Consequences

Read-Only Facebook Coming to Your Company? —

Shared by Jesse Stay
Security teams that implement this are failing to understand "Employee 2.0". The idea being that employees in today's word take their work home with them and it is a 24 hour a day, 7 day a week job for many of them. Same thing for home. Just as employees are encouraged to take their work home with them, they should be just as encouraged to bring their home to work without consequences. If the job gets done, and the employee does excellent work, does it really matter?

IT managers using Palo Alto Networks firewalls are now able to switch Facebook into a "read-only" mode, thanks to an update released today. There is no relationship between Palo Alto Networks and Facebook - the changes are all within the customer's network. Previously, managers using Palo Alto Networks firewalls have had the option to block all Facebook apps (but not individual apps) as well as Facebook's e-mail and chat features. The update adds the ability to disable posting, making Facebook effectively read-only.

Sponsor

Palo Alto Networks firewalls enable granular control over 1,000 applications cataloged in the company's Applipedia - regardless of port, protocol, or evasive strategy (so the company says). The firewalls connect to Active Directory or other LDAP based directory to assign permissions by group or by individual user. All of the application detection and user permissions take place on dedicated firewall devices to avoid bogging down servers with analytical duties.

Turning read-write applications into read-only applications may seem antithetical to the read/write philosophy, but we think solutions like this will help enterprises adopt social media and break out of a binary world where they can either offer full access to Facebook or other web applications or no access at all.

Brave New Enterprise

Managers could, for instance, grant full Facebook access to its social media team, partial access to a customer service team, and read-only access to its competitive research team. Access can also be assigned by time of day, so permissions could be relaxed during lunch or after business hours.

Social media is being put to use in many enterprises; Ford, for example, is spending 25% of its marketing budget on social media. Social media reputation tracking is a hot topic in marketing, too. Yet, according to a Robert Half Technology report published in October, 54% of CIOs surveyed say they block social media websites completely.

Chris King, director of product marketing at Palo Alto Networks, says "IT departments are stuck in an old world. In the old world, if an application has a business use, then it's safe and you allow it. If it doesn't have a business use, then it's a threat and you block it. That black and white world is gone. Facebook has business uses, but it also poses threats."

King hopes that Palo Alto Networks can bring IT departments into a new world, where the benefits of Facebook can be embraced and the threats mitigated. The company says its product can help prevent data leaks, improve worker productivity, and reduce the threat of malware spread through social networks like Facebook.

King also suggests allowing some use of Facebook in the workplace could improve morale. One idea he mentions, though he's quick to point out the product isn't currently being used by the military, is limiting soldiers read-only access to social media sites in the weeks before a deployment. This would keep sensitive information from being leaked, but allow soldiers to view pictures and status updates from home.

Plugging the Proxy Holes

Another problem the company hopes to solve is the use of proxies to bypass firewalls and browsing restrictions. An increasing number of users are routing their Web traffic through public proxies or proxies on their home computers. King says, referring to the Robert Half report, that although 54% of enterprises are trying to ban Facebook, 94% of the companies whose network traffic Palo Alto Networks analyzed had employees actively using Facebook. We wrote about the company's research in this area last year.

Palo Alto Networks firewalls use their own AppID technology to identify applications based on an analysis of a number of parameters including application protocol detection and decryption, application protocol decoding, application signatures, and heuristics. This enables the firewalls to block applications regardless of what port the application is using. The firewalls can also identify many individual proxies, such as Ultrasurf and TOR.

The End of Whack-a-Mole?

All of this control sounds great for companies. However, if the technology works the way its supposed to, couldn't it also be used by governments, such as China and Australia, which restrict access to the web? Could it also be used by ISPs to restrict their customers activities? If evasive technologies can't stay one step ahead of control technologies it's good news for enterprises, but bad news for freedom of speech.

Still, it's hard to believe that any company or country can win the game of whack-a-mole that's afoot. Short of creating a whitelist of sites that employees (or citizens) can visit, there will always be holes in the firewall. But Palo Alto Networks' technology offering is far more interesting than that tedious game, and its success isn't riding on it. They just need to offer a better way for enterprises to manage the dizzying array of Internet applications and bring useful tools into the work place. And they seem to be succeeding thus far.

Discuss

Drunken monkeys reveal how binge-drinking harms the adolescent brain — Most of us will be all too familiar with the consequences of night of ...

When German authorities wanted to check the Wifi data Google collected with their Street View cars, Google say they reexamined that data and the collecting software... and found out that they were actually not just collecting Wifi network names and addresses, but also “information sent over the network”. Google says this happened by mistake; a piece of code written four years ago allegedly made it into the live software three years ago, without intent by the project leaders. Google now wants to delete this data as soon as possible, they say, and they furthermore say they “decided that it’s best to stop our Street View cars collecting WiFi network data entirely”.

This case illustrates some issues at hand. For one thing, it shows how software of a single engineer at Google can have quite far reaching privacy consequences. Google likes to build things that are scalable and which will have enormous impact; an erronous piece of code in such a system may have similarly big impact. Furthermore, the case shows that sometimes it needs authorities pressuring Google to actually make Google reexamine their approaches. Last not least, from what we can see, Google tries to make the case really transparent and public once it found out about their error. Looking at the blog post, I could imagine that Google upon finding out really wanted to make sure that their was no hiding of this, and this may be the important line between corrupt (intentionally bad) or merely flawed (unintentially bad) handling of data.

Google adds, “This incident highlights just how publicly accessible open, non-password-protected WiFi networks are today.”

[Thanks Juha-Matti!]

[By Philipp Lenssen | Origin: Google Say They Were Collecting More Wifi Dat ... | Comments]

[Advertisement] Want to make money with your website? AllPosters.com Affiliates Program

We just looked at the survey results from a CA sponsored report about IT's views on cloud computing and security.

Is it us or does IT seem a bit threatened by the overwhelming interest in cloud computing?

Or is IT prudent in their views that the trends to put everything in the cloud is security nightmare waiting to happen?

Sponsor

The CA survey results were tallied from more than 600 IT professionals in the U.S. and more than 200 in Europe. The gist of the report states that end users are using cloud computing services without the okay from IT. End users are using cloud computing services with not enough attention paid to security and privacy. In essence, end users are running rogue and the consequences are dire.

End users are taking advantage of cloud computing services because they work. It's the business groups that in many respects are spurring innovation. These groups take advantage of web oriented services as the alternative can often be an endless slog through a maze of IT.

Plus, many of the services are affordable. Business groups can expense the cost without needing to go through an IT budget cycle.

The report demonstrates IT's own insecurities about cloud computing. It reflects the general distrust that IT harbors for the people who are making their own choices about what services to use.

It seems the argument is more about consumer IT than anything else. IT considers it a security risk. But the concern also points to the uncertain climate that is enveloping the IT establishment.

SaaS services do not require the level of integration that on-premise systems do. Security can be dialed up or down, depending on the organization using the service. The result is a changing role for IT. Security is increasingly the responsibility of the SaaS company. In truth there is tremendous opportunity out of this.

The smart ones will learn the skills that come with managing public cloud infrastructures and SaaS services. For instance, the operations costs will be substantial for companies deploying cloud environments.

This is where IT should focus its effort. IT is needed to provide efficiencies and secure systems that enable the adoption of cloud computing so a trusted environment can blossom.

The issues about cloud security v. on-premise security are relative concerns. But it's nuts to argue that end users are irresponsible with cloud services and may be revealing company trade secrets or health information. We are sure it happens but similar types of breaches have a long history in the on-premise, IT world.

What's really at risk is IT as we know it. The IT department is in danger of becoming irrelevant. And this trend will continue if the issue is always about the dangers of the cloud.

Instead, the focus should be on learning and trust. Cloud computing points to an era of sophisticated IT networks, managed by smart, open people. If such an intelligent environment is not fostered then IT only has itself to blame if it becomes marginalized and relegated to a back room role.

Discuss

Something I think gets lost in the debate over DRM: Big Content doesn't want DRM because they want to usher in an era of totalitarian control technologies; they don't want copyright filters because they want to make the censor's job easier; they don't want increased intermediary liability because they want to extinguish easy personal expression and collective action.

They want these things because they want to make more money.

But they are indifferent to the point of depravity to the totalitarian, censorious and restrictive consequences of DRM, filters and liability.

They aren't moustache-twirling supervillains. They're greedy, blinkered provincials and hypercompetitive macho bullies who are unwilling to look past the short-term benefits to the consequences. They think only of how things will work, not how they'll fail.

When we (we -- I do this too, all the time) focus on the consequences to culture and creativity, we allow this debate to be defined in terms of who gets to remix what, or whether you'll have to start paying for the ongoing use of your cultural goods. These are important issues.

But they're a distant second to a rearchitecting of our law and technology to create the preconditions for repression, corruption and suppression of dissent.

That's the real fight: are we shaping a world where our children will be able to come together effortlessly to improve their lots and the lots of their neighbors; where they'll be able to fight corruption and hold their leaders to account; where they'll be able to participate and help others to participate?

Or will we allow a small gang of selfish and short-sighted entertainment companies to fatally compromise the infrastructure of the 21st century to add a few points to its bottom line?

How To Avoid Linking Your Facebook Profile To Pages And KEEP Your Profile Information —

I ran into a problem with Facebook  left a nasty taste in mouth: Facebook forcing users to linking their profiles to pages. What’s the big deal? Facebook’s privacy concerns is the big deal. What’s at stake is reputation, trust, and private networks that people are building for themselves. Elements that others don’t want available to the public much less to brand pages. So how do you avoid it?

    

The Consequences of Not Linking

Facebook gives you a one-time pass on initially linking to Pages, but if you still wish to pass Facebook forcse you to do so in the future by threatening to remove the following information from your profile:

• Work and Education
• Current City
• Hometown
• Likes and Interests

It’s rather interesting that Facebook doesn’t block the interactions necessary for you to continue using the site. If this information is removed, you can still keep chatting and posting away. What’s taken away is the discovery mechanisms built into Facebook. It can become a lot harder for people to find you. On one hand, this might prove to be a boost in the usage of vanity URLS (custom links for your facebook profile). On the other, it’s a catch-22 for us.

      

Exit Facebook

When you see the following:

 

exit the page immediately (tip: CTRL+W will exit a tab in Firefox and Google Chrome)! In doing so, when you return to your profile all of your information will still be in tact. That’s not to say you won’t see this pop-up again in the future. Facebook may continue to explore new ways to force you to link to Pages, so keep an eye out for any changes.

I’d love to hear how do you really feel about the actions Facebook is taking:

• Have you thought about deleting your Facebook profile thanks to these new changes?
• How do you feel about the latest changes?

IT Crowd (UK) Coming Back For Season 4 — sammyF70 writes "Every geek's favourite non-sci-fi show (the original UK one, not the abysmally bad German and US remakes) is coming back for a fourth season! According to the IMDB's message board, it should be on the air 'Juneish.' While you wait, you can check out what kind of vintage hardware will be on the show this time, and remember: if you illegally download movies, you will face the consequences!"

Read more of this story at Slashdot.

21st Century Insurance Hands Media Account to Mindshare — NEW YORK (AdAge.com) -- Auto insurer 21st Century Insurance and Financial Services has shifted its estimated $50 million U.S. media planning and buying account to WPP's Mindshare without a review. The account was previously run by Omnicom Group's Omnicom Media Group.

Well connected Apple blogger John Gruber claims that the iPhone 4G was not “lost” or found in a bar but rather stolen.

He also claims that Gizmodo, who purchased the device a week ago, know exactly who stole it.

In his own words:

“It is my understanding that Apple considers this unit stolen, not lost. And as for the “someone(s)” who “found” it, I believe it is disingenuous for Gizmodo to play coy, as though they don’t know who the someones are.”

Gruber goes onto clear up virtually any doubt that this is in fact the iPhone 4G. “That this belongs to and was made by Apple is almost beyond question at this point.”

He does however remain unsure as to whether this is exactly the design Apple will ship this summer.

Expect severe consequences. The wrath of Steve Jobs.

Original title and link for this post: iPhone 4G Was Stolen Not Lost.

Cake Versus Pie: A Scientific Approach —

Eric Schmidt came to the DC tonight to praise, not to bury newspapers, deftly massaging egos of those convinced they do important work sliding in all the reasons they should still be concerned about the future along with the message that Google (NSDQ: GOOG) should be seen as a potential partner. News still matters, Schmidt told members of the American Society of News Editors, with newspapers responsible for more than half of all original news coverage by his calculations. “We have a business model problem, we don’t have a news problem.” And that problem isn’t newspapers’ alone. One reason: The internet “replaced the economics of scarcity with economics of abundance and all of us are dealing with the consequences of that.” Another: in the always-on internet world, “our children know about now, precisely now, in a way that our parents did not.” Work in progress.

The Obama administration should be seriously considering a strike on Iran, according to neoconservative Fox News contributor Bill Kristol.

An Israeli Deputy Defense Minister said last week that he expected Israel would have to attack Iran within a year. Kristol believes it would be better for the US to attack first.

"I think we have to have a credible threat of force and the preparation to use force against Iran. It would be much better if we used force against -- to delay the Iranian nuclear program than if Israel did and there is no evidence that the US government is being at all serious about the use force there," Kristol told Fox News' Chris Wallace Sunday.

Nina Easton, also appearing on the Fox News Sunday panel, quickly rebuked Kristol. "Use of force. You say that so blithely as if use of force -- what happens to next day after the use of force?" she asked. "I think it behooves us to get the international community together. You have to have sanctions and you have to have a clear threat of force."

The narrow range of debate on Fox News varied only slightly from sanctions and threatening force to launching a US-led war on Iran. Easton said she would also like to see the Obama administration "curry dissent" in Iran.

Kristol's trigger-finger was too itchy to keep his views in the holster.

"Look, precisely because the consequences are so serious whether we use force or Israel uses force, a serious and responsible US government must think that through and play that out," he responded. "I would say the Obama administration is so adverse to even hinting at the use of force that we don't have the kinds of preparations we should have if Israel were to strike."

This video is from Fox's Fox News Sunday, broadcast April 4, 2010.

Download video via RawReplay.com

MIT Finds 'Grand Unified Theory of AI' — aftab14 writes "What's brilliant about this (approach) is that it allows you to build a cognitive model in a fantastically much more straightforward and transparent way than you could do before," says Nick Chater, a professor of cognitive and decision sciences at University College London. "You can imagine all the things that a human knows, and trying to list those would just be an endless task, and it might even be an infinite task. But the magic trick is saying, 'No, no, just tell me a few things,' and then the brain — or in this case the Church system, hopefully somewhat analogous to the way the mind does it — can churn out, using its probabilistic calculation, all the consequences and inferences. And also, when you give the system new information, it can figure out the consequences of that."

Read more of this story at Slashdot.

Internet users are still opening their spam e-mail with abandon and clicking the links and/or opening the attachments within. These are the latest findings from the Ipsos Messaging Anti-Abuse Working Group (MAAWG), which found once again that people continue to practice poor e-mail habits despite awareness of the consequences. A healthy dose of denial and ignorance about who should protect them is apparently enough to keep users clicking away.

According to the MAAWG report, a full half of all North American and Western European users admitted to having opened spam, with nearly half of those people (46 percent) doing so intentionally. Sure, a quarter of those users claimed they did so in order to unsubscribe or complain to the sender—bad idea, people!—but a full 15 percent said they opened spam because they were interested in the products or services being offered. Another 18 percent simply wanted to "see what would happen," and four percent actually forwarded an e-mail they identified as spam to someone else.

Read the comments on this post

The Opposite of Fitts’s Law —

Jeff Atwood:

If we should make UI elements we want users to click on large, and ideally place them at corners or edges for maximum clickability — what should we do with UI elements we don’t want users to click on? Like, say, the “delete all my work” button?

Couple of dangerous examples cited from Gmail.

Google Will Soon Allow You to Opt Out of Google Analytics Tracking —

Google Analytics offers site owners an easy and free way to gather highly detailed analytics about their websites' visitors. A lot of people, however, don't feel comfortable with the idea that Google can track their every move on the Internet. After all, even if you don't use any Google product yourself, you will still send personal data about yourself to Google through programs like Google Analytics. According to an announcement the Google Analytics team just posted on its blog, you will soon have the option to opt out of being tracked by Google Analytics.

Sponsor

How Will This Work?

It still remains to be seen how this opt out feature will actually work. According to Google, the Google Analytics team wants to offer a "global browser based plugin." This is a very vague statement and given that there is no standard for browser plugins, it remains to be seen how Google will implement this. It is also worth noting that a lot of users probably don't know how to install a plugin. Those users who care about being tracked by Google Analytics will likely know how to do this, but it is probably in Google's best interest to explain this opt out procedure in great detail.

Google plans to make these plugins available globally in the coming weeks.

Will this Make Stats Useless?

If opting out of Google Analytics becomes a widespread phenomenon, this could have wide-reaching consequences for site owners. After all, having detailed analytics about your visitors allows site owners and publishers to tweak their marketing efforts.

What About Other Analytics Tools?

It will also be interesting to see how other analytics firms will react to this. While Google Analytics is probably one of the most often used analytics services, other companies like Clicktale, Sitemeter and Woopra also collect large amounts of data from Internet users. Those users who want to opt out of Google Analytics will surely also want to opt out of other programs as well.

Google Opt Out Feature Lets Users Protect Privacy By Moving To Remote Village

Discuss