The Social

If Google's rumored $500m acquisition of Yelp goes through, the search giant may finally get a solid lock on the "hyperlocal" Web. But it'll also be acquiring a big community site--and those are notoriously hard to wrangle.

Restaurant industry blog Eater might have put it best: "One can only assume that with Google's muscle behind the site, the millions of users who log on to complain about restaurants would be able to say stupid stuff faster, and with more efficiency," editor Amanda Kludt wrote on Friday.

All snark aside, it's the same sort of issue that arose a few years ago amid persistent rumors that Google was going to acquire Digg, another site reliant on heavy participation from a loyal and extremely vocal community. The questions are more or less similar: What would Google change, and how much would they change it? Does Google's massive scope make it untrustworthy?

Yelp's official word: "Yelp is approached frequently by numerous entities to discuss partnerships, investments and more, and the company does not comment on private discussions that may occur."

Truth be told, the state of Yelp's forums on Friday indicated that many were more interested in talking about "Why are NYC apartment brokers such d-bags?" and "The official 'Jersey Shore' on MTV thread" than about whether Yelp might get sucked up by the Google monster. But a few threads did emerge, and the gist seems to be pretty much the same: They better not change too much. And please keep throwing parties.

"I wonder how this will effect Elite parties as well as Yelp Talk?" one Yelper asked in a Bay Area-centric thread about the acquisition. Another said, "So long as it's not Rupert Murdoch buying it." Some Yelpers were optimistic, suggesting that maybe there would be better integration with Google maps or additional technical improvements.

But others were concerned about quality control. "It means more trolls and fake reviews," one Yelper griped.

"Anyone ever look at the comments on YouTube videos?" another asked. "That is what is gonna happen here."

There were a few threats of account deletion, like "If this happens, I'm deleting my profile" and "Yelp is big because of us. Let's demand money or delete our accounts en masse." Generally, those aren't any real indicator of community revolt, but they're a reminder that it's extremely possible for a big buyer of a community site to mess things up big-time. LiveJournal users weren't thrilled about its Six Apart ownership, which ultimately failed. Likewise, when News Corp. acquired social network MySpace, mismanagement and a lack of innovation were likely what led to a drop in traffic and the eventual dominance of Facebook.

Worth a read: Yelpers' reviews of Google HQ in Mountain View, Calif. Choice bits range from "Google has lots of yummy, organic snacks and drinks" to "They have way too many skunks after 7 p.m. nightly and raccoons living on the Google campus."

This post was updated at 10:48 a.m. PT with comment from Yelp.

What Twitter's homepage looked like before it went down on Thursday night.

(Credit: CC u07ch/Flickr)

Twitter stumbled again overnight on Thursday. But this time, it wasn't the work of the "fail whale," the cuddly cartoon personification of the site's excessive technical baggage. Rather, the site was replaced with a foreboding message from "Iranian Cyber Army" before crashing entirely, indicating that it had been the victim of a malicious attack that targeted its internal servers.

Co-founder Biz Stone posted a brief clarification on the issue late on Thursday night. "Twitter's DNS records were temporarily compromised tonight but have now been fixed," he explained. "As some noticed, Twitter.com was redirected for a while but API and platform applications were working. We will update with more information and details once we've investigated more fully."

At the risk of sounding like an evening-news anchor calling attention to exactly how dangerous your treadmill is or how many diseases you can get from the ball pit at Chuck E. Cheese, I think it's time to explore the question: Is it safe to use Twitter?

For one, Twitter's track record with security has been shaky at best. A security flaw this spring exposed the data of a number of employees and allowed a hacker to pilfer some internal documents. Several high-profile accounts, like those of Britney Spears, Ashton Kutcher, and CNN anchor Rick Sanchez, have been targeted individually. Twitter has been the victim of phishing attacks. Other hackers have proved that Twitter accounts can be set up specifically to corral botnets of infected PCs. And in perhaps the biggest incident of all, a politically motivated denial-of-service attack in August that targeted multiple social-media sites managed to cripple Twitter entirely.

Think of it this way: if Facebook, a far bigger and more mainstream site that's had concerns about user privacy splashed all over the news recently, saw its homepage replaced with a nefarious political message, there would probably be a fresh round of calls for CEO Mark Zuckerberg's resignation. Twitter's heavy users are, for better or for worse, accustomed to sporadic downtime and glitches. They're also less likely to ever visit the Twitter.com homepage, considering the service has so many points of entry--text message, as well as third-party apps for mobile, Web, and desktop. Users have become accustomed to logging into third-party applications with their Twitter credentials.

That, perhaps, makes the overnight hack a bigger concern. Even though it's unlikely that user accounts were compromised in this DNS redirect, it's yet another sign that Twitter's security operations have time and again proven weak enough that the service doesn't exactly seem watertight.

A political message, or just plain obnoxious?
On the other hand, we still don't know much about this attack and it may have been less sophisticated than some may fear. One, nobody's exactly sure yet who the hackers were. "Of course, just because a message saying 'This site has been hacked by Iranian Cyber Army' has been posted on a Web page does not necessarily mean that hackers from Iran are responsible for the defacement," Sophos security consultant Graham Cluley wrote on his blog Friday.

Additionally, Cluley said, the aim seems to have been to either get a political message through or to simply be obnoxious. "Fortunately there is no indication at this point that the page was carrying malicious code, and this attack appears to have had political motivations rather than being designed to steal confidential information from users," he wrote.

"It really looks like it was people were redirected to a 'hactivism' site," weighed in fellow Sophos analyst Beth Jones via e-mail. "There was no malicious code on the site claiming to be the 'Iranian Cyber Army' either. It looks like they just hacked the registrar to redirect traffic. So it's quite probable that none of Twitter's own servers were touched."

Another reassurance is the fact that Twitter simply doesn't have the kind of sensitive data that a Facebook or Google does. While it does have millions of mobile phone numbers stored to power its text-message app, not to mention archived private "direct messages" between users, Twitter does not index a whole lot more that isn't otherwise public. Facebook, for example, has many members' credit card numbers on hand (if they've ever used its "gift shop" feature), not to mention extensive personal data in profiles like addresses, birthdays, and family connections. Members who are still concerned about the security of their Twitter accounts can take the obvious step of changing their Twitter passwords to something that they don't use on their e-mail, Facebook accounts, or elsewhere--just in case.

Beth Jones says she has confidence in Twitter. "I wouldn't say their security is second-rate by any means," Jones said via e-mail. "As it stands, they weren't actually compromised, but I can see from a user point of view the questions and concerns. At Sophos we see a new site compromised every 3.6 seconds. That's easily close to 24,000 sites a day, and of those, the vast majority are legitimate sites that get hacked."

That doesn't mean that Twitter shouldn't start making it more clear that it takes security seriously. If the company, which is now beta-testing a "Contributors" feature that may pave the way to paid corporate accounts, begins storing financial information, we can only hope that their security operations are turned up a few notches. Or, ideally, an order of magnitude.

This post was expanded at 6:23 a.m. PT with comment from Sophos' Beth Jones.

Privacy advocates opposed to new privacy regulations at Facebook are attempting to get the attention of the U.S. Federal Trade Commission, according to a complaint filed Thursday on behalf of the Electronic Privacy Information Center and several allied groups.

"These changes violate user expectations, diminish user privacy, and contradict Facebook's own representations," the complaint says of Facebook's new regulations, which push more content public, and make even more data available to third-party applications and advertisers. EPIC's goal is to force Facebook to restore the old settings and add additional controls for members.

"We've had productive discussions with dozens of organizations around the world about the recent changes, and we're disappointed that EPIC has chosen to share their concerns with the FTC while refusing to talk to us about them," a retaliatory statement from Facebook read. "We're pleased that so many users have already gone through the process of reviewing and updating their privacy settings, and are impressed that so many have chosen to customize their settings, demonstrating the effectiveness of Facebook's user empowerment and transparency efforts. Of course, the new tools offer users the opportunity to decide on privacy with every photo, link, or status update they wish to post, so the process of personalizing privacy on Facebook will continue."

It's one thing when Facebook users start complaining about new features that they deem excessively creepy--just look at the outrage that surrounded the News Feed, now a mainstay of the site, when it launched in 2006.

It's a bigger fish entirely when government regulatory bodies get involved, particularly the FTC, which has major sway over the advertising and marketing industries. It was only when privacy groups flagged concerns about Facebook's Beacon advertising program two years ago that participating advertisers started to pull out amid bad publicity. A class action settlement over the Beacon program was resolved recently.

Since then, Facebook hasn't had a privacy-related debacle on the same scale. Much of the philosophy behind Beacon was baked into its Facebook Connect universal log-in tool, which shares information from third-party sites on Facebook profiles and lets users log into other sites with their Facebook credentials. But with the public-relations pitch geared toward making the entire online experience easier for users (fewer passwords to remember, no more registration headaches) rather than helping advertisers exploit social-networking channels, the debut of Facebook Connect wasn't subject to the same scrutiny.

The controversial new privacy standards at Facebook have been a long time coming, considering the fact that the social network started to publicly set the groundwork nearly six months ago with a series of announcements about modified privacy controls. It's clear that the company was trying to avoid the sort of press bloodbath that came after the debut of Beacon.

That didn't happen. Facebook has already backtracked on one component of its new privacy regulations, one which made users' friends lists publicly available. It's unclear as to how much EPIC's coalition, not to mention the FTC, will prioritize this most recent controversy.

Behind Facebook's traditional willingness to make tweaks and modifications to new features and products, if they spark some kind of concern among government regulatory bodies or marketers, is a fight that the company will not give up easily. What it all comes down to is that Facebook's once-watertight log-in wall--remember the time that representatives mulled banning a blogger who'd posted Facebook-hosted photos publicly?--is getting in the way of the social network's potentially central role in one of the digital world's crazes du jour, searchable real-time information.

Search companies have been announcing big deals to pull Facebook status messages and Twitter tweets into results, and the media business has gone nuts over the potential to harness the "real-time Web."

Facebook, dependent on advertising revenues and still looking to expand its base of more than 350 million users, obviously wants in on this. But if it doesn't have enough status messages, shared links, and other information pulled into search results, it stands a chance at losing ground to the much-smaller Twitter--already the top name, in terms of a massive, searchable clearinghouse for up-to-the-minute information.

Plus, there are marketers and advertisers for Facebook to consider: more search results equals more page views and more ad revenue, and more public information on users' profiles means more ways for the advertising industry to reach them. But if those same marketers and advertisers are the ones pressuring Facebook to change course, in terms of user privacy, it could cause some friction between the social network and the businesses that have finally begun to accept it as a choice destination for their ad dollars.

Now EPIC is alleging to the FTC that Facebook's new regulations can be outright dangerous: "Dozens of American Facebook users, who posted political messages critical of Iran, have reported that Iranian authorities subsequently questioned and detained their relatives," an item in the complaint reads. "Under the revised privacy settings, Facebook makes such users' friends lists publicly available."

That's not good PR for Facebook, which has repeatedly pitched itself as a destination for open dialogue and grassroots organization across zones of political and ethnic conflict.

We didn't know much about Russian investment firm Digital Sky Technologies before it invested $200 million in Facebook this spring. But it's been in the news a lot more recently: Russian newspaper Kommersant reported Thursday that the firm has purchased more Facebook stock, sending its stake in the massive social network past 5 percent at a $10 billion valuation. Its original stake was 1.96 percent. It's reportedly still looking to buy more.

A Facebook representative told CNET via e-mail that because it's a private company it opts not to discuss shareholder percentages.

According to the Russian-language publication (first referenced in English by Quintura), DST's increased stake comes from its offer to purchase employee stock as part of the buyback program announced this summer. It's continued to pay $14.77 per share, Kommersant added. But if DST's stake is indeed over 5 percent now, it's purchased far more than the $100 million originally stipulated in Facebook's terms (its total stake is now over $400 million, according to Kommersant).

That's not all DST has been up to. Earlier this week, social gaming company Zynga--arguably the most profitable company to grow out of Facebook's developer platform--announced that DST had led a $180 million funding round designed to "fuel Zynga's growth and...facilitate liquidity for employees and investors." It's a "passive investor," meaning that it will not take a seat on the company board.

"Our earlier investment in Facebook and now in Zynga underscores our premise that social networking and social entertainment will define the next generation of the web," DST head Yuri Milner was quoted as saying in a release from Zynga.

Additionally, earlier this month another Russian newspaper reported that DST was in talks to acquire ICQ, an instant-messaging service that AOL is looking to sell off.

This post was updated at 7:56 a.m. PT with comment from Facebook.

Mark Zuckerberg should be proud: The top search term of 2009, according to Experian Hitwise, was not "porn," "poker," or "Britney Spears." It was, for the first time, "Facebook."

In 2008, Facebook had been the tenth most searched term on the Web, according to the traffic company's annual survey of search queries.

The rest of the list for 2009 is also made up of "navigational" searches, which Hitwise reps say actually always dominate top search queries despite the common wisdom that top searches tend to be for online gambling or racy pictures. In spot No. 2 is last year's leader, "myspace," followed by "craigslist," "youtube," "yahoo mail," "google," "yahoo," "ebay," "facebook login," and "myspace.com." If you add up all four Facebook-related terms in Hitwise's top 300 search terms, they make up slightly over a percent of all searches on the Web. The #1 term alone accounts for 0.67 percent.

Meanwhile, searches for "porn" came in at No. 16. Britney, unfortunately, didn't crack Hitwise's top 300, but the most searched for celebrity was Michael Jackson at No. 95, and "Twilight" hottie Robert Pattinson came in at #221. (Hitwise representatives say that they are currently reevaluating the data to see if recently beleaguered golfer Tiger Woods has moved up in the rankings, too.)

Update at 2:10 p.m. PST: So where's "Twitter" on Hitwise's list? It's hanging in there at #56, the company says.

One of the displays on Monday night for Charity Water, which aims to bring clean water to developing countries by digging new wells.

(Credit: Melanie Aronson for Charity Water)

NEW YORK--What's it like to watch a dot-com mogul spend $1 million? Well, it's sort of nice when it's going to a good cause.

On Monday night, at the annual benefit gala for the nonprofit Charity Water, Bebo founder Michael Birch, one of the event's co-hosts along with the likes of Twitter co-founder Jack Dorsey and entrepreneur Sean Parker, made a surprise announcement. Shortly before the event's live auction to solicit donations for new wells, Birch declared that he would personally match all donations up to $1 million.

Charity Water, a favorite cause of the dot-com set, raises money to build wells in developing countries and then tags them with GPS devices so that donors can keep tabs on them in Google Earth.

Birch, who co-founded Bebo with his wife, Xochi, sold the social network to AOL early last year for $850 million. It's a price tag that never made a whole lot of sense, even with AOL's justification that Bebo's strong foothold among youth in the U.K. would help it with international expansion and that Bebo's technology would be the foundation of a new "People Networks" communication division. They also cashed out just in time: had Bebo been sold much later, it would've been more evident that potential buyers should have been conservative about the valuation of any general-interest social network that wasn't Facebook. AOL, now under new management, has more or less put Bebo aside like an expensive Faberge egg that unexpectedly clashes with the furniture.

Michael Birch hasn't announced a new project yet. But he's starting to emerge as an active figure in philanthropy: Charity Water founder Scott Harrison explained to the 1,200 attendees on Monday night that a crucial donation from Birch had kept the organization afloat last year. (It operates on a "100 percent" policy, meaning that all donations, many of which are very small-scale, go directly to building wells, whereas separate benefactors fund the staffing and operations of the nonprofit itself.) Birch also helped with a redesign of the site that lets interested members set up their own fundraising campaigns, encouraging donations in lieu of birthday gifts or as pledges for a goal (i.e. "If you help me raise $10,000 for Charity Water, I will legally change my name to 'McLovin.'")

Birch brought his young daughter, Isabella, onstage to help make the announcement of the matching pledge. While I'm not sure what to think of the idea of a kid announcing to a thousand-plus people just how much money her parents were about to spend, it was awfully cute that Isabella insisted on doing so with a finger drawn to her mouth in the manner of "Austin Powers" villain Dr. Evil.

And, yes, the goal was met: the $1 million was raised via auction in a matter of 30 minutes.

(Credit: Caroline McCarthy/CNET)

This year for Christmas, I finally decided to give my family something that they've been asking me about for more or less the past five years: I told them that I would clean my room.

No, really. I moved out of my childhood home years ago, but more or less shut the door to my room and didn't change a thing. It's sort of a late '90s-early '00s teenage time capsule. There was stuff in there that had not been touched since the Clinton administration. There were magazines with Justin Timberlake on the cover from an era when nobody expected he'd be cast as a Silicon Valley hotshot in a movie directed by the "Fight Club" guy. There were varsity letters and prom photos and model rockets and Warped Tour '01 memorabilia and pretty much whatever else you'd expect to find in the living space of a kid who came of age in the era of "Can't Hardly Wait" and "Dawson's Creek."

That inventory included one almost perfectly preserved AOL 7.0 installer disc, a CD-ROM that boasts "Faster Than Ever!" and offers 1,025 free hours of access or 45 days, whichever comes first, with no credit card required. (1,025 hours is slightly under 42 days.) On the red-and-gold packaging is the face of a Japanese anime-style character, the edges of the drawing blurred to make the marketing message absolutely clear: This is fast. This is the future.

It's been a matter of days since Facebook's new privacy controls went into place, and the company is already making modifications in response to user complaints that they expose too much information. Namely, the company has made it easier to prevent people from seeing who your friends are.

For one, Facebook no longer makes a link to a list of your friends publicly available, and it has added an option for members who want no one at all--including other friends--to see their connections. Third-party applications, however, can still access it.

"In response to your feedback, we've improved the Friend List visibility option," an update to Facebook's blog post about the new privacy settings read. "Now when you uncheck the 'Show my friends on my profile' option in the Friends box on your profile, your Friend List won't appear on your profile regardless of whether people are viewing it while logged into Facebook or logged out. This information is still publicly available, however, and can be accessed by applications."

Facebook's reasons for making this move likely have something to do with the fact that it wants to be a safe place for professionals: in some fields of work, people may be uncomfortable with basically opening up their Rolodexes. There was a high-profile incident that highlighted these potential pratfalls of making one's Facebook friend list publicly available: Business Insider revealed earlier this week that Overstock.com CEO Patrick Byrne was keeping a list of journalists covering the company as well as their professional connections found through Facebook.

The new privacy settings give members more control over how much they share in general, but they additionally encourage them to make more content public as the site moves from a closed-off, login-required site to a potentially huge player in the new real-time search craze. But the company remains under pressure from not only its 350-million-plus users, but also lawmakers in multiple countries who have voiced concerns about how much the company is doing to protect users' privacy.

NEW YORK--The line on Wednesday night snaked outside the New York Stock Exchange building as a swarm of marketing, advertising, and other media types waited to get into the party that AOL was throwing on the trading floor to mark its spin-off from Time Warner. Onlookers weren't really sure what the big deal was.

An evening commuter walked past, craning his neck up at the massive AOL-logo banner--yes, the one with the fuzzy blue monster on it--and asking a few of the people in line, "Why's AOL having a party?"

"Spinning off from Time Warner."

"Oh, finally," the commuter replied, and sauntered off into the night.

Approximately 10 minutes later, security stalled a pack of party guests between the coat check and the entrance to the trading floor so that they wouldn't get in the way of AOL CEO Tim Armstrong's photo op on the red carpet with publishing industry dame Anna Wintour. There were waitresses carrying massive bourbon-infused cocktails called "The Ticker," sushi chefs chopping up spicy salmon rolls, and a photographer snapping pictures of guests posing with the iconic NYSE gavel. Oh, and there was a DJ booth where rap legend Sean "Diddy" Combs was calling the shots.

The next morning, long after that had all been cleared out, trading of the new AOL stock commenced: it fell in the first hour, hovered around $23 for most of the day, and climbing a few notches to close at $23.52. It looked less like the refreshed, shiny AOL that had turned the NYSE trading floor into a celebration of its vision of 21st-century publishing, and more like the AOL that, in preparation for the spin-off, cut 2,500 employees and began to explore selling off peripheral businesses like ICQ and MapQuest.

"I haven't looked at it because we've been so busy," Armstrong, in a morning call with reporters and analysts, said of the company's stock price. "The stock may go up and down, but I can tell you internally that the company continues to progress and get stronger."

Not very long ago, AOL was a punchline: edgy publishing outlet Thrillist, known for its in-the-know men's newsletter and wacky stunts that often involve party planes, threw a party in the summer of 2008 with a "vintage AOL" theme that interspersed the once-ubiquitous dial-up tone with mid-'90s pop songs (Thrillist CEO Ben Lerer, it should be said, happens to be the son of former AOL exec Ken Lerer). AOL was the ultimate brand for the old Internet, the one that would forever be associated with the "You've Got Mail" recording and the e-mail addresses that have long since fallen out of favor.

Its attempted revamp does elicit a few "over the hill" snickers, but in New York's media community--the people flooding the Stock Exchange on Wednesday night--it's treated with a good deal of respect. Armstrong was very well-regarded in his prior gig as a sales executive at Google. At the lavish AOL spin-off party, there were fewer snarky remarks than expected about wasted money, premature celebration, the disastrous results of AOL's original Time Warner merger in 2000, or how many laid-off employees the event had cost.

Because these are the people who, as much as New York media likes to thrive on an aura of cynicism, really do want the new AOL to succeed. The industry's been more or less smashed to bits, with magazines closing up shop and newspapers going through yet another fit of layoff rounds. Regardless of early concerns about its stock price, the new AOL is a bright spot.

Using its 2005 purchase of blog network Weblogs Inc. as a cornerstone and ambitiously rolling out new properties to add to the arsenal, AOL increasingly shifted focus away from its access business and more toward publishing. The company uprooted its corporate headquarters from Dulles, Va., to New York, picking a downtown office space in much closer proximity to the trendy digital agencies and blog networks of SoHo and Cooper Square than to the media industry stalwarts--including then-parent company Time Warner--in midtown.

Shortly before the spin-off, AOL announced a project that Armstrong had been hinting at for some time: Seed.com, a sort of clearinghouse for assigning freelance journalists and photographers to areas that its "engine" has deemed to be high-interest or in need of coverage. The company hired veteran journalist Saul Hansell to helm the project.

"Basically, our system allows us to take lots of data to figure out how to make better content for the Internet," Armstrong said in Thursday's conference call.

Seed.com has garnered some criticism: that it's really no different from existing business models of companies like Demand Media; that it will invariably prioritize tabloid-like, sensationalist stories with huge readership potential rather than less titillating but important journalistic endeavors; or that regardless of how innovative it is, it won't save AOL's advertising revenues.

Armstrong, of course, has a "go forth" attitude toward it all. "We focused the strategy of the company very clearly and succinctly around content, advertising, and communication," he said in Thursday's call. "And as we think about the future and stay focused on what we're going to be executing, we're in a good place because of where the Internet is headed. The '90s were about access, (and) AOL played a major role in access...This decade has really been about platforms: Google, Facebook, Twitter, etc., and we believe that the next decade will really be about content.

Not everybody agrees. But the invite list for AOL's celebration sure hopes Armstrong has the right idea.