Pascal Van Hecke – Daily Links

LMS for the Long Tail to start your own e-learning business.

Arstechnica article explaining, putting into perspective and to some extent debunking the research paper at

http://www2.research.att.com/~bala/papers/wosn09.pdf

on leaking PII to advertisers and aggregators (e.g. analytics).

"Short Ruby on Rails screencasts containing tips, tricks and tutorials. Great for both novice and experienced programmers. "

"When you search on https://www.google.com, an encrypted connection is created between your browser and Google. This secured channel helps protect your search terms and your search results pages from being intercepted by a third party on your network."

This is probably a token security move to soothe the privacy-aware (considering their keywords to be private communication) and I don't think this will be rolled out to the big public. The practical result would be that analytics tools would no longer be able to infer the keywords sought, because the http-referer string is no longer passed to the visited website – this would take away the bread and butter from the online advertising industry that Google created and lives on.

"project that aims to analyse website statistics to answer questions on all areas of analytics such as bounce rate, vistor demographics and more. All with the idea of providing an easily used bench mark for developers to compare with and measure their own sites by. This will be done by allowing people to anonymously share their analytics through the site. The beta version of StatShare will (hopefully) launch with API support for Google Analytics and Clicky Analytics to make this a little bit easier"

Infographic that has been cited several times in the Facebook privacy discussion.
However, the argument that the privacy settings are too complex, is a red herring.

Given the richness of Facebook's functionality, it's normal there are that many privacy settings. Indeed, we want users to have granular/detailed control about what they reveal and not. Compared to other sites, FB privacy controls excel in usability.

The privacy issue with Facebook is not the complexity of the privacy settings, but the choice of default settings, the fact that Facebook changes those defaults and pushes, even misleads people into opening up their profile and in some cases unilaterally decided that part of your profile was publicly available from that time on.

Morten Just, Vodafone product manager, made some templates with a collection of UI widgets to do wireframing in Google Docs (Google Draw)

"open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of back-end database servers. It comes with a broad range of features lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections."

Used in this sql injection demo (Dutch): http://webwereld.nl/nieuws/66012/ov-site-lekt-persoonlijke-data-168-000-reizigers.html

Bookmarklet-based Facebook Privacy scanner. Just javascript performing checks in your browser and offering the option to repair your settings.
Not sure whether Facebook will not attempt to block it.

Just bookmarked this for historical reference… The Facebook applications privacy discussion is already going on for years, and started shortly after the release of the application platform in May 2007…

Facebook Privacy Check application showing the data you expose to Facebook application and sites using Facebook Connect. Comparable to the ACLU privacy quiz (What do quizes know about you?).
Whereas http://zesty.ca/facebook shows the info that doesn't require login, this is an actual Facebook app you need to install/connect to. You need to trust the developer, and might want to remove it afterwards from http://www.facebook.com/editapps.php?v=allowed

"Openbook draws attention to the information Facebook makes public about its users via its search API. Facebook exposed this service on April 21st, 2010.
Our goal is to get Facebook to restore the privacy of this information, so that this website and others like it no longer work"

By a.o. Will Moffat, http://blog.hamstersoup.com/2010/05/14/facebooksearch-the-lack-of-privacy-on-facebook/ (who presented a few times at Barcamp Brussels on Freebase, javascript and Mozilla extensions)

Overview of Facebook jargon, that has changed considerably at the F8 developer conference april 2010:
BTW unlike the posts states, I am not aware of any differences between Facebook functionality between the US and the EU…
- Public information
- Visibility
- Pages
- Connections
- Social plugins
- OpenGraph
- Instant Personalization

Splendid visualisation by an IBM employee of Facebook's privacy settings over time.
Based on this Facebook privacy settings timeline by EFF: http://www.eff.org/deeplinks/2010/04/facebook-timeline

Most of the anti-Facebook ranting is based on false information, misunderstandings. Unfortunately this takes attention away from the the Facebook privacy issues that really matter (changing default settings, taking privacy options away that people used to have, Facebook applications…).

Elliott Schrage does a good job here in tackling most of the unfunded criticism in this posting, and i bet in a few months time things will have eased down for them.

The only criticism one could have on his answers here is this responsibility-deferring phrase:
"Everything is opt-in on Facebook. Participating in the service is a choice. We want people to continue to choose Facebook every day. Adding information — uploading photos or posting status updates or “like” a Page — are also all opt-in. Please don’t share if you’re not comfortable."

The only way to show Calendaring info in WordPress.com is to transform the xml output of Google Calendar to some form of RSS so that it can be displayed using the RSS widget…
Instead of Feed43 you could use Yahoo Pipes as well…

Brilliant…

"Zuck: Yeah so if you ever need info about anyone at Harvard
Zuck: Just ask.
Zuck: I have over 4,000 emails, pictures, addresses, SNS
[Redacted Friend's Name]: What? How'd you manage that one?
Zuck: People just submitted it.
Zuck: I don't know why.
Zuck: They "trust me"
Zuck: Dumb fucks."

A minimalist how-to include an FB Like button in a WordPress install. By Denis Balencourt.

"Facebook connect est amené à disparaître, le nom pas les fonctionnalités qui seront reprises par Open Graph.

Des plugins permettant une intégration en deux clics seront sûrement dispo sous peu, mais si vous ne voulez pas attendre et intégrer le "Like" sur votre blog WordPress je vous propose de suivre la procédure que j'ai appliquée pour y arriver."

Bijzonder goed gestoffeerd en beargumenteerd artikel over de mobilisatiekracht van online acties en facebookgroepen in het bijzonder.

'De impact van een betoging is recht evenredig met de graad van inspanning van de betogers. Dertienduizend muisklikken stellen dus weinig voor, vijftig hongerstakers wel. Mochten 100.000 mensen de straat zijn opgetrokken voor de splitsing van BHV, dan stond dat dossier al veel verder. Betogingen maken machthebbers nog altijd nerveus. Ze zijn zichtbaar, worden gefilmd, in het buitenland getoond: hun autoriteit wordt er door aangetast.'