Tuesday, 10 September 2013

Don't be a Facebook slut.. ... ...


I have noted a number of web sites that I use have helpfully started offering the facility to sign in using Facebook.  Great.  I don't know about you, but I have so many different logins, I am faced with the dilemma of either using a single password, which is surely a gift to identity theft criminals and plainly a dumb cyber security strategy or writing down my passwords, again a security home goal.

I have been between a rock and a hard place on this for a while now and when I have my entrepreneurial hat on I can see a clear market need for a password authentication and consolidation service.  I had thought this might naturally come out of one of the many security packages such as Avira or Norton Defender, possibly even one of the established tech giants, Google or the Gates Foundation.  

Do you remember everyone from your graduation class ?



 
It reminds me, in a non-linear link that may never be clear, of the Google Earth launch, where refreshingly (or a just a cunning PR approach) the co reps said clearly and repeatedly something like "We don't know how this will be commercialised, but things will come along to use this product".  Emergent strategic development I suppose. 

Sure enough reality has caught up the vision.  British Airways used Google Earth images in an advertising campaign.  Estate agents link to street views.  Some time rich individuals look for aeroplane shadows.  I have chatted numerously with friends having seen one of the Google street view cars (clearly not that rare !) undertaking the painstaking and expensive image data collection.  All kudos to brand Google. Perhaps it merely serves its megalithic master by offering must use freeware and is fully justified by the volume of traffic generated, which drives a significant advertising revenue bang.  Anyways, it is hard to remember a pre Google Earth world.   
British Airways ad  Source linked to www.Creativereivew.co.uk




Facebook seems to be commercialising its preeminent social media status in an interesting new direction.  Remember Amazon, the online book seller ?  I just bought groceries (pink toothpaste) online using them.  It is my Christmas one stop shop, starting in Sep each year.  My Scouting friend Tim, who is an Amazon trading entrepreneur, says the price hikes in the build up to Christmas offer exciting trading opportunities.  Through successful growth, Amazon has changed it's vision from eBook seller, to eTailer and now operates as a multi-national online marketplace and logistics provider.  Better to run  the game than be its leading player ?  Actually, better to run the game AND be the leading player.... It has also started allowing smaller retailers (seen as competitors in the old world) use their payment solutions.  My beloved rugby site www.lovell-rugby.co.uk is doing this.  Brilliant customer service that overcomes the forgotten password issue, felt particularly on infrequently used websites. Such technical hurdles can help the big get bigger and the small wither and die.   Amazon have gone to the bother of trade marking their one click purchasing it's so important to them.  Scale buying and process efficiencies that probably make a cost neutral no brainier decision.  Here I am thinking about card handling fee commissions, fraud liability and software maintenance and development.

Back to the edgy title, don't be a Facebook slut.  Another chum, Lynne, was very forthright about her online connection strategy over a glass of wine one evening a while back.  We were discussing the politics around refusing a social media invitation to connect.  Lynne was unequivocal, her view was; either you are very selective, choosing close friends and work colleagues or you are a slut and say yes to everyone.

"Is that Billy ?"    Source: blog.metaprime.at


So I smiled when the offer to login via Fb last week saw me undertake a facial recognition based, multiple choice test using three photos of three different Facebook contacts, offering six real contact names as solutions for each.  It isn't as easy as you think (see image)  Not your mothers maiden name (how sexist is that ?), your favourite colour or even your first pets name.  All fixed and often short data strings that we are prone to give up quite easily.  A dream for hackers.  The Facebook approach is highly customised, and very clever.  I think it was this company that used the same approach as a tech start up as the office access protocol.  That is until the company hit 200 employees, a mystical number it seems, when staff struggled to know all their co-workers and began to fail the office entry protocol.  This mathematically brilliant (?) and hacker unfriendly approach relies on us being able to recognise, if a little prompted, our "Friends".  So please do consider this when you are accepting any left field invitations to connect, the future implications may be more significant than you think.   Deep.

Related Side Bar item

Having drafted this piece, I discovered that the Information Security group at Royal Holloway (one of the elite research groups - UK top three - that makes our College so special) has been busy trying to solve this problem too.  See the press release below for more details:

http://www.rhul.ac.uk/aboutus/newsandevents/news/newsarticles/newtechnologyprotectsagainstpasswordtheftandphishingattacks.aspx