Pascal Van Hecke – Daily Links

Firefox extension that replaces the ads in Gmail with profile information based on the email address of your respondent.
"Where does Rapportive get its data from?
We combine information from several sources; at the moment, these are Rapleaf, Gravatar and Twitter. In the future we will offer integration with many more data sources, both public (e.g. social networking sites) and private (CRM).
We make a clear distinction between:
* Public data, which is information that users have chosen to make public on the internet, and which anyone could find on one of the major search engines. We aggregate public data, take into account corrections and feedback, and show this information to everyone who uses Rapportive.
* Private data, which is privileged information to which only you have access. In order to provide the Rapportive service, we may need to process this data behind the scenes; however, private data will never be shown or disclosed to any other Rapportive user or any third party"

Looks like Google has introduced a Stumbleupon clone…

People search/profile aggregator by Microsoft.
"research prototype for exploring object-level search technologies, which automatically summarizes the Web for entities (such as people, locations and organizations) with a modest web presence"
- "generates summaries of Web entities from billions of public Web pages that contain information about people, locations, and organizations, and allows for exploration of their relationships"
- "known potential problems:
* currently only contains information extracted from 3 billion Web pages, therefore it is possible that some information for people with a substantial Web presence is still missing in our index;
* Some names and relationships could be incorrect, and the information may not be update-to-date;
* Name disambiguation is still largely unsolved
* Some of the summarization features are currently only available for people. We are currently working on these for other entities."

Service that lets you send any document to a printer driver, extracts the mailing address and has the paper version of the document printed, stamped and sent.
Price range per item sent around €1 (Via @kpellegr)

"Search Regex adds a powerful set of search and replace functions to WordPress. These go beyond the standard searching capabilities, and allow you to search and replace almost any data stored on your site. In addition to simple searches you have the full power of PHP's regular expressions at your disposal.

The driving force behind this plugin is to aid in website migration and upgrading. If you've ever done either of these then you know the pain of having to go back through all your data, changing URL paths and fixing things. With this plugin you can reduce this work to a search and replace pattern and the job is finished in seconds.

Why would you want this? The primary reason for the plugin was to aid in relocating directories. It's a real pain to manually go through every post and change image directory names. With this plugin all that was required was a simple search and replace pattern, and the job was finished in a few seconds."

Simple but handy: "The Autolink URI plugin for WordPress automatically converts urls to hyperlinked urls"

Use the RSS version of Tweetbackup.com, and import it into Wordpress (via the RSS importer).
Then use the Twitter Tools plugin http://wordpress.org/extend/plugins/twitter-tools/ to grab consequent tweets.

Simple service to backup your tweets.
Is of course limited to 3200 Tweets by Twitter api limitation.
Other services like BackupMyTweets.com and backupify.com require registration and are more pushy towards their paid versions.
Make sure to choose the RSS download option, as it provides a richer data format.

Like Rapleaf, Flowtown extracts information from social networking sites based on email address (probably via screenscraping).
They let you enrich (customer) databases with social media information – according to this podcast interview http://web20show.com/2010/03/episode-70-flowtown-ethan-bloch/ they were "profitable from day one".

On companies datamining your social media output and social graph for marketing and even credit rating:
“I don’t think there’s anything scary about it,” she said. “Why wouldn’t they look at it? It’s public.”
Point is that lots of people are not aware that it's public… and that they are not even in control of what is public or not…

Apparently, speculation on the use of your social graph to determine your credit rating is no longer just speculation (and Rapleaf, already infamous for collating social networking profiles, is also active in this field):

"If you're [using social media] and your settings are turned to "public," who you're talking to and what you're discussing is available to those wanting to sell their wares — and that includes banks and other credit issuers."

"Rapleaf hunts and gathers social networking transmissions, turning the conversations you have in your network into consumer profiles called social graphs."

"Social graphs allow credit issuers to know if you're connected to a community of great credit customers. Creditors can see if people in your network have accounts with them, and are free to look at how they are handling those accounts. "

Digg-like CakePHP community/knowledgebase site.

2007 comparison of CodeIgniter and CakePHP.
Apart from documentation, CakePHP seems to come out best.

(Prank) Service exploiting the browserhistory privacy flaw.
Send a shortlink to a friend and wait for the "naughty sites" to show up he or she visits (their browser history is being checked against a precompiled list of popular porn/sex dating sites).

Targeting service exploiting the browserhistory privacy flaw.
Embed the javascript in your website that checks your visitor's browser history against a list you defined. Typically a list of competitors, so you could offer discounts to people who have been visiting several competitor websites.
(BTW browsers should make it impossible to send back browser history info to the server but it is technically hard to implement this…)

"The [browser history] loophole basically lets you see where else your visitors have been on the Internet. Well, it’s now out in the open, in two forms: Beencounter, and Haveyourfriendsbeenthere.

To be perfectly clear, the site won’t show you everything your visitors surf–just whether or not they’ve been to a set of sites you define."

The story (on the data Dubai police released about the assassin team that killed a Hamas official) is interesting because it demonstrates the impact of CCTV and biometric passports.

"the company ClearSight Interactive is getting ready to launch a form of targeting based on users' IP addresses. ClearSight, which describes IP addresses as the bridge between users' offline and online data, has spent the last 18 months acquiring more than 100 million IP addresses — along with email addresses and postal addresses — from publishers"

Bruce Schneier tackling camera surveillance in an oped on CNN.com

"Pervasive security cameras don't substantially reduce crime. This fact has been demonstrated repeatedly: in San Francisco, California, public housing; in a New York apartment complex; in Philadelphia, Pennsylvania; in Washington; in study after study in both the U.S. and the U.K. Nor are they instrumental in solving many crimes after the fact."

Bruce Schneier tackling camera surveillance in an oped on CNN.com

"Pervasive security cameras don't substantially reduce crime. This fact has been demonstrated repeatedly: in San Francisco, California, public housing; in a New York apartment complex; in Philadelphia, Pennsylvania; in Washington; in study after study in both the U.S. and the U.K. Nor are they instrumental in solving many crimes after the fact."

"The developers behind the OAuth protocol have developed a new variant called OAuth WRAP that is simpler and easier to implement. It's a stop-gap solution that will enable broader OAuth adoption while OAuth 2.0, the next generation of the specification, is devised by a working group that is collaborating through the Internet Engineering Task Force (IETF)."

Quick intro to Oauth + differences with Oauth WRAP (OAuth Web Resource Authorization Protocol):
- simplified variant
- communication takes place of SSL (mandatory!)
- tokens in OAuth WRAP are short lived and can represent claims issued by an authorization server

Twitter still shows the username/password antipattern, yet they deserve praise for asking to make you findable via emailaddress (they are probably aware that lots of users use the service in a pseudonymously!):
"In order to be discovered by contacts, users must opt-in to the service, meaning they must explicitly choose to make their Twitter username findable via their contact information (otherwise we anonymize the username, as shown above.) "

"reveals cross-connections between conversations on Twitter [...] earch for usernames or topics, which are tracked through time and visualized much like the way a particle collider draws pictures of subatomic matter"
Nice visualisation, not useful at all however

"Er bestaat onder consumenten en bedrijfsleven een behoefte aan een hoogwaardige B2C identity oplossing met een laag trustniveau. OpenID.nl+ is een initiatief van ECP-EPN waarin potentiële Identity Providers (IdP’s) en Relying Parties (RP’s) samenwerken om dit in Nederland van de grond te krijgen"
Grote IdP's en RP's gaan in Nederland samenwerken om "kwaliteitsgaranties" af te spreken over de data die via Attribute Exchange wordt uitgewisseld:
"- gegevens die de consument vanaf een andere website kan importeren vaak op echtheid gecheckt en krijgt de website dus bijvoorbeeld het correcte mobiele nummer of juiste adresgegevens binnen
- Ook voor de bedrijven die meedoen aan OpenID+ is vertrouwen belangrijk: een webwinkel die meedoet aan het OpenID+ netwerk zal geen rare dingen doen met de gegevens die het krijgt van de bijvoorbeeld hyves, anders volgen er sancties. Daarom is de Hyves dan ook bereid de webwinkel hoogwaardige informatie te leveren."

Some thoughts of Andy Oram on the concept of VRM:

- Success requires making both sides happy: VRM advocates have to offer juicy carrots to both customers and vendors.
- It really is all about the data: Many customers are already sitting ducks for phishing and other social engineering attacks. VRM that moves too fast and gets too far ahead of the users can lead them to make decisions they'll regret later.
- Where to start VRM: there are no real VRM systems yet, although a few progressive web sites demonstrate bits and pieces of that approach

On Paul Ohm's work on de-anonymisation:

"Here is Ohm's nightmare scenario: "For almost every person on earth, there is at least one fact about them stored in a computer database that an adversary could use to blackmail, discriminate against, harass, or steal the identity of him or her. I mean more than mere embarrassment or inconvenience; I mean legally cognizable harm. Perhaps it is a fact about past conduct, health, or family shame. For almost every one of us, then, we can assume a hypothetical 'database of ruin,' the one containing this fact but until now splintered across dozens of databases on computers around the world, and thus disconnected from our identity. Reidentification has formed the database of ruin and given access to it to our worst enemies.""

Andy Oram trying to discuss all aspects of online/digital identity in a series of 8 articles published in december 2009
# Introduction
# Your identity in real life: what people know
# Your identity online: getting down to basics
# Your identity to advertisers: it's not all about you
# What you say about yourself, or selves
# Forged identities and non-identities
# Group identities and social network identities
# Conclusion: identity narratives