News Blog

A day before the United States celebrates its independence, we continue to question our individual freedoms online. In Thursday's Daily Debrief, CNET News.com Editor in Chief Dan Farber and I discuss a federal judge's recent ruling in the ongoing Google-Viacom lawsuit that orders Google to turn over YouTube user activity. This will include videos watched, IP addresses, and usernames as part of an ongoing copyright infringement case.

Understandably, this news is disconcerting for YouTube users. Sources tell CNET News.com, however, that if Viacom uses this information for anything other than investigating piracy issues, it will be held in contempt of court. Regardless, Farber makes the point that this ruling could now set a precedent for other online privacy and security battles. Representatives from the Electronic Frontier Foundation agree, arguing that this court order will slowly erode the online rights we have come to enjoy and appreciate. Sounds like fireworks of a different kind this Fourth of July.

Vancouver-based computer technician Byron Ng, who likes to prod social networks for holes and other errors, stumbled across a way to learn more about Facebook users than you're supposed to be able to--prompting Facebook to suspend the Top Friends application late on Wednesday.

Until Facebook suspended the Top Friends app, created by Slide, anyone could browse partial profiles of anyone else on Facebook who had added Top Friends to their page. CNET News.com confirmed that the security hole exposed the birthdays, gender, and relationship status of strangers, including Facebook executives, the wife of Google co-founder Larry Page, and one profile that seemed to belong to Paris Hilton that used her middle name "Whitney."

Basically, the app was not obeying the privacy settings specified by the user, enabling anyone with the know-how to bypass the security once they obtained someone's Facebook ID number.

"We expect third-party apps to follow the rules the users set," Ben Ling, director of platform product management at Facebook, said in a phone interview Wednesday. "With Top Friends, the privacy settings of the user were not being respected according to the privacy policy terms of use."

Less than six hours after CNET News.com contacted Facebook on Wednesday about the matter, the company decided to suspend the Top Friends app, meaning no one can use it, Ling said. The company is also conducting an ongoing investigation into the matter, he said.

Meanwhile, another third-party app that Ng disclosed a security hole in, Super Wall, was fixed. With Super Wall, which was created by RockYou, no personal data is revealed, but anyone could have viewed the Super Wall of any other user, even if they were not friends.

"Super Wall is respecting the privacy rules of the site," Ling said, adding that data created in the apps is not governed by the same privacy policies as user profile data.

Before the app was suspended, CNET News.com was able to use Top Friends to pull up profiles of Bobby Jindal, the Republican governor of Louisiana who's been talked about as John McCain's running mate; Facebook Chief Operating Officer Sheryl Sandberg; Jonathan Heiliger, Facebook's vice president of technical operations; and what is believed to be a page for Hilton.

Similar steps were taken to view the Super Wall pages for Sandberg, Facebook founder Mark Zuckerberg; Google executive Marissa Mayer; and Lucy Southworth, wife of Google founder Larry Page.

By accessing these pages it is easy to get the Facebook ID numbers for their friends and see their pages, as well.

Nothing on the Super Walls was all that juicy (who hasn't been annoyed by the "Click forward to see what happens" spam?), but the information revealed through Top Friends is sensitive and could have been used to commit identity theft if it landed in the wrong hands.

"Any Facebook user who adds an application to their profile is agreeing to give any of their personal information to the developer of that profile," Ng wrote in an e-mail after walking News.com through a demonstration of how to exploit the security holes. "Facebook has pretty low barriers of entry with regards to becoming a developer. You just need a Facebook account and to fill out some online forms."

It would be fairly easy for someone to create a new Facebook app that could be used to steal people's information, he said.

"Of course, it's against the Facebook terms of service for an application to store someone's personal information, but there's NO WAY for Facebook to verify compliance since Facebook applications run on PRIVATE THIRD-PARTY SERVERS, not on their own servers," Ng wrote.

Ng uncovered a way to snoop on strangers' SuperPoke pages a few weeks ago and Facebook promptly plugged it. He also exposed a hole in MySpace earlier this month that allowed people to see private photos of Hilton and her celebrity pal Lindsay Lohan, and currently there is an open hole in MySpace that allows anyone to create a discussion group and delete other peoples' bulletins, even if they are not the group leader, he said.

A MySpace representative said late Wednesday she was looking into the matter.

CNET News.com's Declan McCullagh contributed to this report.

Microsoft and Google have joined a collection of insurers and health care providers in endorsing privacy standards intended to protect medical records stored online.

The new "Connecting For Health" guidelines, which are also intended to reassure people that storage of their medical records online is safe, aim to break the "typical logjam in health care," according to a statement released by the Markle Foundation, which organized the consensus framework.

The move comes as Google and Microsoft ramp up their efforts to create portals where consumers can l upload, store, and view personal information, as well as share that information with medical professionals and insurance companies.

However, consumer adoption has been slow. Just 6.1 million adults in the United States have electronic personal health records, according to estimates released by the Markle Foundation.

"Consumer demand for electronic personal health records and online health services will take off when consumers trust that personal information will be protected," Zoe Baird, the Markle Foundation's president, said Wednesday in a statement.

A report in the New England Journal of Medicine in April suggested that Google and Microsoft's databases of patient information could eventually grow to be larger and more up-to-date than the databases of other well-known medical research programs. As a result, researchers may find it easier and cheaper to team up with Microsoft and Google when doing their research, rather than relying on a number of sources for data to do their research.

Others supporting the guidelines include WebMD, lobbying group AARP, Aetna, America's Health Insurance Plans, BlueCross BlueShield Association, and the American Medical Association.

Updated 12:00 p.m. Thursday with additional Trusted computing Group comment.

Early this decade, Microsoft weathered unrelenting criticism over a controversial set of technologies known as Palladium, which the company envisioned as creating a kind of secure vault to store passwords or medical records.

Academics warned it could "support remote censorship" and blacklists, likening Palladium to the Soviet Union's efforts to register typewriters and fax machines. Privacy activists predicted it would hand Microsoft "an unprecedented level of control" over the world, and free software doyen Richard Stallman solemnly dubbed it "treacherous computing."

It worked, kind of. Microsoft retreated by doing what any large bureaucracy tends to do in response to such a kerfuffle: it gave its problem a new name. Palladium became the awkwardly-titled Next-Generation Secure Computing Base, or NGSCB, (and the group Microsoft coalesced around the initiative changed its name from Trusted Computing Platform Alliance to Trusted Computing Group) and critics mostly moved on to worry about the recording industry and other threats to digital liberties instead.

Since then, the NGSCB--once derided as "nagscab"--has existed in an odd kind of technological purgatory. One report in 2004 said that Microsoft has "killed" NGSCB, which the company quickly denied later the same day. CNET News.com published a story in 2005 quoting Microsoft as saying NGSCB was "still coming."

After six years, the supposed world-striding colossus of a technology that once sparked so much fuss (one reviewer said it might become "either Santa or Satan") is much diminished. NGSCB never did live up to its early promise--or what critics would have said was its early threat as a digital rights management tool that would restrict how people consume content on their PCs and lock them into one vendor.

"It has changed from something that was very revolutionary and grandiose into something much more modest," said Andrew Jaquith, a senior analyst at Yankee Group.

And then came BitLocker
NGSCB does live on, manifesting itself in a Microsoft technology called BitLocker, a Microsoft spokesman confirmed.

BitLocker, Microsoft's only product to come from the Trusted Computing effort, is a feature in Windows Vista Enterprise, Vista Ultimate, and Windows Server 2008 that encrypts the disk drive to protect against data theft or exposure if the computer is lost or stolen. (Trusted Computing should not be confused with Trustworthy Computing, which is Microsoft's effort to improve the security of its own products and is largely considered to be successful.)

While it is useful, BitLocker hasn't taken the computing world by storm yet, or even been enough to justify upgrades to Vista, said Rob Helm of Directions on Microsoft.

"BitLocker hasn't been the rage anybody expected, although there is a strong case for using that feature on laptops," he said. In addition, plenty of third-party products--many offering whole disk encryption--exist.

Bruce Schneier, crypto researcher, author, and chief security technology officer of BT, was one of the more vocal critics when Microsoft first unveiled its Trusted Computing plans in 2002. In 2005, he was still beating the drum, writing that Microsoft was attempting to stall, and possibly get Vista exempted from a best practices document for the Trusted Computing Group that addressed many of the critics' concerns.

The Best Practices Principles (PDF), which was written in 2003 and eventually published in 2005, gives consumers some control over disabling the functionality, allows devices to support multiple users, adds privacy protections, and calls for interoperability and portability of data.

"We were concerned that users were able to opt in and not be controlled from above," said Susan Landau, a distinguished engineer at Sun Microsystems who worked on the Best Practices document after Sun joined the Trusted Computing Group. Sun was not a member of the Trusted Computing Platform Alliance.

"The public criticism certainly created pressure," especially when it conflicted with consumer privacy guidelines in Europe and elsewhere, she said.

"I think it's interesting that the (Trusted Computing Group) technology is continuing, but the big DRM push, so far, has not happened," Landau said.

Putting trust in a module
The centerpiece of the Trusted Computing Group is the Trusted Platform Module, a microcontroller that stores keys, passwords, and digital certificates in a secure, isolated area. They are widely distributed in computers from Dell, Fujitsu, Gateway, Hewlett-Packard, Intel, Lenovo, Toshiba, and others, but most people don't even know they are there. BitLocker makes use of the Trusted Platform Module.

Microsoft has "convinced a lot of hardware manufacturers to put the chips in computers and they're in a lot of computers, but they're not doing anything," Schneier said. "The question is what are they going to do with the chips? How is Dell feeling these days?"

A Dell spokesman did not return a call seeking comment. Even Scott Rotondo, president of the Trusted Computing Group, acknowledges that the Trusted Platform Modules need more applications.

"A lot of them haven't been utilized fully and in some cases not at all," said Rotondo, who works as a senior staff engineer in Solaris Security Technologies at Sun. "The supporting infrastructure has been slow to materialize."

"It stands to reason that there might be frustration on the part of hardware manufacturers," Rotondo said, likening it to a "chicken and egg situation."

"We need to really make use of these things before the hardware manufacturers get tired and take them away," he added.

Trusted Platform Modules "have not yet fulfilled their potential, but Microsoft and other companies are working on it," the Microsoft representative said.

A Trusted Computing Group spokeswoman said on Wednesday that the organization is not focused on DRM and that applications that use the TPM include secure e-mail, multifactor authentication, password management, and single sign-on. The group is also working to extend the concepts of hardware-based security to storage, network security, and mobile devices, she said.

While initial concerns about misuse of the technologies slowed down the group's efforts, people see legitimate uses for the technology, and digital rights management could be among them, Rotondo said. However, any digital rights management systems would have to maintain a proper balance between the rights of the content owner and the rights of the consumer, he said.

Where Microsoft failed in doing that, Apple has succeeded, according to Paul Saffo, a Silicon Valley-based technology forecaster.

"The biggest thing that has changed in the last five years is iTunes and the iPhone," he said. "The companies got their protection and the consumers got the right to purchase individual songs at a price that was less than the cost of the album."

Don't discount Microsoft just yet, warns Ross Anderson, a security engineering professor at the University of Cambridge's Computer Lab and an early critic of the Trusted Computing Platform Alliance.

Asked if the world has been spared a Microsoft digital rights management machine, Anderson responded in an e-mail: "Wrong--WMP (Windows Media Player) and the surrounding stuff that MS hopes will enable it to do to the HDTV market what Apple did for MP3s."

Saffo joked: "It's like a horror movie; they'll be back."

(CNET News.com's Declan McCullagh contributed to this report.)

Internet service provider Charter Communications announced Tuesday that it was indefinitely suspending the use of a controversial tool to track its customers' movement on the Web.

Charter, the fourth-largest cable operator in the U.S., announced in May that it would use technology from a company called NebuAd to monitor some of its broadband customers' Internet habits to provide advertisers with information to target online ads to individual customers. Privacy advocates had likened the service to Internet wiretapping.

"Our customers are always our first priority," Charter said a statement. "As such, we are not moving forward with the pilots at this time. We will continue to take a thoughtful, deliberate approach with the goal to ultimately structure an advertising service that enhances the Internet experience for our customers and addresses questions and concerns they've raised."

Charter's plans had also raised the attention of prominent members of Congress, including Massachusetts Democrat Edward J. Markey, who chairs the House Subcommittee on Telecommunications and the Internet. Shortly after Charter's announcement, Markey released a statement praising the decision to suspend the program but questioning whether it violated the law:

Given the serious privacy concerns raised by the sophisticated ad-serving technology Charter Communications planned to test market, I am pleased to hear that the company has decided to delay implementation of this program, which electronically profiled individual consumer Web usage. I urge other broadband companies considering similar user profiling programs to similarly hold off on implementation while these important privacy concerns can be addressed.

The move comes as targeted Web advertising efforts ramp up. Earlier Tuesday, Google announced a tool called Ad Planner that lets advertisers find Web sites whose visitors match various demographic attributes. The tool, which competes with market leaders ComScore and Nielsen Online, also can show in detail how many people visit a particular Web site.

Ever the publicity hound nipping at Google's heels, Ask.com has issued an open letter to the public about adding a privacy policy link to its home page.

The letter highlights the fact that, weeks ago, several privacy groups asked Google to play up the privacy policy on its start page. The search giant didn't immediately add the link.

So Ask, the No. 4 search company, said Wednesday that it will take the step first.

"As of today, Ask.com has added a direct link to our privacy policy via a 'Privacy' link prominently placed right on our homepage...We've also made sure that the 'Privacy' link appears on the landing pages across most of Ask's verticals as well, which cover almost all of Ask's search traffic," according to its letter.

The company put a fine point on the act, too: "We strongly encourage others in the search marketplace and online industry to do the same."

Imagine every question you've typed into an Internet search engine suddenly appearing online for the world to scrutinize. What would the queries say about you? Would the world view you as totally mundane? Totally bizarre?

Would your search log be intriguing enough to draw thousands upon thousands of viewers?

Brat Productions, a theater company in Philadelphia, found one such search string more than compelling enough to form the basis of its new play, User 927.

The show--which opened Wednesday and runs through June 22--is based on a now infamous real-life search log that included queries ranging from "purple lilac," "happy bunny pictures," and "square dancing steps" to "cut into your trachea," "pee fetish," and "Simpsons incest." And that's just for starters.

"It was something that captured my imagination and seemed to suggest some type of dramatic story that could come out of it--a mystery or something about the Internet in general, and privacy," said User 927 director Michael Alltop.

In 2006, when AOL published the search logs of 650,000 subscribers, many people were shocked and outraged at what they viewed as a massive privacy breach. The logs, which were supposed to be used for research, were quickly withdrawn from the Web and three employees left in the ensuing uproar.

But other sites had already gotten ahold of the data and damage control couldn't do much to curb the curious minds of the cyberworld. Mirror sites such as Splunkd allowed users to probe every query and even gave the means to compile lists of some of the most interesting logs.

So Alltop joined in the fun. After hearing that a customer involved in the breach had been identified by The New York Times, Alltop logged on to AOLStalker.com--which allows visitors to track the leaked AOL searches--to see what the fuss was about.

When he realized he had essentially stumbled upon a database of life stories, he called friend and playwright Katharine Clark Gray and pitched an idea. Why not write a play about the search logs?

"From that point we had a good year and a half or so of throwing all kinds of ideas around. How could she frame a whole bunch of search queries into a story that people would want to come see?" he said.

Since the play's conception, its creators were sure it had to revolve around User 927, AOL's anonymous ID number for the Web seeker at the center of the production.

"We always knew that the search records of User 927 had to be the core," Alltop said.

Playwright Gray explains that unlike some of the other leaked search logs, User 927's queries were anything but linear and also anything but conventional. Whoever User 927 was, he, she, or they topped the charts on AOLStalker because of their often peculiar quests for knowledge. Many users rated the search log a masterpiece, putting it in the top-10 rated users out of all 650,000 subscribers.

AOL did not return a call seeking comment for this story.

What made User 927 an object of such public curiosity was not only that his or her search results were highly sexual and even violent, but perhaps that he or she spent hours looking up song lyrics and researching flowers and then went several days looking up sexual topics that are downright illegal, or would at least be considered deviant by many observers.

The search log was made even more popular with an article on the Consumerist Web site.

Unraveling a mystery
Since the play is a mystery, Gray wanted to keep most of the plot under wraps. She would say that the story focuses on a mother and daughter who move from New York to Indiana in search of a new life.

The mother decides the pair is going to "go analog" for the summer and forbids her daughter from the Internet. So the girl uses the library to enter the cyberworld without her mother's watchful eye. The mother and daughter struggle over the Internet, someone disappears in the town, and User 927's search log might be the key.

"There are numerous scenes in which the actual search records of User 927 are used to illuminate what happened," Alltop said.

"Or what might be happening," added Gray.

Although digital and analog search forms the core of the play, Alltop and Gray said that the tagline, "U are what U seek," is the other concept they worked into the play. The question was: can a three-month window into the searches of a stranger really portray that person accurately?

"I don't believe that a search log can tell you explicitly, exactly who you are," Alltop said. "I got the sense, and hopefully you will get the sense in the play, that you may not be exactly what you seek, but what you search for reveals an incredible amount about yourself and you don't even realize what you are revealing about yourself when you're online."

Gray has worked that issue into the second act, when one character addresses search logs and their link to identity.

"They are a portrait of you in the impressionist style," Gray said. "Each little ingredient is like a dab of color here and a dab of color there, you have to sort of stand back and look at the full picture to see the portrait that you've painted."

User 927 runs through June 22 at Philadelphia's St. Stephen's Theater. At least one reviewer liked the concept of the play, but didn't much like the execution, slamming its "confused, condescending plot."

"You could possibly forgive the amateurish quality of Gray's script if the issues it misses weren't so fascinating," Philly.com reviewer Wendy Rosenfield said.

But Alltop said everyone from technophiles to florists would enjoy the play.

"And AOL users especially," he added.

AUDIO

What do our searches say about us?
User 927 director Michael Alltop and playwright Katharine Clark Gray talk about why they focused on User 927's search logs, and what our own search results might say about us.
Download mp3 (2.93MB)

It's tough to stay on top of Google, but I thought I'd draw some attention to some developments involving the search powerhouse.

• More Street View with more privacy: One year into Google's launch of the Google Maps feature to show a driver's-eye view of the world, Google added 37 new cities, including Atlanta, Buffalo, N.Y., Ann Arbor, Mich., Fresno, Calif., and Cincinnati. It effectively doubles the coverage of Street View, engineer Jiajun Zhu said in a Google LatLong blog posting.

In addition, Street View face-blurring technology that first was tried with Manhattan imagery now is deployed all over, Google said.

• WordPress snafu: Google blocked e-mail sent to Gmail from WordPress.com on Wednesday, including notifications that blogs at the site had been updated. "A handful of third-party sites had problems sending email to Gmail users. We resolved the issue within a half hour of discovering it," Google said in a statement.

• Updated Trends. Google added two new abilities to make its Google Trends service more useful as a tool to monitor what's popular in searches and the chatter of news and blogs. First is a quantitative element that more precisely compares different search terms--for example Windows XP vs. Windows Vista; the chart is now calibrated so the relative popularity can be judged. Second is the ability to export Trends results as a data file.

• Journalism on YouTube: The Google video-sharing site now is able to call specific attention to journalistic efforts by creating a new "reporter" channel, according to the YouTube blog.

• PDF support in Docs: The Google Operating System blog has uncovered some evidence that points to support of Portable Document Format within Google Docs, the online applications suite. That makes sense given how widely used it is and that it's an openly documented and now standard format.

• Bypass Flash. On search results, Google now lets users bypass Web pages' Flash introductions--the kind of whiz-bang animations that rarely are worth watching more than once. Google search results now can let users, in effect, click the "skip intro" button on such sites if they want, Google Blogoscoped reported.

• Members of Google's mobile device team discuss how its Google Maps for Mobile service (think GPS Lite) works. The technology lets some phones figure out their rough location based on proximity to cell phone towers. It's available through Gears for Windows Mobile, and Google is adding support for geolocation in general to the new 0.4 version of Gears under development now.

Updated 12:34 p.m. PDT to correct the attribution of the cellular phone tracking story. The story that focused on the privacy issues was written by Seth Borenstein of the Associated Press.

Cell phone usage tracked in an undisclosed industrial nation revealed a majority of users tend to remain close to home for months at a time, according to a study conducted by Northeastern University and cited Wednesday in the journal Nature.

While the study of 100,000 cell phone users in a country outside the U.S. demonstrated that 75 percent remained within a 20-mile radius of their home over a six-month period, the study, nonetheless, raised privacy issues, according to an Associated Press report on CNN.com. The users didn't agree to participate in the study--such nonconsensual tracking would be illegal in the United States, according to a Federal Communications Commission source quoted in the AP story.

Albert-Lazio Barabasi, co-author of the study and director of Northeastern's Center for Complex Network Research, acknowledged he was concerned about the privacy issues when conducting the research, but that the phone numbers provided by the carrier were altered to conceal the users' identities. The report could not state the exact location of the users, but rather only the cell tower that was receiving and transmitting phone calls and text messages, according to the Associated Press story.

The Nature article noted that the research may aid urban planners in developing appropriate resources and could also inform epidemiologists on the potential path that viruses may take in a given population.