Tag: MySpace

Phishers need teen gossip

Phishers were headed the smart route, attacking financial institution customers. I guess they’ve either been unsuccessful or just gotten board. Now, they are chasing teen gossip by phishing on MySpace.

Boy I am glad I’m not there.

Teen profiles cracked at MySpace

No sooner did MySpace start providing security measures to protect underage profiles, someone broke the privacy protection.

Actually, it was broken for a while, but nobody was talking. This leads me to believe it wasn’t much of a breach, or someone would have whispered about it, and the blogs would have roared (long before someone “dugg” it). According to MySpace officials, the problem has since been fixed.

MySpace audience must be broke

Why? Hacking has become big business, yet malcreants don’t seem interested in the site.

I wonder if advertisers will get the same idea.

What MySpace fixes, politics breaks

The US House of Representatives has passed a bill requiring federally funded schools to block MySpace and other interactive sites from students.

MySpace is running around fixing problems with their system, some of which are user related anyway, and politics trumps the efforts with an overly broad bill that could turn half the internet into a stale, single-sided show for kids. No surprise – these are the same types of people that assure us the internet is “not a truck”, that Microsoft should produce WindowsGameLite (sans solitaire), and think we all run around with our IP addresses stamped on our foreheads.

I’m going to go out on a very fragile limb here and bet that when it comes down to enforcement time (which will be a “virtually” impossible task), they’ll be pointing fingers at someone else for their ineptitude. I can’t imagine who will be paying for it (hmm), but I can imagine that kids won’t be much safer.

***UPDATE***

Slashdotters had a lot to say on this subject. I find particularly interesting the part about how all this may distinctly affect the homeless and/or other poor people. Sounds on target, although I highly doubt it was intentional (even though someone will say it was sooner or later).

Virtual porn pad tries knocking off MySpace

Everyone is jumping on the social bandwagon, and the latest and purportedly greatest (with dreams of a million members in six months) is Utherverse. Of course, it is touted as a place to “live your fantasy,” but looks a lot like an amatuer pornography site. No surprise there, as its mothership is something called the Red Light Center, a virtual playroom where you can change your underwear without anyone bothering you. Huh. Additionally, you have to download software to create all this fun – I doubt there is anything spyware laden in it.

In the grand scheme of having no clue, the site is using T&C acceptance and credit card numbers to verify ages. I wasn’t kidding when I said that wouldn’t work. But why would Utherverse care anyway?

***UPDATE***

On a lighter note regarding MySpace, spyware company Zango (whose nasty spyware has been showing up on the site), is still doing its song and dance.
***UPDATE 2***

Zango’s tune? You’re a liar… (compliments of Sunnyboys).

MySpace sees increasing external threats

A late breaking worm running around MySpace touting 9/11 conspiracies has been stopped. While I think it is awfully timely that we are hearing about bugs pushing politically charged topics at naive internet users, that is besides the point. What we are seeing is a shift from the inherent dangers of using the service, which really don’t exist unless you are voluntarily posting your name, address, social security number, and mother’s maiden name on the site (i.e. being really stupid), to the danger of getting some type of virus or malware from your visits.

Along with the worm, MySpace was getting hit by widespread adware exploits (that only work on Windows boxes, of course) over the last few weeks. Makes perfect sense with the advertising model. But what’s next – who knows?

My guess: when MySpace realizes the ad model isn’t getting them anywhere, they’ll start charging for products and/or the service itself. Then their databases will start getting pilfered. Of course, all the MySpace users may already be doing duty in the military or shopping at Walmart by then. Then they’ll be really safe.

***UPDATE***

According to TechCrunch, MySpace is trying to plug the holes, but may be doing more harm than good (to themselves), and still leaving users vulnerable as well.

I spy a new MySpace profile

I haven’t heard if anyone figured out whether social networking sites like MySpace were using spyware to supplement their growth. No matter – outsiders are, though embedded videos in fake profiles.

I wonder how many of MySpace’s profiles are being used for this kind of stuff – I suspect quite a few. Nevertheless, those astrophysics Ph.D. pursuing cover girls are probably getting the best of a few suckers right about now.

***UPDATE***

TechCrunch thinks MySpace might be extended guilt by association.

MyReturn to MySpace

After doing a quick run-though of MySpace, and concluding there isn’t really much there to worry about, I thought I would return, hoping to learn from the master (Tom) how to become the most popular guy on the planet (with 90 million friends, there is no doubt as to that claim).

Low and behold, after just a few days on the second most highly traffic-ed website on the planet, I am getting messages from lovely women requesting friendship. What a shocker – they want a half-baked entrepreneur in their lives (even though I haven’t disclosed that fact in my profile yet). These women belong on the covers of magazines, and I’ve noted that there are plenty of gentlemen suckers egging them on. They have tons of friends as well (as all prime-time cosmetics models with hopes of pursuing Ph.Ds in astrophysics should have). Interestingly, profiles that should have absolutely no problem getting picked up every time they walk out the door are using…..tada…..online dating services! Can you imagine that? Well, they must be hard up for cash despite their good looks and outstanding resumes, because they are getting affiliate referral credit for the links to all the pictures they are supposedly posting (about their wild nights on the town, of course).

Still, nothing particularly dangerous. Just some harmless fun, and a little surreptitious marketing.

Stay tuned.

***UPDATE***

Of course, these knockouts knocking on my door could be outsiders’ way of capitalizing on the MySpace frenzy, although if they were I’d say it isn’t a very effective means of doing so (hitting up obscure, new members). If outsiders have gained a access foothold into the broader member base, then Fox Interactive has a real problem.

***UPDATE 2***

MySpace just topped the charts, according to Hitwise. Of course, there are plenty of questions as to what being number one according to Hitwise really means, along with what all those attractive women wanting to party with you really mean too. Slashdot has a nice roundup on the matter.

PS: Yes, I’ve been back, and all those models are courting me too. That’s what makes me most suspicious.

***UPDATE 3***

A teacher calls it a long, unsupervised locker room break. Nice.

The MySpace Hysteria

My view on the MySpace hysteria, including a quick rundown of simple tweaks that could stop the madness, can be found over at Thought Market.

Taming the MySpace monster

myspace.gifAs if everyone doesn’t know already, MySpace is being sued for failing to protect one of its users. I am not going to delve into the details of the case – plenty of speculation already abounds – but I will say I agree that failure to properly supervise a child can be a precursor to problems in almost any environment. I was covertly supervised catching fish off “borrowed” john boats, jumping my BMX bike too short over the neighbors’ flowerbeds, and crashing my go cart into the tires of parked cars on the street – I didn’t understand it, but there was generally some adult around being held accountable. In the internet age, that no longer seems the case.

Some colleagues and I recently launched Tot Jot, geared towards parents of small children, and we presumed a high level of privacy was a foregone conclusion. We leveraged what meager contribution I could make on the matter from my workings over at Spamroll, but I still thought it would still be a good idea to see how the other side works. So I took the plunge and joined MySpace – the goal being to analyze, from a beginner user’s perspective, what makes MySpace so potentially dangerous.

Now, for what I found….

Uh, not much

Hate to disappoint you, but I don’t have any real blatant issues with the way the site is run. No, I didn’t try hammering a style sheet with a cross-site scripting exploit, and no, I didn’t try passing a home-cooked virus to someone via messaging. Those are potential problems that Fox Interactive should take care of on their own. Furthermore, I didn’t try to harrass some underage participant under the guise of being an underage participant – that is an issue for users (and in the case of the underage, for their parents). Considering the sheer number of users on MySpace, the relatively frequency of trouble is probably no more significant than what occurs in the real world – you just hear less about the latter because the citizenry is immune to it – they don’t want to admit the problem is more likely to happen in their own home. You hear about it via MySpace because the mainstream media needs all the attention it can get. Scott Granneman of Security Focus aptly focuses on the mass hysteria begin created by the media – I concur with him wholeheartedly.

As for solutions…

Passing a COPPA agreement to users is not going to stop this type of issue, as users will just lie. Requiring a credit card to join (a favorite web age verification system nowadays), won’t stop it either. Unless MySpace charges, kids are going to grab that wallet after the parents go to bed, enter that card number, and the parents won’t ever know. For goodness sakes, the lawsuit screams of lying about ages anyway – none of these checks are going to bring any additional security to the table. Bruce Schneier noted that MySpace is beefing up its security by allowing restriction of full profile information, but more as a measure to cover its butt in the case of additional lawsuits. That (a lawsuit) is all the previously mentioned measures are going to mitigate, but the change in profile functionality is a different matter altogether.

I say it is a good move to allow users to restrict access to their profiles. And MySpace could go one step further by tightening down the friends and friends of friends functionality too. At Tot Jot, we purposefully restricted user profiles on their behalf, to prevent the inadvertent disclosure of profile information. In fact, we kept profile information to a minimum, and further restricted friends access by creating a one step friends list – you can see who someone’s friends are, but not friends of friends. We made it relatively mistake proof, because we felt our potential userbase was less inclined to understand additional, optional complexity. MySpace, however, is made up of a lot of moderately tech saavy, style-sheet loving, spare-time-on-their-hands types, and they could easily allow the option of restricting profiles, friends list access, etc. Unfortunately, that probably won’t happen, as it would clearly stem MySpace’s growth. And if they are already doing it somehow, they certainly aren’t pubicizing it very well.

Dear Parent

If I was a parent of a child on MySpace, I’d be a lot more worried about the government archiving my kid’s records for eternity. Bureaucrats possess less than grand wisdom when it comes to matters like technology (to the point of sounding just plain stupid) – next thing you know, your child will be blacklisted from public educational institutions because he posted his or her thoughts on government waste on a MySpace page. I say give the kid a scholarship – he or she could be a future President. Meanwhile, parents should learn to ignore the hysteria, as well as spend a little more time supervising their children’s online activities.

End Note

I once asked how all this growth could be happening at MySpace, questioning whether spyware might be involved. Now, I don’t think that is the case. What I did find is that by putting together an almost non-existent profile on MySpace (I mean devoid of virtually any information besides the required birthday), I seemed to have attracted a lot of interest. Yes, I’ve made a lot of friends on MySpace, although those friends seem to be a lot like me – not very real. Initial friends in my “extended network” (whatever that means), as well as subsequent requests to allow others to “be my friend” (which turned out to be relatively thin in profile, but with lots of friends of their own), lends me to believe there is some gaming going on.

Or maybe that is the real allure of MySpace – making unreal amounts of unreal friends, without really trying. Regardless, the title of this post could easily have been Taming the MySpace Media Frenzy.

***UPDATE***

And yes, for those who were wondering who my first friend was, his name was Tom.

***UPDATE 2***

Seems the MySpace/spyware issue (mentioned in comments) is a spyware company action afterall, and in violation of the MySpace TOSs to boot. The reaction from Zango, when outed, was to dance around the issue (i.e. blame everyone else). I say the Zango executives should quit their day jobs and run for office.