Thursday, April 12, 2007
'You Who?' - Trust in Web 2.0
Posted by centernetworks 04/12/2007
At the end of 2006, Time magazine decided that its person of the year was 'You'. Yes, You. All the You's that create and rate content on heavy hitting sites such as MySpace, Wikipedia and YouTube. The reason behind this is that a shift has happened where content isn't generated or rated by experts anymore. Instead it's by everyday folk like you. This is further back up by a recent Revolution survey showed that within the 16-44 age group: 48% have been to a blog site 26% have created their own blog 74% have rated or reviewed products, content or services You and user generated content User generated content is one of the key foundations of Web 2.0. (For those of you that haven't heard the hype, Web 2.0 is a term created to define the second phase of the Internet following the dot com crash.) One of the key foundations of Web 2.0 is new functionality that changes content within a page based on what a user does. But let's get back to You - after all, this article is all about You! First of all who are You and more importantly how can I trust You? In fact the same question applies to me from your perspective. Who am I and more importantly how do you know that anything I write is worth the HTML it's coded in? Currently there's an avalanche of new content being written on the web. The problem is that it becomes very hard to work out whether the source is accurate and whether the people looking at it know anything at all. So is there anything from web 1.0 that can help us? Trust in Web 1.0 In the old days (read the 1990's) trust was mostly to do with ecommerce. How could you trust a website enough to either give your personal details or credit card numbers to buy something? A whole set of standards was subsequently developed to ensure users trusted your website. Some of the key points were to: Prove there's a real organisation behind your site (e.g. contact details, about us section) Explain what you're going to do with sensitive information Provide third party evidence of your credibility (e.g. testimonials) Have a professional design Regularly update the site so it looks alive and fresh Avoid all errors of any kind But are these guidelines still relevant? Do we need any other guidelines? The problem with user generated content In Web 2.0 the issue of trust has moved away from the people that run the site and is now starting to focus more on the people that populate it. People are engaging with each other at a one to one level in so many ways, such as: Business (e.g. eBay) Pleasure (e.g. MySpace, YouTube, Secondlife) Information (e.g. Wikipedia, Digg) Classifieds (e.g. Craigslist, Gumtree) The issue of 'Can I trust this site?' still exists, but the new issue, 'Can I trust the people on it?' is now equally important. The main difference now is that content is being generated by anyone and then being rated by anyone. How can you be sure that what other users write is true? For example, there's been some controversy about the reliability of articles on Wikipedia, the online encyclopaedia. Even more controversy occurred when a guy solicited dates from other men pretending to be a woman on the personals section of Craigslist. He then published all their personal details on the web! Yet another example is online restaurant guides. How can you trust someone's review when you don't know their tastes? Is the reviewer someone who goes out solely for tasty food or someone who goes out for the atmosphere/occasion? So, how do we resolve these issues? Trust 2.0: Ensuring trust in Web 2.0 To ensure site visitors continue to trust your site, you need to ensure users are who they say they are. Ways you can achieve this when users are registering include: E-mail an activation link Send a text message with an activation code Send the activation code to a home or business address You can also: Only allow site visitors access to content/functionality if recommended by a registered user (LinkedIn, the online career network, does this) Show people you know their IP address when they're logged in Collect users' credit card details If site visitors know you've validated the credibility of users creating content, they're far more likely to trust that content. Other ways of increasing trust of user generated content, and enhance the credibility of users, include: Make users' profiles publicly available to everyone in the community (the profile can include tastes, expertise or experience, for example) Allow users to rate a person for their content, services or products (eBay does this) Set up a reference system to highlight respected contributors (Amazon now gives out 'badges' to reviewers, where they get tagged with 'real name' (if the site can verify that it's their real name) or 'top 500 reviewer' (if the site feels the person has given good reviews)) Have real time face-to-face interaction (e.g. Skype on eBay, Winebit) You won't of course need (or want) to implement all of these techniques - think about what your site is trying to achieve and the needs of your audience. You should then be able to come up with an appropriate trust strategy. Conclusion Guidelines for ensuring trust borne out of Web 1.0 still remain very valid in today's Internet. After all, web users need to be able to trust your website and the content that you've put on there. They also need to trust content generated by other users - follow some of the advice in this article to ensure this! This article was written by Mark Halabi. He's crazy about web usability and accessibility - so crazy that he's head of client services at usability and accessibility consultancy, Webcredible. He's extremely good at running focus groups and carrying out card sorting sessions.
Posted by Augustine at 8:12 AM
A tale of two animated cursor attacks
April 9th, 2007 Posted by Ryan Naraine (ZDNet) At the height of the animated cursor(.ani) attacks last week, there were two different groups using different motives to hit a different set of targets. According to Websense Security Labs, the first set of attacks started in the China region and appear to be the work of groups within the Asia Pacific Region. The attackers have compromised hundreds of machines and placed IFRAME’s back to the main servers that host the exploit code. In most cases the payload and motivation of these attacks is to gather credentials for online games. A few days later, a second set of attacks started up from a group in Eastern Europe known for using malware lures to launch identity theft attacks. This group has been placing exploit code on sites for many years now and has a very resilient infrastructure. They have used WMF, VML, and several other exploits in there routines previously. As of now they have also added the ANI attacks to their arsenal. The payload and motivation is somewhat different however as they are more known to install rootkit’s and crimeware which is designed to install form grabbing software and keyloggers in order to compromise end-user banking details. Also in the past they have installed fake anti-spyware software as a distraction and as a means to falsify someone into acquiring some anti-spyware software. More than two weeks after the attacks were first spotted, there are still more than 2,000 unique sites that are hosting exploit code and/or are compromised and are pointing to machines that host exploit code, Websense said. According to Andreas Marx of AV Test, there are more than 46,000 different URLs that together serve up almost 3,000 different corrupted animated cursor files.
Posted by Augustine at 1:07 AM
Wednesday, April 11, 2007
'Flexible' plastic for electronic circuits?
April 11th, 2007 ‘Flexible’ plastic for electronic circuits?Posted by Roland Piquepaille @ 9:39 am Categories: By adding a polymer acid to a common plastic, chemists at the University of Texas at Austin have developed a plastic with changeable conductivity which could be used to build future electronic devices. This 'doped' plastic can be manufactured at room temperature and can have a conductivity ten times higher than the 'non-doped' one. The flexible sheets of plastics obtained in the lab can be printed with wires and interconnects which could be used to design military camouflage that changes colors, foldable electronic displays and medical sensors. This project has been led by Yueh-Lin (Lynn) Loo, an assistant professor of chemical engineering at the University of Texas at Austin, and the members of her research group. Below is a picture of Loo holding a pliable sheet with printed polyaniline wires and interconnects (Credit: Caroling Lee, University of Texas at Austin). Here are two links to a larger version of this photo and to a page containing several other pictures. Here are some more details about this 'doped' plastic. By combining polyaniline [also known as PANI,] with a chemical that gives it conductivity, Loo discovered she could increase the plastic's conductivity one- to six-fold based on the version of the chemical added. Chemically altered polyaniline has several advantages over the more commonly used metals, like gold and copper, in devices other than computers. For example, Loo’s previous research has demonstrated that “doped” polyaniline can be manufactured in solution at room temperatures and without vacuum chambers. Producing metal-based wires requires special manufacturing conditions in addition to the high cost of the metals. I'm sure you all want to know what was the special ingredient added to polyaniline (PANI) to increase its conductivity. It's a polymer acid named poly(2-acrylamido-2-methyl-1-propanesulfonic acid), or PAAMPSA. But if I've named this post "PAAMPSA meets PANI," would you have read it? For more information, this research work has been published by the Journal of Materials Chemistry under the name "Improving the Electrical Conductivity of Polymer-Acid-Doped Polyaniline by Controlling the Template Molecular Weight" (Volume 17, Issue 13, Pages 1268-1275, 2007). Here are two links to the abstract and to the full paper (PDF format, 8 pages, 392 KB). You also may want to read a previous news release about Loo's work, "Putting a charge in plastics" (January 16, 2006), describing how she researches ways to make cheap, flexible electronic devices. Sources: University of Texas at Austin news release, April 9, 2007; and various websites
Posted by Augustine at 9:59 PM