Comments on: Search with a little help from your friends (on social networks) http://cubist.cs.washington.edu/Security/2008/02/03/search-with-a-little-help-from-your-friends-on-social-networks/ Mon, 06 Oct 2008 14:07:42 +0000 http://wordpress.org/?v=2.6.2 By: Max Aller http://cubist.cs.washington.edu/Security/2008/02/03/search-with-a-little-help-from-your-friends-on-social-networks/#comment-236 Max Aller Mon, 04 Feb 2008 08:11:28 +0000 http://cubist.cs.washington.edu/Security/2008/02/03/search-with-a-little-help-from-your-friends-on-social-networks/#comment-236 That "ownership is a lousy way to think about this issue" made me laugh out loud... That “ownership is a lousy way to think about this issue” made me laugh out loud…

]]> By: iddav http://cubist.cs.washington.edu/Security/2008/02/03/search-with-a-little-help-from-your-friends-on-social-networks/#comment-230 iddav Mon, 04 Feb 2008 07:21:27 +0000 http://cubist.cs.washington.edu/Security/2008/02/03/search-with-a-little-help-from-your-friends-on-social-networks/#comment-230 It does seem like adoption of OpenID could potentially address the password security hazard, but the privacy implications do not seem to have as easy of a resolution. To be truly effective in using the social networks to enhance search, Delver would probably need to cache not only your friends' data, but your friends' Delver search histories as well. As discussed on Freedom to Tinker (http://www.freedom-to-tinker.com/?p=1246), Robert Scoble's Facebook account got disabled as a result of his automated script that exported information about his friends to another service. This prompted questions about who "owned" the data: does your Facebook information belong to you, your friends, or Facebook? The blog post concludes that "ownership is a lousy way to think about this issue" and instead we should focus on balancing the interests of the parties involved. I think we can benefit overall through sharing our data in a transparent, controlled fashion. For example, Delver should be explicit about how it uses our data and allow users to make informed decisions about how much of their friends' data they are willing to expose. Similarly, Facebook should be upfront about the fact that what's posted on their site is pretty much open to the rest world; case in point: http://valleywag.com/tech/your-privacy-is-an-illusion/bank-intern-busted-by-facebook-321802.php It does seem like adoption of OpenID could potentially address the password security hazard, but the privacy implications do not seem to have as easy of a resolution. To be truly effective in using the social networks to enhance search, Delver would probably need to cache not only your friends’ data, but your friends’ Delver search histories as well.

As discussed on Freedom to Tinker (http://www.freedom-to-tinker.com/?p=1246), Robert Scoble’s Facebook account got disabled as a result of his automated script that exported information about his friends to another service. This prompted questions about who “owned” the data: does your Facebook information belong to you, your friends, or Facebook? The blog post concludes that “ownership is a lousy way to think about this issue” and instead we should focus on balancing the interests of the parties involved.

I think we can benefit overall through sharing our data in a transparent, controlled fashion. For example, Delver should be explicit about how it uses our data and allow users to make informed decisions about how much of their friends’ data they are willing to expose. Similarly, Facebook should be upfront about the fact that what’s posted on their site is pretty much open to the rest world; case in point: http://valleywag.com/tech/your-privacy-is-an-illusion/bank-intern-busted-by-facebook-321802.php

]]>