digital units, which are not an obvious fit inside the company any longer, for sale or other disposition.
In fact, the deal is not unlike one News Corp. did recently, flipping photo-sharing Photobucket into mobile photo service Ontela, with the media giant holding a large equity position in the the new entity.
The possibility of interlinking of MySpace and the combined social movie site is interesting and also yet another signal of one of the new strategies of MySpace, as one source described it, "playing on other platforms."
For example, MySpace recently announced it was adding its data stream into real-time search results on Google.
And, it seems dead obvious that MySpace is likely to adopt Facebook Connect sooner than later, perhaps beginning with a smaller implementation early next year. Focusing less on Facebook, which has long surpassed the once high-flying MySpace as the top-of-mind social network, MySpace is likely to value the massive cross-distribution for its much richer media content.
But that's not all for MySpace, said several sources, all of whom noted it would be rolling out a range of significant design and other feature initiatives over the next 45 to 60 days.
They are all aimed by its news managers at juicing MySpace's prospects, which have declined over the last several years, as have both revenues and engagement with consumers.
"This is not a rocket-ship ride to the moon," said one person with knowledge of the situation. "It's building again step by step."
A Flixster spokesman declined to comment, as did News Corp. I am awaiting a call back from MySpace's spokeswoman, but she is stuck in a security line at the airport.
(Full disclosure: News Corp. owns Dow Jones, which owns this AllThingsD.)
Story Copyright (c) 2009 AllThingsD. All rights reserved.
Additional stories from AllThingsD
- 50 Percent Chance Apple Will Announce Tablet Next Month. 100 Percent Chance We'll Keep Talking About Tablet, Whether It Appears or Not.
- NYC iPhone Fraud Epidemic Solved! AT&T Web Site Selling iPhones to New Yorkers Again.
- Facebook's Holiday Gift Sends a Message: This Is a Grown-Up Company
- Palm webOS 1.3.5 Will NOT Restore iTunes Media Synching
Facebook isn't just for kids anymore, but it looks like Disney's still an admirer: The entertainment conglomerate has nominated Sheryl Sandberg, chief operating officer of the massive social network, to its board of directors.
In a release Wednesday, Disney made the announcement and stated that shareholders will vote on Sandberg's nomination (along with the re-election of its 12 current directors) at the company's annual meeting on March 12 in San Antonio, Texas.
Facebook COO Sheryl Sandberg
(Credit: Corinne Schulze/CNET)"Sheryl has been at the forefront of a technological revolution that's opened up a world of new possibilities for consumers and which has greatly affected the way we do business," Disney CEO and president Robert Iger said in the release. "Her unique insight, born of great practical experience, will be of considerable value to Disney's shareholders."
Sandberg was named to the COO position at Facebook last March, following the departure of executive Owen Van Natta, who is now CEO of the News Corp.-owned MySpace. Sandberg has since become one of Facebook's chief liaisons with the media and advertising industries, speaking at numerous conferences to pitch the social network's ad and marketing products.
Prior to her hire at Facebook, Sandberg was a sales executive at Google and chief of staff for the U.S. Treasury Department.
So where does Disney stand in the Web 2.0 world? It owns kiddie virtual world Club Penguin, which it acquired for $350 million well before the real hype began over social games and virtual goods. It's also reportedly in talks with Apple to become part of the tech giant's potential subscription TV service, and this spring became a partner in joint video venture Hulu alongside original partners NBC and News Corp.
You and just about everyone else, it seems, are spending more and more time on Facebook and Twitter, updating statuses and checking friends' tweets. That's all well and good, of course, but the amount of personal information that all of you share in real time, and the level of trust implicit with the social networking sites, do pose particular security and privacy problems.
A recent study from Sophos found that Facebook users reveal a lot of personal information to new friends, including ones they really don't even know or have never met. Using fake profiles, Sophos sent out friend requests to 100 random Facebook users, and more than 40 percent blindly accepted, giving the company access to birth dates, e-mail addresses, phone number and addresses--private information strangers shouldn't have.
The openness of Twitter--anyone can follow anyone else, and posts are indexed in search engines--makes it a nirvana for spammers. Kaspersky says there are nearly 500,000 new unique URLs that appear in Twitter posts daily, and of those, anywhere between 100 and 1,000 are malware attacks.
Here's a look at some of the specific threats users of the sites face and what they can do about it.
A rogue app that appeared early in the year sent notifications to Facebook users reporting they were violating terms of service and offering a link that lead to an application called "facebook -- closing down!" which then spammed all the friends of affected users.
(Credit: Trend Micro)Problems: Malware, account hijacking, phishing, and social engineering
The biggest malware risk is Koobface, (an anagram of Facebook), which is a worm that targets social networking sites and affects Windows-based computers. Once a computer is infected, it hijacks the Facebook account and sends messages to other friends of the victim, enticing them to click on a link. The link redirects to a Web site where they are prompted to download software ostensibly to watch a video. However, there is no video; only malware that infects the system, blocks access to security sites, and can be used to steal sensitive information from the computer, such as credit card numbers. Infected machines can then be used to spread the worm to others on Facebook, send spam and distribute fake antivirus alerts, said Rik Ferguson, a security researcher at Trend Micro. Koobface now can automatically create new profiles using infected machines, he said.
Facebook accounts can be hijacked in several ways. A brute-force attack can be used to guess passwords. Users can fall for phishing attacks by clicking on links in messages or e-mails purportedly coming from friends that redirect to a fake Facebook log-in page. Or malware such as Koobface can steal passwords.
Social engineering is a huge problem for social networks because the trust that users have for messages and posts from friends can be easily exploited by scammers. Hijacked accounts are used to send everything from spam touting weight loss plans to links that install malware and steal passwords to fake emergency messages saying a friend is stranded in another country and needs someone to send money. Scammers are also sending e-mails that look like they come from Facebook and include an attachment that contains a Trojan.
Solutions: Use antivirus and anti-malware software and keep it up-to-date. Install security updates for operating system and other software. Use software like AVG Linkscanner or McAfee Site Adviser to protect against phishing and malware attacks. Become a fan of the Facebook Security page, which has posts related to all sorts of security issues, tips, resources and other information. If you think you've been infected with Koobface or other malware you should reset your password and notify friends who may have been affected.
Use an up-to-date browser that features an antiphishing black list, such as Firefox 3.0.10 or Internet Explorer 8. Be aware of where you enter your password. Check to see that you are logging in from a legitimate Facebook page with the Facebook.com domain. Be wary of unusual stories or offers that are too good to be true. Verify information with sources directly. Be cautious of any message, post or link that looks suspicious, requires an additional log-in or asks you to download or upgrade software. If a link seems odd or lacks context, don't click on it. Don't click on links or open attachments in suspicious e-mails. You can add a security question from the "Account Settings" page if you would like an additional layer of protection.
Problem: Rogue applications
Facebook doesn't vet every app that appears on the site, which means there is a risk that some apps will have bugs in them or will violate Facebook's privacy policies. Facebook has proven diligent in removing rogue and problem apps quickly when it is notified, but unlike iPhone apps, pretty much anyone can write a Facebook app. "Because the code is not always of professional standard or hosted or audited by Facebook, we've seen innocent apps compromised externally and used to deliver malware, such as fake antivirus," Ferguson said. One rogue app that appeared early in the year sent notifications to Facebook users reporting them in violation of terms of service and offering a link that lead to an application called "facebook -- closing down!" which then spammed all the friends of affected users, according to Trend Micro.
Solution: See solutions above, and be cautious about adding applications. Research the developers and perform Web searches to see if anyone has complained about the app. And ask yourself, what value does the app provide? Do I really need to play zombie?
Problem: Privacy leaks due to user error
Because people control who they are friends with on Facebook it is easy for users to have a false sense of security about the privacy of their data and activities on the site. Social engineering attacks, lax security practices by users like using weak passwords and design or implementation problems with the site itself can undermine the privacy protections users rely on. Users who fall for phishing scams and get their accounts hijacked have everything in their account exposed to strangers who can then use the different types of data for identity fraud or to target the victim's friends with social engineering attacks.
Solution: See solutions above. Also, use unique logins and passwords for each Web site you access. Use strong passwords, change them often and don't share them with anyone.
These instructions explain how to keep most people from viewing your friends list on Facebook.
(Credit: CNET)Problem: Privacy leaks due to design or implementation issues
Privacy advocates contend that Facebook's lenient apps approval process, privacy policies and confusing privacy settings put users at risk. Two weeks ago, Facebook asked users to configure their privacy settings. The options were confusing and many people were inclined to just keep the default settings, which are set to make the data visible to the Web rather than opting to use the old settings established by the user. Screenshots and descriptions are detailed on this photo gallery.
Many people have complained that it is difficult to figure out how to change the privacy settings, that they are not intuitive and that there doesn't seem to be one central place for that. And using Facebook Connect with outside apps, like the iPhone app Foursquare, can expose more information than a user expects to share. The new privacy changes at Facebook have prompted the Electronic Privacy Information Center to ask the Federal Trade Commission to investigate.
Facebook encourages people to share their full names, date of birth, home town and other information, all pieces of information that are commonly used in identity fraud. Scammers on underground sites even refer to Facebook as a "free date-of-birth look up service," according to Ferguson. People don't realize that their profile information can be accessed by total strangers who happen to be in the same groups or networks unless they specifically change the settings. People who don't trust random apps--which in general have access to profile information even if it isn't necessary to the function of the app--don't realize that the apps their friends are using also have access to their data. "Friends apps can access most of your profile, interests and groups. There is no way to prevent them from accessing your name, profile, photo, town and gender," said Joseph Bonneau, a PhD candidate in security at the University of Cambridge. In response to user feedback, Facebook made a change that allows users to hide their friend lists from everyone but their friends, a Facebook spokesman said.
Solution: CNET has a tutorial on how to hide your Facebook friends list by clicking on the pencil in the friends box on your profile. Detailed instructions and tips on dealing with Facebook privacy settings are available on the DotRights.org site and on the All Facebook blog. Facebook also has a blog post about the privacy changes.
Problem: Privacy leaks related to marketing
The relationship between the apps and advertisers can also cause problems. Adding an app allows the app to show ads inside the Facebook domain, and that can leak a user's profile information to the advertiser, said Peter Eckersley, a staff technologist at the Electronic Frontier Foundation. Meanwhile, cookies and other browsing tracking technology combined with data from social networks can be used by marketers to identify users for targeted advertising and other purposes, Eckersley said, providing details in a blog post on different ways data can be leaked from social networks to third-party tracking firms. Once marketers know a specific person's user name, they can use that identifier in the URL to get to a user's public profile page, according to Eckersley. "They can create a social graph of your date of birth, city, employment, relationship status, all uniquely codified in a way that can be automatically sucked into a database," he said.
Solution: Pick a good cookie policy for the browser, such as manually approving all cookies or only keeping cookies until the browser is closed. Disable Flash cookies. Use Firefox extensions such as RequestPolicy and NoScript to control when third-party sites can include content or run code in the browser page. Use the Targeted Advertising Cookie Opt-Out plugin or AdBlock Plus to block ads. To hide your IP address and other browser characteristics, use Tor via Torbutton.
Problem: Information used to suppress dissent and target political activists
As with e-mail, blog postings and other public expressions of dissent, Facebook and Twitter have been used by governments to target protesters. The Wall Street Journal reported earlier this month that family members of Iranian Americans had been arrested or questioned because of anti-Iranian government posts on Facebook by members outside the country. In other instances, Iranians living abroad were forced to log into their Facebook accounts or reveal passwords to government officials as they arrived at the Tehran airport and some even had their passports confiscated because of their political posts. In the U.S., the EFF says, officials have taken actions against U.S. citizens based on information discovered on their social networks; the group has sued the CIA and other agencies for allegedly refusing to release information about how they are using such sites in surveillance and investigations.
"Basically, every time you post something to Facebook you should assume that the whole world will know what you've posted, your family, employer, the government, people you don't trust," Eckersley said.
Solution: Think carefully about what information you want to share about yourself and consider only posting information you would want to let the general public see.
Twitter has many of the same malware, phishing, hijacking and social engineering issues that Facebook has, and the solutions for those problems would be the same. Because users don't provide much personal information to Twitter, and can even create accounts using all fake information, and because anyone can follow anyone else, there aren't the same issues with privacy, either. But that makes life easy for spammers.
Security does seem to be a worrisome thing with Twitter. The site has had several serious problems from employee accounts getting compromised. In January, someone hacked into the Twitter internal network -- possibly by guessing the password -- and gained access to the Twitter accounts of President Obama, CNN anchor Rick Sanchez, and 31 other high-profile Twitterers. In May, someone broke into Twitter's network and gained access to 10 accounts, which appeared to include Britney Spears and Ashton Kutcher. In that breach, a hacker was able to gain access to a Twitter employee's Yahoo account through the password recovery system and from there get information from other sites, including access to the employee's Twitter account. And last week, the legitimate account of a Twitter employee was used to hijack the site and redirect visitors to an external page displaying a banner for the "Iranian Cyber Army."
Meanwhile, Twitter was crippled (and Facebook and other sites also affected) by a rare politically motivated denial-of-service attack targeting one user in August. However, that incident reflects more on Twitter's ability to keep the site up in the face of an attack and accessibility than it does about security risks to users.
Twitter users are susceptible to getting their accounts hijacked, and the site has been targeted by clickjacking pranks. In these social engineering attacks, users were encouraged to click on links that distributed the original tweet to all of the Twitter user's followers.
Users with large numbers of followers have an added responsibility to be careful, particularly when setting accounts to automatically post items from news feeds. A malicious post on an unmoderated news feed that venture capitalist Guy Kawasaki was re-tweeting distributed a Trojan to more than 139,000 followers in June.
Kaspersky offers a Krab Krawler tool that analyzes tweets as they get posted on Twitter and blocks any malware associated with them. Trend Micro has technology that monitors Twitter posts for malicious URLs, as well as looks for attack patterns in the posts, such as use of popular terms to indirectly lead people to malicious links. And Finjan offers a free browser plug-in dubbed SecureTweets that warns users when they encounter a malicious URL in Twitter, as well as Blogger, Gmail, Google and a host of other popular sites. To keep up with security issues on Twitter follow Twitter's Spam Watch account.
Social networks are also susceptible to other serious security problems that can hit any type of Web site. For instance, last week passwords of 32 million stored in plain text on the RockYou site were exposed by a SQL injection attack, according to security firm Imperva. Because the passwords are used on other affiliate sites to the social networking application maker, the breach jeopardized other accounts, like Gmail, Hotmail, and Yahoo.
How much time do you spend online each week? If you're an average Net user, a new poll shows, it's around 13 hours--excluding e-mail.
The Harris Interactive poll, released Wednesday, found that 80 percent of U.S. adults go online, whether at home, work, or elsewhere. Those who surf the Net spend an average of 13 hours per week online, but that figure varies widely. Twenty percent are online for two hours or less a week, while 14 percent are there for 24 hours or more.
The average number of hours that people spend online each week has grown over the years, hovering at 7 hours from 1999 through 2002, 8 or 9 hours from 2003 through 2006, and 11 hours in 2007. The level hit its peak at 14 hours in October 2008--after the global recession had set in and just before the U.S. presidential election.
The jump in time spent in cyberspace likely stems from a few factors, according to Harris. More people are comfortable using the Internet. More of them are shopping and watching TV online. In addition, the number of Web sites and online applications has increased. Harris adds that the recession may also play a role since surfing the Net at home is free (after paying monthly access fees), while going out means spending money.
The age group that spent the most time online per week: 30- to 39-year-olds, at 18 hours.
The total number of U.S. adults on the Internet is 184 million, around 80 percent of the total population, according to the poll. That figure is virtually the same as in 2008 but is a big jump from 1999, when it reached at 56 percent, and from 1995, when the figure was a mere 9 percent.
The number of people who surf the Net at home rose to 76 percent this year, compared with 66 percent in 2005, 46 percent in 1999, and 16 percent in 1996. In 1995, that specific question wasn't even asked.
The Harris poll queried 2,029 people in early July and mid-October.
Here are the poll results:
(Credit:
Harris Interactive)
A decade after the rise of Napster and a year after promising a new antipiracy strategy, the Recording Industry Association of America appears to be floundering on the piracy front.
The plan adopted last year by the RIAA, the trade group for the four largest recording companies, in place of its controversial litigation campaign seems to have gone nowhere. The RIAA said at the time that it had struck partnerships with major Internet service providers, the Web's true gatekeepers, and that they would help choke off online piracy.
It was all supposed to be a done deal. The Wall Street Journal, which broke the news about the RIAA's strategy shift, wrote on December 19, 2008, that the RIAA had "hashed out preliminary agreements with major ISPs." According to the Journal story, the ISPs were supposed to join a deterrent program designed to gradually increase pressure on accused copyright violators. As part of the so-called "graduated response," RIAA officials told me that ramifications for repeat offenders would escalate, starting with the sending of multiple letters that could take an increasingly strong tone. Eventually, as the Journal noted, "the ISP may cut off their access altogether."
RIAA CEO Mitch Bainwol in a file photo.
(Credit: Declan McCullagh)Music execs had told me much the same thing and I wrote last year that AT&T and Comcast were testing their own graduated responses. But a year after the Journal's initial story, the number of ISPs that have acknowledged adopting the RIAA's graduated response program is zero. In addition, many of the big ISPs, such as AT&T and Comcast, have gone out of their way to deny that they would ever interrupt service to customers simply because they were accused of copyright violations by the film or music industries. To do that, they would need a court order.
Some ISPs, including AT&T, Comcast, and Verizon, appear to be sending greater numbers of their own warning letters--in addition to those sent by content owners--to customers suspected of file sharing. The letters typically notify customers that they have been accused of illegally sharing songs and informed them that such activity is illegal.
But here's the big question about the RIAA's graduated response plan: is it worth anything without a legitimate threat backing it up? It's difficult to believe that sending letters is enough of a deterrent.
Mitch Bainwol, the RIAA's chairman and CEO, acknowledges that his organization hasn't achieved all of the goals it laid out a year ago, but he says that the ISP strategy is well thought out, progressing, and has already seen dramatic results.
"We've seen a million notices [from ISPs to customers suspected of file sharing] go out over the past year and that is certainly meaningful," Bainwol told CNET last week. "Are we prepared to make an announcement that is broad in scope and cuts across ISPs? No. Are we engaged in significant discussions that we believe will ultimately prove productive? Hell yes."
Maybe so, but these deals were supposed to have been done or nearly done a year ago. What happened to those "hashed out preliminary agreements" that the Journal wrote about?
Missing teeth
Multiple music sources have told me over the past month the RIAA leaders were feeling pressure to drop the lawsuit campaign, but were also being lobbied by some at the labels to put some kind of deterrent in place, even if totally toothless. They didn't want the public to think there weren't any consequences to pirating music, even if the reality was exactly that.
According to those sources, the announcement about the ISP strategy last December was little more than a scarecrow.
Bainwol didn't comment on that but did say: "The substance of our pivot to ISPs is in fact accurate. The broader arrangement that cuts across the ISP community is still out there to be tied down. There clearly are discussions going on."
The reason that some at the labels wanted an end to the litigation is that for years it brought down mountains of public scorn. The lawsuits were also expensive and RIAA's members wanted costs slashed, which happened earlier this year.
The decision was made to continue to pursue the suits already in the courts, but the widescale practice of suing individuals was over.
Here's the other reason that several of the music-industry sources say the RIAA acted before any deal was done: to fire a shot across the bow of some of ISPs that were dragging their feet. By spreading the word that the RIAA had sewn up a deal with a group of big ISPs, RIAA managers hoped they were ratcheting up the pressure to join, sources say.
They also turned to Andrew Cuomo, New York's state attorney general, to nudge the ISPs into fighting piracy in the same way he pushed them to combat child pornography, said two music industry sources. This not only rubbed some ISP execs the wrong way, but unlike with the porn problem, the law was all on the side of the ISPs.
Nothing in the Digital Millennium Copyright Act requires ISPs to adopt a graduated response or even send their own warning letters.
"I don't know that the (ISPs) are legally obliged to do it," said Jonathan Zittrain, a noted cyberlaw expert and author. "I don't know any ISP that has been sued over it...The industry has chosen not to provoke a fight."
One reason for that may be that many bandwith providers want greater access to top entertainment content. The best example of that is Comcast's proposed acquisition of NBC Universal. To many in the film and music sectors, it appears that the interests of entertainment companies and ISPs are aligning.
"We've seen great progress and great cooperation from many of the ISPs," Bainwol said. "Getting to a public uniform understanding about how we're going to work together is obviously an extraordinarily complicated endeavor...[piracy] is a problem that developed over years and a solution is going to take time but we're achieving progress toward that goal."
Some progress
To be sure, in some ways the music industry's digital strategy has never been in better shape. It's never been easier or less expensive to acquire music legally than it is at such sources as iTunes, Amazon, and Pandora.
The music sector hasn't obtained a three-strikes policy in the United States, but it's been much more successful in forcing ISPs based overseas to boot repeat copyright offenders from their networks. And some ISPs, including Cox Communications, established antipiracy policies long ago that were similar to the RIAA's graduated response. But since the U.S. is a tougher environment when it comes to discussing service interruption, has Bainwol altered his definition of "graduated response"?
"I'm not locked into any particular definition," Bainwol said. "I think the parties that are negotiating and having discussions about what kind of program is appropriate will define how you work a graduated response program. The question here is: Are we working with the ISPs? Will there be some kind of graduated response program, where the infringer is made aware when they're caught and also when there are escalating tensions.
"We'll be flexible about how we get to a deal," Bainwol continued. "We'll let others define the poles of the position."
