I’m reading the 28 October issue of Fortune magazine and an article about Twitter’s Katie Stanton includes a statement of Twitter’s noble mission by Twitter’s COO, Ali Rowghani, which really appeals to me and is something I appreciate about Twitter:
to reach every person on the planet, defend users’ free speech, and allow unfiltered information from some of the world’s most distressed places
Twitter has always been really good about protecting free expression. No other company fights for it quite like Twitter does.
So many apps have photo filters these days and when Twitter announced theirs I was skeptical. When I do have an opportunity to post photos to Twitter, I’m often surprised that I prefer them to most other apps.
Twitter rolled out updates to its iOS and Android apps at the beginning of August which included a new two-factor authentication method for verifying logins (and possibly other stuff). It is worth reading the blog post describing the solution. It begins with this explanation why Twitter opted not to go with the more common two-factor authentication model:
Traditional two-factor authentication protocols require a shared secret between the user and the service. For instance, OTP protocols use a shared secret modulated by a counter (HOTP) or timer (TOTP). A weakness of these protocols is that the shared secret can be compromised if the server is compromised. We chose a design that is resilient to a compromise of the server-side data’s confidentiality: Twitter doesn’t persistently store secrets, and the private key material needed for approving login requests never leaves your phone.
Other previous attacks against two-factor authentication have taken advantage of compromised SMS delivery channels. This solution avoids that because the key necessary to approve requests never leaves your phone. Also, our updated login verification feature provides additional information about the request to help you determine if the login request you see is the one you’re making.
I noticed this and enabled it (who doesn’t want to secure his or her Twitter account, right?) although I only found out just how impressive the technology is in a recent episode of Security Now with Steve Gibson and Leo Laporte. The whole episode is worth watching (you can also listen to the audio version or read the terrific show transcription) but the discussion about the Twitter model starts at about 29 minutes in:
Twitter has been doing some pretty interesting stuff when it comes to user privacy and this security model sounds really carefully thought out and designed to protect users even more than the more common options. The explanation Steve Gibson gave about how Twitter leverages the idea that you can only hash passwords one way to make sure it can only authenticate and not impersonate users just points to that (at least, to me). I just had to share.
Rian van der Merwe published a post which touches on a recurring theme which I have been thinking about for a while: we should fear Facebook/Google/Twitter because of all the data they hold about us.
I keep wondering why? There are good reasons to be afraid of what these services may know about us in some circumstances. If, for example, you are in a country run by ruthless despots, being identified as the person behind a Twitter profile advocating revolution is worrying. If you are engaged in criminal acts, you should be worried that the authorities may be able to use your Foursquare or Facebook location data to tie you to your escapades.
On the other hand, if you live in a country that doesn’t (overly) victimise its citizens and leaves you to express yourself legitimately and without reprisals, what do you have to fear from these major social services? Certainly sharing your home or children’s schools’ locations could compromise their and your security and you should be concerned about that (or you just shouldn’t share that information in the first place). Facebook could decide to make all shared updates public and expose your private thoughts. That could be worrying too.
But what about Facebook knowing more about our preferences and activities and presenting us with more relevant (if somewhat annoying) ads? Why is that a problem? Sure, we would probably mostly prefer not to see ads at all but Facebook is free, is really large and requires a lot of mine to operate. The same is true of Twitter, Foursquare and Google services.
Conventional wisdom is that if you are not paying for a product, you are the product. That may be true, as a generalisation. I prefer to think it isn’t so much we who are the products on Facebook but rather our preferences and attention. What does that buy us? For starters, it buys us Facebook, Twitter, Google services and more. It also buys us slightly less annoying ads that can be remarkably relevant. It buys advertisers a better chance that we may want to buy their products and services (we’re not doing that because our lives or our loved ones’ loves are at stake) because those products and services may just be what we are looking for at that point in time.
I’m not so sure we should be afraid of social networks. We should be afraid of persecution dictatorial governments and overreaching government bodies that make use of what we share to further their oppressive agendas, but social networks because they enable sharing in the first place? I don’t think so. What should concern us more is our ignorance of what our privacy controls are on different services and our failure to make smarter and more considered decisions about what to share and where to share that.
In many respects the social services we have today give us more ways to safeguard our privacy than we had when the social Web was largely comprised of blogs and discussion fora. Back then (about a decade ago), sharing was public and if you wanted to share something on the Web with a select group of people, you either password protected your blog, published posts with password access enabled or shared limited content with pre-approved people (limited sharing on Flickr comes to mind).
Facebook and Google+ enable users to share selectively using Facebook Lists or Google+ Circles. You can create lists or circles to suit your sharing preferences and ensure that only the connections you want to share something with, will see it (for the most part). Unfortunately, that level of sophistication can also be accompanied by a degree of complexity in the sharing controls. Both services have options for closed groups or communities in addition to selective sharing at a post level. As a user, it remains your responsibility to explore your privacy controls and make sure that they are configured for your sharing comfort level. You should also bear in mind that whatever you share online could still be made public through a policy change or an exploit so decide for yourself, in advance, what you will never share online and you don’t share that stuff. Good examples of stuff not to share include identity numbers, your home address, where your kids go to school or even your home phone number (it could be cross-referenced with your name to locate your home address in a phone book).
One trend that bothers me is a shift to Twitter for personal sharing. Twitter gives you two options for sharing: publicly or completely privately. I suppose this largely depends on what you are comfortable sharing publicly. Your Twitter profile is public by default and this means everything you tweet is public and anyone can see it if they know where your profile is. The alternative is a private profile where sharing is limited to followers you approve. Twitter doesn’t really have selective sharing capability like Facebook or Google+ and it is the equivalent of trying to have a conversation in a crowded room. You may think you are talking to a select group of people but you potentially have a much larger audience.
Another option worth mentioning is Path which a mobile only social network and which is designed for only your real friends and family. It is a beautiful app and a terrific sharing experience but the challenge, for me, is that very few of my friends and family are using it and that diminishes it value to close to zero. If my close friends and family were using it, it would be a terrific choice. For now, I have set up my Facebook lists to emulate the sharing capability I would have in Path.
Social services like Facebook have been somewhat cavalier with our data but a spate of privacy controversies and increased attention from regulators has persuaded these services to take greater care with our data and our privacy options. Using social media is not a risk free proposition by any means but the social Web gives us the ability to share in ways we just weren’t aware were possible a few years ago. The real cost is vigilance and increased personal responsibility but that is how it should be anyway. After all, it is our data and our lives we are sharing. We should take responsibility for that anyway.
Twitter’s (relatively) new iPad app is a bit of a regression from the previous version (or coded awesomeness, depending on who you talk to). One feature is particularly obtuse and that is switching between and adding Twitter profiles to the app.
HATE new Twitter for iPad update! No multiple accounts. Social media manager crisis. Any solutions / other options you can suggest?
The latest sign of an increasingly closed and Balkanised Web is Twitter’s controversial updates to its API which further restrict anything that is not actually made by Twitter. Developers’ reactions range from disappointment to outrage Twitter remains dominant in its space because there is nothing else. Facebook also dominates the social sharing space with its addicted userbase. What users are distracted from seeing is that the Web, as a platform, is regressing to darker times when competing and competing email services from the like of AOL and Compuserve led users into a spirally abyss out of a desire to control segments of the marketplace through exclusive protocols and closed systems.
Twitter, Facebook and, to an extent, Google are the new closed systems of the Web’s early days although their talk about open protocols and open source software, coupled with the activity on their networks, distract us from what is going on here: a virtual land-grab where these services are consolidating their sovereign status and severing meaningful interoperability ties with each other. Pretty soon interoperability between these services will become the digital equivalent of border crossings between the former East and West Germany in the Cold War era.
S what does this mean for us? It means the notion of the Open Web will be relegated to the digital wilderness where open source and open Web activists and believers will roam, fashioning services and platforms from driftwood and whatever else they can find. The rest of us will become highly monitored and regulated citizens of these new social nations which, ironically, rely on open source software and protocols to scale while building higher and more sophisticated walls and feeding us dreams of targeted marketing Nirvana and more rounded corners to complete our social experiences.
Unfortunately the open source community, generally speaking, hasn’t helped steer us away from this likely future. With a few shining exceptions like Ubuntu Linux and WordPress, open source software and platforms lack the visual appeal and, often, the functionality to really draw mainstream users in. As good as the open source communities are at building scalable, stable and powerful software and systems, it just looks like it was made in the late 1990s (LibreOffice is a case in point).
In contrast the paid social services and proprietary software are generally far better designed and more visually appealing to the uneducated masses (myself included). The result is that these open systems don’t gain much traction and we head further into these closed environments. One example which stands out in the context of the Twitter is StatusNet (formerly Identi.ca) which is an open source, distributed Twitter equivalent. You can install it on your own server and interconnect with other Status.Net users participating in their own communities because there is an underlying common set of protocols and services. StatusNet pivoted and is available as both a free option and pretty compelling enterprise version priced at about $3 per user per month (as I type this) which could be a terrific alternative to other options like Yammer. What we find is bundled with that better user experience is varying degrees of lock-in (either actual or effective) and we, as users, carry on merrily.
Many in the open source community will only use open source software and freely licensed content because they are ideologically opposed to any proprietary software and closed content. That is a little extreme as far as I am concerned but they represent an important counter-point to the totally closed and proprietary model. While they tend to polarise the space with sometimes extreme views, they highlight something pretty important: if the Web is ever truly going to be an open platform, we need practical, feasible, appealing and functional alternatives to the Twitters, Facebooks and, yes, even the Google+’s of today. Android begins to come close with a terrific user interface, mass deployment and low price point. I believe Android smart devices will become the Nokia of the early 21st century and one day the people who all had Nokia feature phones will have basic Android smartphones. At that point the world will be a different, vastly more connected place but if all people will have to connect to are a few massive closed ecosystems, we will have squandered the opportunities that come when everyone is connected with a powerful, media rich pocket computer.
We are on the verge of a potential evolutionary step in our journey towards a smartly connected culture with IPv6. I don’t pretend to grasp the technical side but what little I understand about IPv6 suggests we could reach a point where our default connection becomes peer-to-peer and not through centralised hubs as gateways. Every device will have a unique IPv6 address and if we have systems in place along the lines of StatusNet where they are distributed and share common, open communications protocols, we could have the next big thing in our digital social experience: a truly distributed, dynamic and open social Web. A planned update to LibreOffice demonstrates what this sort of Web could look like: imagine that you could collaborate on a document in a similar way that you do in Google Docs with multiple people contributing to a document at the same time but where the updates are distributed using a peer-to-peer model based on XMPP as the transport protocol (apologise if I am mangling the technical terminology). XMPP is the same protocol that powers Google Talk and a couple other open instant messaging services and what makes it possible for you to talk to someone using Google Talk from some other XMPP-based service. This model removes the central server we rely on to co-ordinate and distribute the updates and, instead, we just use common protocols to maintain meaningful connections.
I don’t think that sort of system is far away, technically, but applying that model to a social Web experience faces a substantial challenge in the form of the sexy, closed and better integrated social experience we have today in the form of Twitter, Facebook and so on. Until the open systems that hover on the periphery drastically improve their integration with each other and can present a better and more coherent experience to end-users, they can’t begin to tackle the awful future that awaits us as the current social giants become more entrenched and dominant in their respective areas. In other words, if the open source communities don’t get their design, usability and functional shit together, we are going back to the days when you couldn’t send an email to anyone else because each system talks a different, proprietary language.
The Guardian posted an article about Twitter’s suspension of a journalist’s, Guy Adams’, Twitter profile after the NBC (a US broadcaster making a complete hash of its Olympic broadcasts to the USA) complained to Twitter:
Twitter has brought down a hail of critical tweeting on its own head by suspending the account of a British newspaper’s Los Angeles correspondent following his acerbic reporting of NBC’s coverage of the Olympics.
These stories about Twitter censoring people or closing off access to its platform are becoming more and more frequent. Am I the only one who feels increasingly uneasy about relying on (or even using) Twitter too much? Dan Gillmor makes a couple good points in his post:
Twitter has been exemplary in its handling of many issues over the past several years, including its (for a social network) brave stance in protecting user privacy. So I’m giving the service the benefit of the doubt for the moment, and hoping that this is just a foolish — if well-meaning — mistake by a single quick-triggered Twitter employee. If so, Twitter should apologize and reinstate Adams’ account immediately. If it does so, there’s little harm done — and the company will have learned a lesson.
If not, this is a defining moment for Twitter. It will have demonstrated that it can be bullied by its business partners into acts that damage its credibility and ultimately the reason so many of us use it as a platform. And if that’s the case, there will be much less incentive to use it.
I have nothing whatsoever against making business and journalism businesses. I believe they must be businesses to be sustainable. But they must be responsible businesses. They must learn where their value truly lies. That is in trust. Squander that trust and you lose it all.