On social networks like Facebook even if you have kept your profile very very private, people can just look at your friends list and get lots of vital information about you. Most of the social networks like Facebook & LinkedIn allow people to see your pic and friends list as part of the open access for visitors. In a study “You Are Who You Know:Inferring User Profiles in Online Social Networks” [PDF], conducted by Alan Mislove of Northeastern University and his colleagues at the Max Planck Institute for Software Systems an algorithm was tested that could accurately infer the personal attributes of Facebook users by simply looking at their friend lists. The results show that certain user attributes can be inferred with high accuracy when given information on as little as 20% of the users.
[ Via Erik Hayden on Miller McCune and also cross-posted on Slashdot]
Doc searls informs about The Future of the Internet IV, the study conducted by Pew Research Center’s Internet & American Life Project and Elon University. Survey respondents shared thousands of issues-exposing predictive statements tied to five "tension pairs" projecting their attitudes about the likely state of things in 2020. Experts were asked about the Internet and the evolution of: intelligence; reading and the rendering of knowledge; identity and authentication; gadgets and applications; and the core values of the Internet. The 45-page briefing as a PDF is available for downloaded here. In this report, you will find experts’ thoughts on the following issues:
1. Will Google make us stupid?
2. Will we live in the cloud or the desktop?
3. Will social relations get better?
4. Will the state of reading and writing be improved?
5. Will those in GenY share as much information about themselves as they age?
6. Will our relationship to key institutions change?
7. Will online anonymity still be prevalent?
8. Will the Semantic Web have an impact?
9. Are the next takeoff technologies evident now?
10. Will the Internet still be dominated by the end-to-end principle?
Bruce Schneier on his blog on security and security technology points to this research paper "A Practical Attack to De-Anonymize Social Network Users" (pdf). The paper introduces a novel, practical de-anonymization attack that makes use of the group information in social networking sites.
Abstract >> Social networking sites such as Facebook, LinkedIn, and Xing have been reporting exponential growth rates. These sites have millions of registered users, and they are interesting from a security and privacy point of view because they store large amounts of sensitive personal user data.
In this paper, we introduce a novel de-anonymization attack that exploits group membership information that is available on social networking sites. More precisely, we show that information about the group memberships of a user (i.e., the groups of a social network to which a user belongs) is often sufficient to uniquely identify this user, or, at least, to significantly reduce the set of possible candidates. To determine the group membership of a user, we leverage well-known web browser history stealing attacks. Thus, whenever a social network user visits a malicious website, this website can launch our de-anonymization attack and learn the identity of its visitors.The implications of our attack are manifold, since it requires a low effort and has the potential to affect millions of social networking users. We perform both a theoretical analysis and empirical measurements to demonstrate the feasibility of our attack against Xing, a medium-sized social network with more than eight million members that is mainly used for business relationships. Our analysis suggests that about 42% of the users that use groups can be uniquely identified, while for 90%, we can reduce the candidate set to less than 2,912 persons. Furthermore, we explored other, larger social networks and performed experiments that suggest that users of Facebook and LinkedIn are equally vulnerable (although attacks would require more resources on the side of the attacker). An analysis of an additional five social networks indicates that they are also prone to our attack.
Via @steph3n | Stephen Kline
I am a big fan Slashdot.org, the original mob destination for nerds and what else can be the better way to start this blog by posting my submission which was accepted there.
santosh maharshi passes along an article on Edge by David Gelernter, the man who (according to the introduction) predicted the Web and first described cloud computing; he’s also a Unabomber survivor. Gelernter makes 35 predictions and assertions, some brilliant, some dubious.
“6. We know that the Internet creates ‘information overload,’ a problem with two parts: increasing number of information sources and increasing information flow per source. The first part is harder: it’s more difficult to understand five people speaking simultaneously than one person talking fast — especially if you can tell the one person to stop temporarily, or go back and repeat. Integrating multiple information sources is crucial to solving information overload. Blogs and other anthology-sites integrate information from many sources. But we won’t be able to solve the overload problem until each Internet user can choose for himself what sources to integrate, and can add to this mix the most important source of all: his own personal information — his email and other messages, reminders and documents of all sorts. To accomplish this, we merely need to turn the whole Cybersphere on its side, so that time instead of space is the main axis. … 14. The structure called a cyberstream or lifestream is better suited to the Internet than a conventional website because it shows information-in-motion, a rushing flow of fresh information instead of a stagnant pool.”
Also cross-posted on Slashdot