Tech Brief
On Tech Brief today: rumours of yet another Google social network, a security flaw gets patched in Foursquare, plus Alan Turing, ultimate information pioneer.
• Orkut, Wave, Buzz, the list of Google's attempts to break into social networking may be on the verge of growing yet again, :
"Yesterday, Digg CEO Kevin Rose tweeted that he'd heard a 'huge rumor' that Google was planning to launch a Facebook competitor called 'Google Me', sparking off a wave of speculative reports (Rose has since removed the tweet). Now Adam D'Angelo, who was Facebook's CTO for years and is now founder of hot Q&A service Quora, is weighing in with more details. And from what he's hearing, Google Me is indeed very real, and it's gunning for Facebook."
If true, Jason Kincaid at TechCrunch is sceptical about Google's ability to take on the social networking giant:
"Even if Google has an amazing site in the pipeline, creating the next Facebook is going to be easier said than done -- nearly 500 million people already have their content stored on Facebook, and despite what Facebook has claimed about being open, I doubt they'll make it easy for anyone to jump into the arms of a competitor. Not to mention the fact that Google has had shortcomings with its social sites like Buzz, Wave, and Orkut."
• Foursquare, the web service that lets you update your friends with where you are, . Wired explains how a programmer named Jesper Andersen identified the problem:
"On pages like the one for San Francisco's Ferry Building, Foursquare shows a random grid of 50 pictures of users who most-recently checked in at that location -- no matter what their privacy settings. When a new check-in occurs, the site includes that person's photo somewhere in the grid. So Andersen built a custom scraper that loaded the Foursquare web page for each location in San Francisco, looked for the differences and logged the changes."
Wired also quotes an e-mail from Foursquare programmer Jon Hoffman explaining how the hole came about:
"The privacy leak on the venue page was something that was overlooked when we added privacy-protection features to the 'who's here now' section of the venue page on the mobile clients (the data that's exposed via the API)," Hoffman wrote Tuesday morning. "There already is a privacy toggle on the /settings page to control privacy for that feature, but it did not extend to the 'who's been here' section of the venue page on the website. We've recently locked down the 'who's been here' section so that it respects the 'Who's here' privacy toggle."
• Slashdot is reporting , which takes advantage of software which mimics, or "spoofs" another person's caller ID:
"If the target has not added a voicemail password (the default is no password), you will be dropped into a random menu of their voicemail and eventually can drill up or down to get what you want. You can change greetings, erase messages, send voicemails out of the target account, and much more. How many politicians up in arms about Google Wi-Fi sniffing will want to know more about this?"
• Who knows, but perhaps Google, which created Android, will consider remotely killing the software that allows users to spoof another person's mobile phone number. The Register points out that :
"The announcement came by way of a blog post from Android security lead Rich Cannings. 'After the researcher voluntarily removed these applications from Android Market, we decided, per the Android Market Terms of Service, to exercise our remote application removal feature on the remaining installed copies to complete the cleanup,' Cannings said."
Whilst some are likely to be concerned about Google's ability to remove applications, this sounds like it might be a smart way for Google to deal with malicious software on Android phones. However, the company also has a command that can remotely install applications. Jon Oberheide, the programmer who exposed the original problem to Google, told The Register that it worries him:
"It may be possible to spoof these INSTALL_ASSET messages to deliver a malicious application payload. If Google's GTalkService servers were compromised, the malicious impact would obviously be a bit more widespread ... You better believe that myself and others are taking a careful look at these code paths."
• Finally, for today, a follow-up to a story we mentioned in a recent Tech Brief. BCS, The Chartered Institute for IT has revealed the winner of its search for the "ultimate information pioneer" of all time. :
"Celebrity Kate Russell, who fronted a short film in support of Turing's bid, said: 'I was thrilled that Alan Turing took such an early lead, even managing to fight off a sudden dash from Hedy Lamarr in week two of the voting! The fact that the votes for Turing have remained steady over the course of a month, securing him a solid victory, goes to show that his appeal and importance to the world of technology is as universal as his early machines were!'"
And Kate Russell's film about Alan Turing .
If you want to suggest links or stories for Tech Brief, you can send them to on , tag them bbctechbrief on or e-mail them to techbrief@bbc.co.uk.
Links in full
•
•
•
•
•