Earlier this week I wrote a post about how I didn't like that I couldn't alter the Facebook Connect privacy settings for updates from Foursquare, an iPhone app that shares my location through a GPS-enabled city directory. It didn't make sense to me that Facebook Connect information was automatically visible to anyone who had access to posts on my "wall," whereas privacy settings on a third-party app embedded directly on my profile were much more fine-tuned, allowing me to restrict them to specific subsets of friends.
I've been e-mailing back and forth with Facebook, and I've gotten some clarification on how the process works. Privacy controls for embedded apps aren't as simple as I'd thought. I can opt to block the "box" for a third-party game like Mafia Wars or Farmville, as the privacy controls indicate, but activity from those apps--i.e. if I just picked up a new weapon in Mafia Wars--will still show up to anyone who can see what I post on my Facebook wall, like status messages and new friend connections. (You can, however, block individual Platform apps from posting to your wall in the first place.)
"Activity from apps and Connect sites are grouped with the activity you take on Facebook (which then appears on your wall), all of which can be blocked from a select group of people using publisher privacy," Facebook representative Malorie Lucich explained to me via e-mail. "So, for example, if you don't want your boss seeing your Mafia Wars activity and your usual Facebook activity, you can block her/him from viewing your wall."
Everything on the wall, therefore, is treated as a single unit. Except not quite: With status messages and content posted directly through Facebook, as part of Facebook's new privacy controls there's now a drop-down menu that lets me choose exactly who can see that message--the public Web, friends of friends, only my friends or "networks," or stratified groups of friends. That's great, because I can post a status message asking for Christmas present suggestions, and opt to block it from my family or other potential gift recipients.
For third-party apps, I'm not so lucky. I'm sure I wasn't the only Facebook member who figured that blocking the Mafia Wars "box" from a certain list of friends would also block activity updates on my wall. According to Facebook, it doesn't.
I'm also sure I'm not the only one who would like to use Facebook Connect with a service like Foursquare that isn't normally public; I liked some of the comments that would appear on "check-ins" pushed to Facebook (when I checked into a restaurant, for example, a few people responded with their favorite menu items, and another asked about the variety of beers on tap). But wanting to keep them restricted to half or a third or a quarter of my Facebook friends is not always just a matter of privacy--the majority of my Facebook friends have no interest whatsoever in which coffee shop I just checked into on the likes of Foursquare or Gowalla, and out of courtesy I don't want to plaster it all over everyone's news feeds. I'd like Foursquare's implementation of Facebook Connect, theoretically, to only be visible to close friends and people who live nearby.
Facebook is, and should be, proud of the wealth of data that gets shared on members' "walls." On Friday morning, I used my status message to solicit tips for an upcoming tropical getaway, and got some terrific suggestions from people in my "social graph" whom I hadn't talked to in ages. This was a great example of something that I'd like to open up to my entire Facebook network. But when it comes to information that's local, sensitive, or otherwise private, I'd like to be able to restrict it. As Facebook Connect grows bigger and more diverse, these instances are likely to come up more often.
So if I had to come up with a most-wished-for new Facebook feature, this might have to be it.
This one's a surprise. Twitter will have turned a profit in 2009, a BusinessWeek report claims, citing sources. What happened? Search deals with Google and Microsoft brought in a nice chunk of cash for the company, which has raised well over $100 million in venture capital and has a paper valuation floating somewhere around $1 billion.
Considering the company has not yet put forth a long-term revenue strategy, this would be one of those Christmas miracles along the lines of a neurotic mom getting home to her stranded 8-year-old by fortuitously hitching a ride with a polka band fronted by John Candy.
So let's look at the details. Sources told BusinessWeek's Spencer Ante that Twitter's search deals with Google and Microsoft's Bing brought in $15 million and $10 million respectively, and that Twitter has managed to cut some of the high costs related to text-message functionality. (These costs were so exorbitant that Twitter temporarily had to restrict some international SMS codes.) OK, cool. Those numbers are decently plausible, and Twitter's strategic hire of a mobile business-development dude early this year likely had something to do with it. And Ante's article makes it clear that while sources have told him that Twitter will end 2009 on a profitable note, that doesn't mean it's going to be profitable next year.
But there's a difference between being cash-flow positive and being profitable, and it's also not totally clear as to what Twitter's other expenses are, or what they will be next year.
Ante writes:
Now that Twitter has become so popular, it has gained bargaining power with telecom companies and has managed to renegotiate so many deals with carriers that the company pays far less for the services. "Those used to be the biggest line item," says one source. "Generally speaking, those costs have gone away. Now people are the biggest line item."
People. Yes. Like the new office space they just moved into, and their still-expanding payroll, and stuff like that. Also: hardware, and other forms of defensive weaponry against evil whale attacks. The company also sometimes buys stuff, and continues to develop new features--like the current test of "contributors" accounts that it may end up charging for. So even with costs cut via a savvier mobile strategy, there are plenty of other costs that could be escalating simultaneously.
What's good news for Twitter is that getting $25 million out of search deals (if that's indeed true) shows that the company could expand that into a stronger long-term revenue strategy. Critics have been lukewarm on the possibility of Twitter attempting to support itself with advertisements or paid accounts, and nobody's really gone into depth on the question of whether the businesses currently raving about Twitter's power of "conversation" will cough up for more in-depth analytics.
Maybe they read the Yelp review that says Google's headquarters is infested with skunks and raccoons.
Just a few days after reporting that Google was about 80 percent likely to be acquiring business reviews site Yelp for a totally sweet $500 million, TechCrunch has backtracked. Late Sunday, TechCrunch reported that Yelp CEO Jeremy Stoppelman personally walked away from the deal and that company representatives informed Google over the weekend they aren't selling.
That's odd. People seemed to think it was generally a good deal. TechCrunch isn't exactly sure what went wrong but speculates that Yelp may have gotten a better offer for a potential acquisition or strategic partnership that caused it to bail.
What could also have something to do with it: Google does a lot of things very, very well, but one thing it's never nailed is community. (Knol most certainly didn't kill Wikipedia, Orkut was big in Brazil but then faded in the wake of Facebook's growth, and YouTube's commenters seem to come from a very special place somewhere between the sixth and seventh circles of hell.) That's evident from looking at what Yelpers had to say about the potential deal last week. Proudly opinionated and devoted to the Yelp brand, many Yelpers were concerned that a Google buyout would degrade the site's sense of community--something that could, effectively, kill it.
Perhaps Yelp's execs thought the same and figured that strategic partnerships might be a better route for now.
If Google's rumored $500m acquisition of Yelp goes through, the search giant may finally get a solid lock on the "hyperlocal" Web. But it'll also be acquiring a big community site--and those are notoriously hard to wrangle.
Restaurant industry blog Eater might have put it best: "One can only assume that with Google's muscle behind the site, the millions of users who log on to complain about restaurants would be able to say stupid stuff faster, and with more efficiency," editor Amanda Kludt wrote on Friday.
All snark aside, it's the same sort of issue that arose a few years ago amid persistent rumors that Google was going to acquire Digg, another site reliant on heavy participation from a loyal and extremely vocal community. The questions are more or less similar: What would Google change, and how much would they change it? Does Google's massive scope make it untrustworthy?
Yelp's official word: "Yelp is approached frequently by numerous entities to discuss partnerships, investments and more, and the company does not comment on private discussions that may occur."
Truth be told, the state of Yelp's forums on Friday indicated that many were more interested in talking about "Why are NYC apartment brokers such d-bags?" and "The official 'Jersey Shore' on MTV thread" than about whether Yelp might get sucked up by the Google monster. But a few threads did emerge, and the gist seems to be pretty much the same: They better not change too much. And please keep throwing parties.
"I wonder how this will effect Elite parties as well as Yelp Talk?" one Yelper asked in a Bay Area-centric thread about the acquisition. Another said, "So long as it's not Rupert Murdoch buying it." Some Yelpers were optimistic, suggesting that maybe there would be better integration with Google maps or additional technical improvements.
But others were concerned about quality control. "It means more trolls and fake reviews," one Yelper griped.
"Anyone ever look at the comments on YouTube videos?" another asked. "That is what is gonna happen here."
There were a few threats of account deletion, like "If this happens, I'm deleting my profile" and "Yelp is big because of us. Let's demand money or delete our accounts en masse." Generally, those aren't any real indicator of community revolt, but they're a reminder that it's extremely possible for a big buyer of a community site to mess things up big-time. LiveJournal users weren't thrilled about its Six Apart ownership, which ultimately failed. Likewise, when News Corp. acquired social network MySpace, mismanagement and a lack of innovation were likely what led to a drop in traffic and the eventual dominance of Facebook.
Worth a read: Yelpers' reviews of Google HQ in Mountain View, Calif. Choice bits range from "Google has lots of yummy, organic snacks and drinks" to "They have way too many skunks after 7 p.m. nightly and raccoons living on the Google campus."
This post was updated at 10:48 a.m. PT with comment from Yelp.
What Twitter's homepage looked like before it went down on Thursday night.
(Credit: CC u07ch/Flickr)Twitter stumbled again overnight on Thursday. But this time, it wasn't the work of the "fail whale," the cuddly cartoon personification of the site's excessive technical baggage. Rather, the site was replaced with a foreboding message from "Iranian Cyber Army" before crashing entirely, indicating that it had been the victim of a malicious attack that targeted its internal servers.
Co-founder Biz Stone posted a brief clarification on the issue late on Thursday night. "Twitter's DNS records were temporarily compromised tonight but have now been fixed," he explained. "As some noticed, Twitter.com was redirected for a while but API and platform applications were working. We will update with more information and details once we've investigated more fully."
At the risk of sounding like an evening-news anchor calling attention to exactly how dangerous your treadmill is or how many diseases you can get from the ball pit at Chuck E. Cheese, I think it's time to explore the question: Is it safe to use Twitter?
For one, Twitter's track record with security has been shaky at best. A security flaw this spring exposed the data of a number of employees and allowed a hacker to pilfer some internal documents. Several high-profile accounts, like those of Britney Spears, Ashton Kutcher, and CNN anchor Rick Sanchez, have been targeted individually. Twitter has been the victim of phishing attacks. Other hackers have proved that Twitter accounts can be set up specifically to corral botnets of infected PCs. And in perhaps the biggest incident of all, a politically motivated denial-of-service attack in August that targeted multiple social-media sites managed to cripple Twitter entirely.
Think of it this way: if Facebook, a far bigger and more mainstream site that's had concerns about user privacy splashed all over the news recently, saw its homepage replaced with a nefarious political message, there would probably be a fresh round of calls for CEO Mark Zuckerberg's resignation. Twitter's heavy users are, for better or for worse, accustomed to sporadic downtime and glitches. They're also less likely to ever visit the Twitter.com homepage, considering the service has so many points of entry--text message, as well as third-party apps for mobile, Web, and desktop. Users have become accustomed to logging into third-party applications with their Twitter credentials.
That, perhaps, makes the overnight hack a bigger concern. Even though it's unlikely that user accounts were compromised in this DNS redirect, it's yet another sign that Twitter's security operations have time and again proven weak enough that the service doesn't exactly seem watertight.
A political message, or just plain obnoxious?
On the other hand, we still don't know much about this attack and it may have been less sophisticated than some may fear. One, nobody's exactly sure yet who the hackers were. "Of course, just because a message saying 'This site has been hacked by Iranian Cyber Army' has been posted on a Web page does not necessarily mean that hackers from Iran are responsible for the defacement," Sophos security consultant Graham Cluley wrote on his blog Friday.
Additionally, Cluley said, the aim seems to have been to either get a political message through or to simply be obnoxious. "Fortunately there is no indication at this point that the page was carrying malicious code, and this attack appears to have had political motivations rather than being designed to steal confidential information from users," he wrote.
"It really looks like it was people were redirected to a 'hactivism' site," weighed in fellow Sophos analyst Beth Jones via e-mail. "There was no malicious code on the site claiming to be the 'Iranian Cyber Army' either. It looks like they just hacked the registrar to redirect traffic. So it's quite probable that none of Twitter's own servers were touched."
Another reassurance is the fact that Twitter simply doesn't have the kind of sensitive data that a Facebook or Google does. While it does have millions of mobile phone numbers stored to power its text-message app, not to mention archived private "direct messages" between users, Twitter does not index a whole lot more that isn't otherwise public. Facebook, for example, has many members' credit card numbers on hand (if they've ever used its "gift shop" feature), not to mention extensive personal data in profiles like addresses, birthdays, and family connections. Members who are still concerned about the security of their Twitter accounts can take the obvious step of changing their Twitter passwords to something that they don't use on their e-mail, Facebook accounts, or elsewhere--just in case.
Beth Jones says she has confidence in Twitter. "I wouldn't say their security is second-rate by any means," Jones said via e-mail. "As it stands, they weren't actually compromised, but I can see from a user point of view the questions and concerns. At Sophos we see a new site compromised every 3.6 seconds. That's easily close to 24,000 sites a day, and of those, the vast majority are legitimate sites that get hacked."
That doesn't mean that Twitter shouldn't start making it more clear that it takes security seriously. If the company, which is now beta-testing a "Contributors" feature that may pave the way to paid corporate accounts, begins storing financial information, we can only hope that their security operations are turned up a few notches. Or, ideally, an order of magnitude.
This post was expanded at 6:23 a.m. PT with comment from Sophos' Beth Jones.
Privacy advocates opposed to new privacy regulations at Facebook are attempting to get the attention of the U.S. Federal Trade Commission, according to a complaint filed Thursday on behalf of the Electronic Privacy Information Center and several allied groups.
"These changes violate user expectations, diminish user privacy, and contradict Facebook's own representations," the complaint says of Facebook's new regulations, which push more content public, and make even more data available to third-party applications and advertisers. EPIC's goal is to force Facebook to restore the old settings and add additional controls for members.
"We've had productive discussions with dozens of organizations around the world about the recent changes, and we're disappointed that EPIC has chosen to share their concerns with the FTC while refusing to talk to us about them," a retaliatory statement from Facebook read. "We're pleased that so many users have already gone through the process of reviewing and updating their privacy settings, and are impressed that so many have chosen to customize their settings, demonstrating the effectiveness of Facebook's user empowerment and transparency efforts. Of course, the new tools offer users the opportunity to decide on privacy with every photo, link, or status update they wish to post, so the process of personalizing privacy on Facebook will continue."
It's one thing when Facebook users start complaining about new features that they deem excessively creepy--just look at the outrage that surrounded the News Feed, now a mainstay of the site, when it launched in 2006.
It's a bigger fish entirely when government regulatory bodies get involved, particularly the FTC, which has major sway over the advertising and marketing industries. It was only when privacy groups flagged concerns about Facebook's Beacon advertising program two years ago that participating advertisers started to pull out amid bad publicity. A class action settlement over the Beacon program was resolved recently.
Since then, Facebook hasn't had a privacy-related debacle on the same scale. Much of the philosophy behind Beacon was baked into its Facebook Connect universal log-in tool, which shares information from third-party sites on Facebook profiles and lets users log into other sites with their Facebook credentials. But with the public-relations pitch geared toward making the entire online experience easier for users (fewer passwords to remember, no more registration headaches) rather than helping advertisers exploit social-networking channels, the debut of Facebook Connect wasn't subject to the same scrutiny.
The controversial new privacy standards at Facebook have been a long time coming, considering the fact that the social network started to publicly set the groundwork nearly six months ago with a series of announcements about modified privacy controls. It's clear that the company was trying to avoid the sort of press bloodbath that came after the debut of Beacon.
That didn't happen. Facebook has already backtracked on one component of its new privacy regulations, one which made users' friends lists publicly available. It's unclear as to how much EPIC's coalition, not to mention the FTC, will prioritize this most recent controversy.
Behind Facebook's traditional willingness to make tweaks and modifications to new features and products, if they spark some kind of concern among government regulatory bodies or marketers, is a fight that the company will not give up easily. What it all comes down to is that Facebook's once-watertight log-in wall--remember the time that representatives mulled banning a blogger who'd posted Facebook-hosted photos publicly?--is getting in the way of the social network's potentially central role in one of the digital world's crazes du jour, searchable real-time information.
Search companies have been announcing big deals to pull Facebook status messages and Twitter tweets into results, and the media business has gone nuts over the potential to harness the "real-time Web."
Facebook, dependent on advertising revenues and still looking to expand its base of more than 350 million users, obviously wants in on this. But if it doesn't have enough status messages, shared links, and other information pulled into search results, it stands a chance at losing ground to the much-smaller Twitter--already the top name, in terms of a massive, searchable clearinghouse for up-to-the-minute information.
Plus, there are marketers and advertisers for Facebook to consider: more search results equals more page views and more ad revenue, and more public information on users' profiles means more ways for the advertising industry to reach them. But if those same marketers and advertisers are the ones pressuring Facebook to change course, in terms of user privacy, it could cause some friction between the social network and the businesses that have finally begun to accept it as a choice destination for their ad dollars.
Now EPIC is alleging to the FTC that Facebook's new regulations can be outright dangerous: "Dozens of American Facebook users, who posted political messages critical of Iran, have reported that Iranian authorities subsequently questioned and detained their relatives," an item in the complaint reads. "Under the revised privacy settings, Facebook makes such users' friends lists publicly available."
That's not good PR for Facebook, which has repeatedly pitched itself as a destination for open dialogue and grassroots organization across zones of political and ethnic conflict.
We didn't know much about Russian investment firm Digital Sky Technologies before it invested $200 million in Facebook this spring. But it's been in the news a lot more recently: Russian newspaper Kommersant reported Thursday that the firm has purchased more Facebook stock, sending its stake in the massive social network past 5 percent at a $10 billion valuation. Its original stake was 1.96 percent. It's reportedly still looking to buy more.
A Facebook representative told CNET via e-mail that because it's a private company it opts not to discuss shareholder percentages.
According to the Russian-language publication (first referenced in English by Quintura), DST's increased stake comes from its offer to purchase employee stock as part of the buyback program announced this summer. It's continued to pay $14.77 per share, Kommersant added. But if DST's stake is indeed over 5 percent now, it's purchased far more than the $100 million originally stipulated in Facebook's terms (its total stake is now over $400 million, according to Kommersant).
That's not all DST has been up to. Earlier this week, social gaming company Zynga--arguably the most profitable company to grow out of Facebook's developer platform--announced that DST had led a $180 million funding round designed to "fuel Zynga's growth and...facilitate liquidity for employees and investors." It's a "passive investor," meaning that it will not take a seat on the company board.
"Our earlier investment in Facebook and now in Zynga underscores our premise that social networking and social entertainment will define the next generation of the web," DST head Yuri Milner was quoted as saying in a release from Zynga.
Additionally, earlier this month another Russian newspaper reported that DST was in talks to acquire ICQ, an instant-messaging service that AOL is looking to sell off.
This post was updated at 7:56 a.m. PT with comment from Facebook.
Susan Boyle's first appearance on "Britain's Got Talent" tallied the most worldwide views on YouTube for 2009, the video site said Wednesday.
The video of the once-unknown singer captured more than 120 million views.
Her video was followed "David After Dentist" (37 million views), "JK Wedding Entrance Dance" (33 million views), "New Moon Movie Trailer" (31 million views), and "Evian Roller Babies" (27 million views).
YouTube also looked specifically at which music videos tallied the most views for the year.
Pitbull's "I Know You Want Me" had more than 82 million views this year. That was followed by two Miley Cyrus songs--"The Climb" and "Party in the U.S.A"--with 64 million and 54 million views, respectively. The Lonley Island's "I'm On a Boat" and Keri Hilson's "Knock You Down" rounded out the top five.
You may notice that Michael Jackson videos, surprisingly, didn't capture more views than the top clips of the year. According to YouTube, the pop star's "Thriller" video was one of the fastest rising searches but it failed to acquire enough views to push it into the top five most-viewed videos.
Iran's elections topped Twitter's list of most popular topics of 2009, according to the microblogging site.
"Among all the keywords, hashtags, and phrases that proliferated throughout the year, one topic surfaced repeatedly," the company wrote in a blog post Tuesday. "Twitter users found the Iranian elections the most engaging topic of the year. The terms #iranelection, Iran and Tehran were all in the top-21 of Trending Topics, and #iranelection finished in a close second behind the regular weekly favorite #musicmonday."
The fact that Iran's elections rose to the top on Twitter is noteworthy because Twitter itself became a tool for organizing post-election demonstrations in Iran.
In the category of top news topics on Twitter, items related to the Iranian elections and swine flu took five of the top six spots for the year. They were followed by Gaza, AIG, and President Obama's inauguration.
A look at the top trending topics of 2009 on Twitter.
(Credit: Twitter)Among the most-discussed people of the year, Michael Jackson took the top spot. He was followed by singing sensations Susan Boyle and Adam Lambert, respectively. Kobe Bryant, Chris Brown, Chuck Norris, Joe Wilson, Tiger Woods, Christian Bale, and Alex Rodriguez rounded out the top 10 most-discussed people of the year on Twitter.
"Harry Potter" was the most engaging film of the year for Twitter users, followed by "New Moon," "District 9," "Paranormal Activity," and "Star Trek."
"American Idol" was the top television show on Twitter, followed by "Glee," the "Teen Choice Awards," "Saturday Night Live," and "Dollhouse."
On the tech side, it was Google Wave that engaged the most Twitter users, followed by Snow Leopard, Tweetdeck, Windows 7, and CES.
Mark Zuckerberg should be proud: The top search term of 2009, according to Experian Hitwise, was not "porn," "poker," or "Britney Spears." It was, for the first time, "Facebook."
In 2008, Facebook had been the tenth most searched term on the Web, according to the traffic company's annual survey of search queries.
The rest of the list for 2009 is also made up of "navigational" searches, which Hitwise reps say actually always dominate top search queries despite the common wisdom that top searches tend to be for online gambling or racy pictures. In spot No. 2 is last year's leader, "myspace," followed by "craigslist," "youtube," "yahoo mail," "google," "yahoo," "ebay," "facebook login," and "myspace.com." If you add up all four Facebook-related terms in Hitwise's top 300 search terms, they make up slightly over a percent of all searches on the Web. The #1 term alone accounts for 0.67 percent.
Meanwhile, searches for "porn" came in at No. 16. Britney, unfortunately, didn't crack Hitwise's top 300, but the most searched for celebrity was Michael Jackson at No. 95, and "Twilight" hottie Robert Pattinson came in at #221. (Hitwise representatives say that they are currently reevaluating the data to see if recently beleaguered golfer Tiger Woods has moved up in the rankings, too.)
Update at 2:10 p.m. PST: So where's "Twitter" on Hitwise's list? It's hanging in there at #56, the company says.
