News for the Week of December 31, 2006
Happy New Year, everyone! As we move into 2007, it's good to be alert to a key trend in children's online safety and computer security...
The social-engineering problem
Watch out for emails that say there's been some unusual or unauthorized activity in your Amazon.com or Paypal or bank account, so you better click here to confirm or reset your account information - username, password, social security number, etc. This is called "social engineering," and your kids are dealing with it too, in language tailored to their interests, in IM, email, and social Web sites (e.g., "Click to this cool video in YouTube."). But beyond tricking people into clicking to a malicious site or typing in personal info, it's social engineering that gets kids to add people they don't know to friends lists or reveal more about themselves than they should.
Increasingly, the growing sophistication of online threats - whether phishing attacks or friend requests - is psychological more than technical, security experts point out. Washington Post security writer Brian Krebs has details on the latest phishing attack on Amazon users and social engineering's role in it. In MySpace, people have clicked to something and had a fresh log-in form pop up with a message saying something like "you need to log-in" to go there. It's a fake log-in page that captures the username and password people type in the form if they're tricked by it. One user posted in our forum, BlogSafety.com, that - after his son was tricked in that way - someone created a new account in another site, using his contact info to impersonate him. Responsible social sites like MySpace, Facebook, and Xanga will take down impersonating pages or "imposter profiles," as they've come to be called, on request - especially if they're clearly abusive - but determined impersonators can create new ones fairly quickly. So social networkers and their parents could spend their lives getting imposter profiles and pages deleted and not put a dent in the harassment.
Social solutions
There is no clear tech solution to this problem (which needs a focused public discussion), so tell your kids at least to protect their personal info. In fact, the only real solution to social harassment like abusive profiles is social engineering itself - teen peers and their parents working through these issues among themselves, with old-fashioned personal communication. Though the Internet industry will need to provide appropriate support for this, as it has already started to do, it will never really be able to fix relationship problems - any more than the phone company has ever been expected to patch up arguments that flare up in phone conversations.
It might be helpful for families to talk about this idea of social engineering, as both a weapon and a solution-development tool. Parents might ask their kids if they've gotten strange requests for personal info or if anyone's tried to impersonate or harass them online, get their thinking and see what solutions they've come up with. One valuable protection for everyone is knowing "How social influencing works".
In other news...
- Social networking, Gen 2. We're now moving from Web 2.0 to social networking 2.0. The 2nd generation of social sites has two categories: 1) niche ones, such as Takkle.com for high school sports fans and WAYN.com for travelers, and 2) hybrids that are either combinations of game/virtual world and the "old" kind of social site or what I'd call extreme social-networking, such as Xuqa.com. Forbes makes Xuqa sound like the popularity contest part of MySpace on steroids. It also adds incentives for sticking around. In it, "users compete for popularity points by accumulating virtual kisses and hugs, winning poker games, spending 'peanuts', and even filling out surveys and looking at ads, all to attain status levels," Forbes reports. The other kind of 2nd-gen social site that may now be seeing its market kick in (in the US) is represented by Cyworld (South Korea-based, launched in the US last summer) and Finland-based Habbo Hotel (with a presence in 29 countries), both of which not only have "spaces" or rooms users can decorate but avatars to "live" in them. They're part game, part social site.
- Italy's anti-child-porn law. The new law, which goes into effect almost immediately, will require Italian Internet service providers to "block child pornography Web sites within six hours of being told to do so," Reuters reports. The wire service adds that "Italy's penal code includes severe punishment for the distribution and publication of child pornography." Maybe Italy's ISPs will use an anti-child-porn filter like the "Cleanfeed" service used by BT, the UK's largest ISP, which announced last February that it was blocking 35,000 attempts to view child-porn Web pages a day (see this item).
- Health-care 'networking': "The social-networking revolution is coming to health care," the Wall Street Journal reports, adding that "patients who once connected mainly through email discussion groups and chat rooms are building more sophisticated virtual communities that enable them to share information about treatment and coping and build a personal network of friends." Advocacy groups like the American Cancer Society and government agencies such as the Centers for Disease Control are using social-networking and online gaming technologies to educate consumers. The CDC has held virtual health fairs in the virtual world Second Life, the Journal reports. As for social networking, GroupLoop.org "helps teens with cancer connect in a private, safe environment," and OrganizedWisdom.com is a social site that allows users to share info about diseases, medications, and medical procedures.
- 'Dear everybody.' In "On the Web, 'Dear Diary' becomes 'Dear World'," the Washington Post takes a look at why many teenagers want to be so emotionally accessible. Two young bloggers gave the Post interesting observations: "blogs actually protect vulnerabilities by allowing for a more polished presentation of self" and "blogs let writers interact while avoiding the emotional risks of one-on-one conversation." So being very public is somehow safer. Hmm, what a comment on teen lives. Then, in an interview for our book, MySpace Unraveled, social media researcher Danah Boyd told me, "Kids are getting all these messages [like reality TV and American Idol] saying, 'Expose, expose, expose.'... We're all living in a superpublic environment getting the message that you have more power if you expose yourself than if someone else exposes you" (for further insight into teen vs. adult blogging, see a post this week in Danah's own blog).
