nonsmokingarea.com

people search sure is a controversial topic…while some might find a search engine capable of automatically syndicating all available information on a person creepy, to say the least, others welcome the concept, arguing, that all this information has been online & and for the most part indexed anyway. I belong to the latter, so on the occasion of 123 people’s recent public launch, I took the chance and compared it to Spock, another people search service around since mid-2007. subject of matter - the good old vanity search…

(more…)

everyone even slightly interested in MMOG SecondLife, probably already heard yesterdays bad news: an official security announcement on Linden Labs (creators of SL) reported a hack of SL’s database earlier this week. Linden Labs admits that user-data (account-names, reallife-names and contact-information) was compromised, which is why all residents are required to re-new their passwords in order to reactive their currently inactive accounts. LL claims that creditcard- and payment-information has not been disclosed, as these are stored seperately. clearly, this is a major bummer. as TechCrunch notes, SL-chatlogs and behavioral data (and yes, that includes tons of sexual actions performed!) publicly available in large scale, would even make AOL’s recent privacy-waterloo look like peanuts.

LindenLabs will not only have to tighten their security (please!), but also have to deal with an accusation silently vocalized by some commenters: apparently there was a span of 2 days between the actual hack and LL’s official announcement. this stinks like a company at least considering to sweep something under the rug, therefor demanding further clarification. given Philip Rosedales (CEO of LL) openness towards the community in the past, I’m confident that he’ll handle the situation with all the care appropriate. if anything, this issue re-emphasizes the importance of an open(source), standards-based and decentralized virtual world. just imagine the WWW was built on top of a single centralized user-databases storing all your online activity… sounds weird, right? so than why do it in Web-3D…

update: there’s a - rather pissed - post at Second Life Herald, which I’ld like to recommend reading. other sources suggest, that encrypted creditcard-info might have leaked as well

freenigma is a firefox-extension adding GPG-encryption to GMail, Yahoo! Mail and Hotmail. users familiar with cryptography can easily introduce less paranoid cautious friends to the service by using the invitation-feature. freenigma is currently rolling out beta-accounts.

Scott Schiller built this prove-of-concept, using javascript to sniff on visitors browser-histories. using the CSS pseudo-class visited:, any script can determine if a user has visited a particular URL before. this issue of course is many years old, but Schiller uses it in a fun way: by checking your browser-history for various web2.0′ish websites, his script computes your personal web2.0-awareness (mine was only 56% )

SLStats is another interesting example of connecting Second Life to external web-services. SLStats requires users to wear a virtual watch (get it at the SLBuzz Store), which is scripted to send statistical data like current location, online-time and nearby inhabitants to SLStats’ database. all recorded profiles are available to the public, which seems to be ok since SLStats is clearly an opt-in service. however, privacy-concerns are justified, as the SLStats-watch also records the presence of other users, who won’t necessarily agree with such data-mining. besides these issues, SLStats is a great demonstration of what SL’s current interfaces are capable of.

seems like AOL’s recently shattered public image (see this recently leaked recording of a disastrous support-phonecall, or this story about a woman unable to cancel the AOL-connection of her dead father) just got another big crack today: in a blatant attempt to gain momentum among web-related research and science, AOL admittedly released search-profiles of 500.000 random customers on an AOL-website hosted at research.aol.com. the site has been turned off by now, but there are still mirrors hosting the 440mbyte download. officially, AOL is playing down the incidence, stressing the fact that the search-logs have been anonymized prior release. however, as Michael Arrington points out, even anonymized logs can easily be used to identify persons.

Jason Calacanis (AOL executive in charge of Weblogs & netscape.com) suggests not to keep any search-data at all. a noble idea, but since personalized search and targeted ad’s already are or soon will be based on user-search-profiles, I’m afraid that won’t happen anytime soon.

update: AOL’s official press-statement on the issue

update:  aolsearchdatabase.com offers a comfortable search-interface to the published logs. meanwhile, mirrors still seem to be online.