There are two differences that jump out between this awe-inspiring alphabetical listing of all Facebook users and a dog-eared telephone directory.  First, Facebook’s directory has a staggering 171 million names in it.  Second, in good news for paper prices everywhere given the first difference, the directory is digital — it’s right there, online.  And if it’s online, it’s scrapable.  Ron, being of the inquisitive engineering sort who can’t help but push a button if he sees one, figured that supply creates demand, and went ahead and scraped the directory.

That means he produced a file on his own hard drive containing more or less the directory’s main contents: for each person listed, a name, the person’s Facebook URL (what one types in to go directly to his or her entry), and unique Facebook ID (not a secret; this is part of a person’s Facebook url).  The resulting file is only a few gigs — amazing how cheap storage has become that so much can be roughly the side of an episode of House.  Ron then placed it online as a torrent — which means anyone can download the file, and voila, a snapshot of Facebook’s membership as of July 2010.

So, is this a problem?  As I’m writing, news is only just breaking, so it’s like that moment when a toddler trips, falls, and then has to think about whether to cry or not.  “You’re OK!” is usually what the alert parent encouragingly says — and if the toddler buys it, it’s usually true.  In fact, even if the toddler doesn’t buy it, it’s still usually true.  In this case, I think I’m with the metaphorical parent.  The data that Ron grabbed is precisely what Facebook users have chosen (or perhaps more accurately, passively acquiesced) to share.  For those who lock their privacy settings to avoid having a public listing in a Facebook search, they’re not present here.  For those who have, they are — along with a click through to their respective Facebook pages however they’ve chosen to share them.

Ron appears a little disquieted by it because of the prospect that the snapshot can live forever more.  If you remove your Facebook account or up your privacy settings, that will be reflected in real time in the Facebook directory and search (or at least it should be!).  But the torrent file exists forever — so one’s privacy choices are locked into that moment.  This is an artifact of having a service — Facebook — converted into a product — a Facebook database — the way that universities used to not just maintain online directories, but also publish bound volumes of their alumni with addresses, for those who opted in.  (In fact, many universities still do this; someone should tell them about saving the trees.)

There’s some privacy hit there, but there are also benefits.  By making a public directory — and a scrapable one, no less — Facebook gets more inbound links and attention as its members become easier to find.  And we benefit by having Facebook’s subscribers’ public pages indexed by the likes of Google and Yahoo! search.  In fact, when searching on a person’s name in a regular search engine, quite commonly a Facebook entry is one of the top hits.  That seems to me a good thing, and once Google, Yahoo!, and Bing have it, why shouldn’t Ron and anyone else who wants it have it too?  Indeed, Ron already did some cool stuff with the data.  For example, he crunched it all and came up with a list of Facebook’s most commonly used first and last names, discovering “Michael” and “Smith” coming in at number 1 for each.  Congratulations, Michael Smith, you are hidden in plain sight, since a search for you turns up so many others at the same time!  (Not so much with “Jonathan Zittrain”…)

Anyway, that’s generativity at work: Facebook makes available a directory on free and open terms, and people do stuff with it, some of which can surprise us.  There could be bad surprises, too — Ron and others hint at undesirable data mining — but I’m glad that the gates of Facebook’s gated community have some slats in them, rather than being a solid wall.  At most, it seems to highlight the desirability of getting the defaults right: Facebook shouldn’t have people automatically publicly sharing stuff they’d not normally share, without clear markers on what’s about to happen.  As Google would say, “Please read this carefully.   It’s not the usual yada yada.”

Indeed.  There have been so many Facebook privacy mini-scandals that we’re primed for the next, and the involvement of a torrent file adds an element of seeming subversiveness to the mix, given the association of p2p with contraband material.  But sometimes when the boy cries wolf it’s just a shadow.  I count 8 Yadas in the Facebook directory.  And I, along with my cool musician brother Jeff Zittrain, fall in between Aron Zittra and Austin Zittrauer.  Until now, who knew?  Interesting — but not pitchfork worthy.  …JZ

Communicating with the e-book mothership. If the latest must-read on Kindle is dotted with typos or has a few pages missing, there’s a good chance Amazon offers a patch to correct the error. It’s a handy Internet-enabled functionality, although one can imagine at the extreme authors continuing to update their work ad infinitum, making it impossible for a reader to say he or she has read an e-book since content is always subject to change. Information flows in the other direction on the Kindle superhighway too, as Amazon apparently keeps track of what readers are highlighting. There’s some creep factor in Amazon knowing what ideas Kindle readers think are important, even if the most highlighted passages are in works as deep as The Lost Symbol. But the information is also so interesting.

The remote control. In April, Sony quietly revised the End User License Agreement that came with the latest PS3 firmware update to allow the company to change how an owner’s console operates in whatever way it wants, no notice or permission required. Now the FCC, at the request of the MPAA, has given cable and satellite providers the right to remotely disable output connections on consumers’ set-top boxes, leading consumers to ask “What did I buy?”

Curated Computing is the new name in town for the experience provided by the tablet non-PC. This particular term is meant to accentuate the “less choice, more relevance” aspects of that experience. It rolls off the tongue more smoothly than “contingently generative” and sounds less regressive than an “appliance,” but it connotes somewhat life aboard the Axiom. However, its proponents suggest that curated computing devices are meant to exist alongside and supplement traditional PCs. Let’s call that a worthy goal and the best of both worlds.

iPhone pillow talk with Steve Jobs. A ValleyWag reporter last week exchanged late-night emails with a defiant Steve Jobs on the iPhone’s ability to give people “freedom from” data theft, battery hogs, and porn. The emails speak for themselves, giving a little insight into Jobs’ perspective on the benefits and aims of the iPhone. He gets a little snarky at the end, but then again it’s 2am when he’s responding, and he never has a chance to clarify his comments, unlike the Gawker reporter.

Android outsells iPhone. During the first quarter of 2010, phones with the Android OS grabbed 28% of the U.S. market share, surpassing iPhone’s 21% (RIM’s Blackberry is still at the top with 36%).  Although Android benefited from Verizon’s buy-one-phone-get-one-free promotion and iPhone continues to lead worldwide, it appears Google is getting closer in Apple’s rearview mirror.

McAfee prevents computers from booting up in new virus-protection strategy. Centralizing security software in a few big providers concentrates expertise to solve problems, while also meaning that there are only a few–albeit strong–security systems the bad guys need to breach in order to wreak widespread havoc.  But in a previously under-appreciated risk, a flawed update of widely-used antivirus software can cut out the middleman and accomplish the same havoc directly.  A McAfee software update mistakenly identified a critical file as a virus and quarantined it, causing computers around the world, many of which automatically install updates, to repeatedly attempt to boot up.  One source estimated that 800,000 PCs were affected.

Taking [re-]generativity seriously. A Connecticut mayor donated her kidney to a Facebook friend last month after seeing his desperate status update.  The patient’s doctor had suggested that he try publicizing his need through social media, using an online connection to a forge a real-world bond.

Canadian Android Carrier Forcing Firmware Update. A Canadian carrier wanted users to download a firmware upgrade that fixed a glitch prohibiting users from dialing 911, so it made the upgrade mandatory. Seems reasonable. But it bundled in an update that “prevent[ed] users from ever gaining root access to their phones.” Sneaky—one more way that contingent generativity really is contingent, even for savvy users.

Biggest Mobile Operators Join Forces On App Store Project. A few dozen mobile operators have come together to try to create a mobile developer’s dream: a set of standards for applications that would work across phones and mobile OSes, and a single app store (with a single approval process) in which to sell those apps. This could be a good thing if it worked—developers might have more say in big-picture application development, and single carriers or hardware manufacturers would have less ability to be a development chokepoint. (It would also be nice for consumers, generally making the smartphone world look more like the PC world.) I’d be more excited if efforts to create uniform mobile standards weren’t so difficult and historically so unsuccessful.

Demand for Android Phones Makes “Monstrous” 250% Jump. Another developer’s dream (perhaps), Android, is seeing significant growth. “Android has finally caught consumer interest,” according to a research firm. Also, Android users are almost as happy as iPhone users with their phone (72% to 77%).

Big Brother Is Here, Families Say. This story is so bizarre, I don’t know what to make of it. A school in Philadelphia gave out laptops without telling the students or their families that the cameras could be remotely activated. The idea was to use the cameras if the laptops were stolen, but one family claims a camera was used to spy on a student. If true (details are cloudy), that would (a) be mind-bogglingly dumb on the school’s part, and (b) reminiscent of this (ubiquitous cameras) and this (remote activation) in the book. Check out the Onion’s take here.

Microsoft takes the StopBadware Approach Further. Last week, MS obtained a restraining order to deactivate 277 domain names it had linked to the Waledec botnet. Severing the connection between drones and the mothership goes beyond tactics employed by the Google/StopBadware Project.  It effectively makes the targeted websites invisible, instead of slapping a prominent warning label on them. Although MS attempted to cut off only addresses used exclusively for spam, it appears that the single U.S.-based target may be a legitimate site, if a hapless drone.  While owners have the opportunity to reclaim their addresses, MS’s actions raise questions of proportionality and whether cooperation and information-sharing between prominent Internet denizens, such as MS and Google, if possible, would result in more efficient and just solutions. Their approach also highlights the tension between the need for secrecy to effectively attack the spam network and the notice usually required prior to legal action.

One step behind. Thesixtyone.com, a site that allows the public to listen to, rate, and buy largely indie music, is looking for a hacker that can break up the bot-powered voting rings seeking to game their democratic rating system.  A laudable goal, but one spammers have already begun to circumvent by using real people instead of bots.

Passing through the cloud. Katherine Boehret recently reviewed Pogoplug, a device that makes files web-accessible without actually storing them in the cloud.  While this type of solution doesn’t address data-portability concerns surrounding extraction of personal data in usable form – to allow seamless transition between social networking sites, for example – it does let the user to maintain more control over data instead of entrusting it entirely to the cloud.  This control prevents third parties from holding data hostage and from losing, allowing government access to, selling, or mining personal information; but users can still access their files from almost anywhere.

Please think twice. A website launched last week illustrates the risk of publicly sharing information online.  Pleaserobme.com aggregates Twitter posts that contain location-sharing information from Foursquare in a chronological list to show the potential for exploitation by Internet users with malicious intentions.  While it’s probable that only a small set of burglars will take advantage of this information, the site is an example of a grassroots campaign to raise awareness of potential problems for users who don’t recognize how the information they freely give can be mined.  Whether this awareness leads them to alter their behavior or simply “get over it” is up to the individual.

Facebook messaging glitch. A subset of Facebook users experienced firsthand the risk of entrusting control of personal messages to third parties.  Last Wednesday, FB accidentally sent the private messages of a “small number” of users to strangers instead of the intended recipients.  Unlike well-publicized security breaches of credit card companies and banks, the misdirected messages were largely personal in nature and contained little identifying information, so the risk of actual injury is low.  But that may not be very comforting to those who had intimate details divulged to strangers.  Some of the accounts indeed provoke a gut-level enquiry as to how privacy violation should be measured.  On the flip-side, the occasional misrouting of a letter by the Post Office doesn’t give rise to much concern – and in that case the sender is usually clearly identifiable – so why should electronic mail be afforded greater scrutiny?

—By Jennifer Halbleib and Elisabeth Oppenheimer

Android Market Badly Needs A Web Presence to Compete with the App Store. Jason Kincaid argues that, while there are fewer Android apps than iPhone apps, a better web system for browsing and choosing apps could really help Android. I think he’s right that Google could think creatively about how to push the Market past (or at least toward) the App Store, but he admits that the big caveat is that 90% of apps are bought over-the-air, not via the web.

Apple Approves “Tits & Boobies” and “Pussy Lovers” Apps. Apple’s app reviewers try to figure out what to do with a “tits & boobies” app that shows pictures of the birds of that name. “One thing is clear to me: Nobody is ever going to be happy with this process, which I’m afraid will remain imperfect forever.”

Inside India’s CAPTCHA-solving economy. One huge aspect of ubiquitous human computing is sending menial computing tasks abroad; the social and economic implications of that, obviously, are potentially enormous. This piece is a good description of the market for CAPTCHA-solving work in India, where the going rate for 1000 captchas is $2.

Google Rests Its Defense of Executives in Italian Privacy Case. Some of you may have been following this case—Google executives in Italy are being prosecuted for allowing a video of students bullying an autistic teenager to remain on Youtube. The video stayed online for two months, but was removed almost immediately when Google employees were alerted to its presence. Google rested its case a few days ago; a verdict is expected in January or February. None of the executives faces jail time, because they don’t have criminal records. But if they’re convicted, it will be interesting to see what Google decides to do with its future Italian operations.

Cellphone Encryption Code Is Divulged. A German engineer claims to have broken the code used to encrypt GSM phone calls, or 80% of the world’s mobile calls. There are steps between breaking the code and actually intercepting and deciphering calls, but this is the big step. He says he’s only “trying to push operators to adopt better security measures for mobile phone calls”—measures which exist, but haven’t been implemented.

—By Elisabeth Oppenheimer

The Google Phone, Unlocked. Google is introducing a branded smartphone running the Android OS. Interestingly, it’s an unlocked phone, although because it’s GSM, it can only run on T-Mobile and AT&T in the US. I wonder if it will be subsidized by the carriers; if not, it could be a first step in helping break the carrier-subsidy model—discussed in this slightly out-of-date paper. Of course, even the iPhone couldn’t make it unsubsidized.

This Dumb Decade: The 87 Lamest Moments in Tech, 2000-2009. Not so much the future of the internet, but the recent past. Many of the recent lame moments have been covered in this blog (Danger Sidekick phones lose users’ data for weeks; Apple rejects Google Voice; Amazon removes 1984 from the Kindle). The old stuff is fun. I didn’t know that Facebook donated $9.5 million to a privacy-education foundation after the Beacon fiasco.

Obama to Name Howard Schmidt as Cybersecurity Coordinator, President Obama appoints Howard Schmidt, who also worked for President Bush, as his cybersecurity coordinator. Good to see that the administration is taking cybersecurity seriously, although they’re really looking at a different problem than the book discusses—threats to military and commercial infrastructure, rather than users’ endpoints and experiences.

Taxi Hack. A website allows users to criticize or praise service from specific taxi drivers, identified by medallion or license number. This has echoes of a future imagined in Chapter 9 of the book—you see a taxi, you punch in the number, and you have the driver’s digital reputation before you step into the cab (or choose not to).  (Hat tip: Emily Brill.)

Piqqem. A website crowd-sources stock picks. Of course, crowd-sourcing is all over the internet, but it seems it would be particularly treacherous if this website were subverted—say, by a company ordering its employees to vote its stock up.

—By Elisabeth Oppenheimer and JZ

In partial response to these concerns, Google created the Google dashboard, a site that tells you which Google apps you use and what data they’ve stored. (From the Google home page, if you’re signed in, you can find it under Settings > Google Account Settings > Dashboard.) It’s kind of fun to browse the list—a trip down cyber-memory lane, as it were. It prompted me to finally delete the “practice blog” I set up for my intro CS class (eight years ago). Most people will probably find a few unexpected nuggets of data lurking in Google’s admin folders.

Frankly, though, I’m not sure it will make privacy advocates feel any better. Here’s why:

1. Just having a list of your accounts, data, and settings doesn’t mean it’s easy to figure out how to change anything. You have to do that within the app’s internal settings. I couldn’t figure out how to delete my Google tasks account entirely, and Robert Cringley of PC World had a similar problem with Orkut.

2. It’s nice to have all this information centralized, but most people will already know 95% of what they find on Google dashboard. People who are really concerned about privacy could have easily collected this data themselves (and probably did). John Paczkowski has more on this here. He notes that Google doesn’t show “cookie data” that is used to serve targeted ads, which an individual user couldn’t collect. However, that data is associated with browsing history, not a Google account, and it’s also clear why Google would be stingy with it. “Cookie data” is conceptually different than account information, and offering it isn’t a logical extension of Dashboard, although there could be legitimate debate about whether users should have access to data collected about their browsing habits.

3. It’s potentially useful for thieves. You have to re-enter your password to access Dashboard, so someone who happens upon your open gmail account won’t have access. But if someone gets access to your password, they’ll have a list of all the other products they should check, along with your mobile phone number, if you’ve set it as a password recovery option.

Overall: I appreciate the move towards giving users control over their data. The impulse—to develop tools that will be used by people other than hard-core privacy advocates—is a great one. This tool could use more functionality, though, particularly in making it easier to delete or manage data right from the Dashboard.

(Edited after posting to reflect more thoughts on points 2 and 3.)

—By Elisabeth Oppenheimer

Apple:

Apple says a staff member tests every submission for technical issues like bugs and unauthorized protocols. More holistically, they look for signs that an app might “degrade the core experience of the iPhone” (as they worried Google Voice might?)—a sort of unquantifiable factor. The FCC also asked Apple for a list of rejected apps and the reasons for the rejections. Apple listed several, none of which I’d ever heard of, which were all bounced for unimpeachable reasons—crashed during loading, displayed sexual content without a 17+ rating, etc.

The approval staff consists of around 40-full time reviewers, two of whom review each app. Given the 8500 new or updated apps Apple claims to receive each week, that means each app gets about 5.5 minutes of attention (40 hours in a week, divided by 8500 apps split between 40 people, divided by two since each is looked at twice). No wonder it’s hard to get everything done perfectly. I just continue to wonder how this system will scale. 40FT employees is nothing to scoff at, but those employees are overwhelmed now and the number of apps is just going to keep increasing.

Google:

Google doesn’t have staff reviewing Android apps when they’re submitted; instead, they perform a “limited automated analysis” to identify technical issues with loading and running the program. Once an application is in the Market, users have the ability to red-flag it. Some unspecified number of flags triggers review by a live person. The app can be taken down if it violates anything in the developer agreement; Google says it’s taken down about 1% of apps posted, mostly for adult content and copyright violations. That number is much higher than I would have thought—I’ve heard almost nothing about apps being removed from the Market.

I’m curious whether Apple’s in-person testing for bugs catches significantly more than Google’s automated screen.

As a bonus, some info on Symbian’s process. Symbian doesn’t get as much attention from the blog world—much of its market is international, and it’s not associated with a high-profile phone like the iPhone—but it’s installed on almost half of the world’s mobile phones and so is a big player. According to a Symbian spokesperson, apps are tested automatically for viruses, then “random samples” are tested by an employee before going live. This came up recently because a Chinese firm developed an SMS worm that infected phones running the Symbian OS. Users were sent a message inviting them to click a link within the text; that downloaded the worm, and sent similar messages to every contact in the user’s phone, racking up fees for all those texts. (It’s not clear to me whether this was totally malicious or if the firm had some way of making money off the scheme. I haven’t seen anything to suggest they had any kind of deal with the carrier.)

The Symbian story points out why it’ll be crucial for Apple and Google to get this process right. People are going to start writing viruses for phones—that happens whenever there’s a market to exploit. The question will be if those companies can keep malware off the phones, and how consumers will respond if they can’t.

—By Elisabeth Oppenheimer

Today’s conventional wisdom in cybersecurity circles is that:

• we’re very much open to attack (defined lots of ways; often people mean: PCs attached to the Internet can be compromised by outsiders and then put to bad uses, turned into spies, or made to self-destruct).  Virtually no one takes cybersecurity as seriously as he or she should, in part because the costs of compromise are not always charged back to the person who should take measures.  (Many people don’t care if their PCs are sending spam in the background, so long as it doesn’t disrupt their Doom game.)
• “perimeter defense,” the basic idea behind firewalls, doesn’t cut it.  If just one bad bit of code gets past the wall dividing a PC or a network from the rest of the world, it’s all over.  (This makes Senator Rockefeller’s soundbite a bit inapt: “You have to keep making higher walls.”)
• for the first time, our defense establishment is genuinely not in a position to be able to “defend the homeland.”  That’s because much of the vulnerable infrastructure — PCs — is entirely in private hands and then connected to the world at large.  There’s no place for a fighter jet or Border Patrol agent to intercede.

Given these articles of faith, one can see how tempting it is — indeed, nicely bold — to propose a government official who can mandate certain security standards across the board.  But there are many potential problems with this approach.

First — could they realistically be made to apply to individuals?  What penalty should obtain if I fail to secure my computer?  Perhaps the thought is that operating system and software vendors could be regulated, the way that cars must have seat belts and air bags — precisely to deal with the problem of irresponsible individual drivers.  But that’s dicey: there are many clearly wrong ways to code operating systems, but that doesn’t mean there are obvious right ways to do it.  Many of the vulnerabilities we face come not from hidden exploits that take advantage of some literal bug in the way, say, Windows works, but from our own acquiscence in running new code.  We click “yes” to “are you sure you want to run this?” because we are impatient, and because so many times during the day we’re typically asked to make a snap decision like that.

Second — any standards process would quickly become the purview of security firms with something to sell.  Tens of millions of dollars or more could rise or fall on whether one’s security suite is made the obvious way to satisfy a particular regulatory requirement.  With no scale to determine how much security is enough — especially when risk aversion will vary so much from one firm or computer owner to the next — we run the risk of overregulation.  Too easily security standards will just amount to vendor selection.

So, what should we do?

Well, one fruitful point of dampening security problems is at the ISP level.  Computers that have fallen prey to an active worm or virus can frequently behave in predictable ways — sending out certain traffic patterns, or having vulnerabilities that can be detected at a distance.  ISPs know this, but are reluctant to tell their own subscriber that they have a problem, much less to quarantine them.  To do so means a customer service event — someone has to coach the user through fixing the machine.  But that incentive can be changed.  If ISPs were asked — well, required — to take more reasonable responsibility for zombie computers located on their networks, they could rise to the occasion.

Another underexplored strategy is to build our systems so that they can recover gracefully from problems.  Wikipedia isn’t designed to prevent all vandalism; instead it has technical tools that make it easy to revert a page to the state it was in before someone came along and vandalized it.  If the Wikipedia entry for Britney Spears is resilient to defacement, shouldn’t our valuable spreadsheets be the same way?  Imagine a history file automatically generated so we could see changes as they have happened and revert to an older version.  Then we need only deal with the problem of viruses that try to tamper with a document’s history — something that can be made very difficult to do.  Similarly, researchers like Butler Lampson have proposed PCs with “red” and “green” zones in them.  Stuff in the red zone can’t affect what’s going on in the green.  Trusted software ready for prime time goes in the green zone; experimental or new stuff goe sin the red.  If there’s a problem in the red zone, it’s at least confined.  None of these approaches is a cure-all, but they can help a lot.

Finally, we can work to build collective solutions, neighborhood watches in cyberspace.  Right now each PC has a metaphorically autistic experience: it surfs from one site to the next with no awareness of what other PCs are doing.  Imagine having a little software on your PC that reports its vital signs to other participating PCs.  Collectively we could generate a map of the health of cyberspace, an early warning system — and a means of answering some very useful questions.  Before running new code, you could say: How many machines in the herd are running it?  How many self-proclaimed experts run it, versus neophytes like me?  Is the code brand new, or has it been around for months or years?  These questions are not beyond the expertise of most PC users, and the answers can help them make much more informed decisions about what code to run.

There’s a lot of work to be done to secure cyberspace — work that goes beyond any one set of regulatory “best practices” that we know won’t be uniformly implemented.