Google and the Perils of Posting
October 21, 2011
I don’t want to make a big deal out of an simple human mistake from a button click. I just had eye surgery, and it is a miracle that I can [a] find my keyboard and [b] make any function on my computers work.
However, I did notice this item this morning and wanted to snag it before it magically disappeared due to mysterious computer gremlins. The item in question is “Last Week I Accidentally Posted”, via Google Plus at this url. I apologize for the notation style, but Google Plus posts come with the weird use of the “+” sign which is a killer when running queries on some search systems. Also, there is no title, which means this is more of a James Joyce type of writing than a standard news article or even a blog post from the addled goose in Harrod’s Creek.
To get some context you can read my original commentary in “Google Amazon Dust Bunnies.” My focus in that write up is squarely on the battle between Google and Amazon, which I think is more serious confrontation that the unemployed English teachers, aging hippies turned consultant, and the failed yet smarmy Web masters who have reinvented themselves as “search experts” think.
Believe me, Google versus Amazon is going to be interesting. If my research is on the money, the problems between Google and Amazon will escalate to and may surpass the tension that exists between Google and Oracle, Google and Apple, and Google and Viacom. (Well, Viacom may be different because that is a personal and business spat, not just big companies trying to grab the entire supply of apple pies in the cafeteria.)
In the Dust Bunnies write up, I focused on the management context of the information in the original post and the subsequent news stories. In this write up, I want to comment on four aspects of this second post about why Google and Amazon are both so good, so important, and so often misunderstood. If you want me to talk about the writer of these Google Plus essays, stop reading. The individual’s name which appears on the source documents is irrelevant.
1. Altering or Idealizing What Really Happened
I had a college professor, Dr. Philip Crane who told us in history class in 1963, “When Stalin wanted to change history, he ordered history textbooks to be rewritten.” I don’t know if the anecdote is true or not. Dr. Crane went on to become a US congressman, and you know how reliable those folks’ public statements are. What we have in the original document and this apologia is a rewriting of history. I find this interesting because the author could use other methods to make the content disappear. My question, “Why not?” And, “Why revisit what was a pretty sophomoric tirade involving a couple of big companies?”
2, Suppressing Content with New Content
One of the quirks of modern indexing systems such as Baidu, Jike, and Yandex is that once content is in the index, it can persist. As more content on a particular topic accretes “around” an anchor document, the document becomes more findable. What I find interesting is that despite the removal of the original post the secondary post continues to “hook” to discussions of that original post. In fact, the snippet I quoted in “Dust Bunnies” comes from a secondary source. I have noted and adapted to “good stuff” disappearing as a primary document. The only evidence of a document’s existence are secondary references. As these expand, then the original item becomes more visible and more difficult to suppress. In short, the author of the apologia is ensuring the findability of the gaffe. Fascinating to me.
3. Amazon: A Problem for Google
Paving Stones of Good Intentions
October 9, 2011
Even Orwell didn’t foresee this, not specifically. From Kindergarten through college, students are now subjected to more forms of monitoring than I could have conceived of when I was a little rabble rouser. From cameras to RFID badges, it’s an entirely different world.
Now Michael Morris, is a lieutenant with the University Police at California State University-Channel Islands, is calling on universities to take surveillance to a whole new level. NetworkWorld reports on this in “Privacy Nightmare: Data Mine & Analyze all College Students’ Online Activities.” That’s right, the good lieutenant recommends recording every little thing college students do online and analyzing the data to predict and prevent “large-scale acts of violence on campus.” What’s more, it would be easy enough to do with today’s data management tools. Wrote Morris,
Many campuses across the country . . . provide each student with an e-mail address, personal access to the university’s network, free use of campus computers, and wired and wireless Internet access for their Web-connected devices. Students use these campus resources for conducting research, communicating with others, and for other personal activities on the Internet, including social networking. University officials could potentially mine data from their students and analyze them, since the data are already under their control. The analysis could then be screened to predict behavior to identify when a student’s online activities tend to indicate a threat to the campus.
Take a moment to reflect on the side effects of such a large-scale invasion of privacy. What other behavior, unrelated to potential violence, will be “predicted?” And how will those predictions be acted upon? The possibilities are endless.
Look, I get it. I once attended Virginia Tech, after all, and now I have a child in college myself. Not much scares me more than visions of some nut-job with guns descending on that campus. But I also realize that throughout history, fear has been the key to gaining citizen acceptance of the unacceptable. And now we have technology that allows the unacceptable to reach heights like never before.
Cynthia Murrell October 9, 2011
IBM OmniFind Security Issue
September 29, 2011
Avoid the security vulnerability by removing seven imcd*.flt files from the /lib or /bin directories of the OmniFind Enterprise Edition installation root directory. Removing these files should prevent the security vulnerability without loss of function because OmniFind Enterprise Edition does not use the CorelDraw functions.
Jasmine Ashton, September 29, 2011
Sponsored by Pandia.com
Protected: Setting Up Custom Access Controls in SharePoint Search
September 29, 2011
Social Media: Is There a Scare Factor?
September 17, 2011
From the “Do You Need to Be Reminded” Desk: Social media mining is a growing field, one that deals with parsing meaning out of the big data generated by social networks. Valuable to advertisers, but potentially also to employers, law enforcement, and even criminals, this data can generate relevant information about individuals and groups. But how do we know if it’s accurate? Eric Naone explores in, “When Social Media Mining Gets it Wrong.”
…In Las Vegas, at the computer security conference Black Hat, Alessandro Acquisti, an associate professor of information technology and public policy at the Heinz College at Carnegie Mellon University, showed how a photograph of a person can be used to find his or her date of birth, social security number, and other information by using facial recognition technology to match the image to a profile on Facebook and other websites. Acquisti acknowledges the privacy implications of this work, but he warns that the biggest problem could be the inaccuracy of this and other data-mining techniques.
If the privacy aspect of social media mining doesn’t scare you, the inaccuracy of the technology should. Correlations made from individuals’ social “likes” and comments are weak at best. If companies try to implement usage of big data gleaned from social media, it will no doubt push the issue into political debate in order to prevent misuse and breaches of privacy. Now what about social search? Worth considering?
Emily Rae Aldridge, September 17, 2011
Sponsored by Pandia.com, publishers of The New Landscape of Enterprise Search
Google Two-Step Authentication Spreads Across the Globe
September 16, 2011
At last, “Google Rolls Out Safer Two-Step Authentication in 150 Countries,” reports Softpedia. Google debuted the more rigorous verification earlier this year, but only in its English language incarnation. Now, another 40 languages and 150 localized Web sites are on board.
Writer Lucian Parfeni explains the revised method:
With two-step verification, or authentication, users have to provide a unique code along with their account credentials. This code is only available via their phones, ensuring that unauthorized persons, with no access to the phone, can’t get in even if their credentials have been compromised, or at least making it significantly harder.
This is good news. The new process is slightly more annoying, but the increased security is worth the small hassle. Well, to me, anyway. Then again, I’m not one to use “password” as my password, either.
Some might say, “Good move, Google.”
Cynthia Murrell, September 16, 2011
Sponsored by Pandia.com, publishers of The New Landscape of Enterprise Search
SQL Injection: Knowledge Prevents Problems
September 14, 2011
Our modern lives are controlled by databases: health records, financial records, education records, and online search. Even when you are not personally interfacing with a database, there is usually one behind the scenes controlling your enrollment, appointment time, or access to any given record. SQL is a computer database language used to write or create such databases and is vulnerable to hacking through a technique called SQL injection.
SQL injection exploits a security vulnerability in the database layer of an application, like queries. It’s considered one of the top 10 web application security vulnerabilities. Our culture of free access to information can be used for good or for evil. One example is this SQL Injection Pocket Reference.
Freely available on the Web, this pocket guide explains the ins and outs of SQL injection. The author could argue that this guide helps creators build more secure databases by recognizing mistakes in the framework or areas of weakness. However, a stronger argument could be made that such a reference is more of a “hacking for dummies” guidebook than anything else. Anyone who’s ever suffered an email or bank account hack would like to see such information be a little harder to find.
We are not fans of hacker related information or the hacker ethos. Information can prevent missteps. We suggest you consider learning about SQL injection and then double checking that you are not vulnerable.
Emily Rae Aldridge, September 14, 2011
Sponsored by Pandia.com, publishers of The New Landscape of Enterprise Search
Social Media: Making the Personal Impersonal
August 25, 2011
Search engines are now using social media data to rank query results. As crazy as it sounds, your Tweets could now alter the way Google gives you information on such benign things as “George Washington” or “grilled cheese sandwiches.” eSchool News takes a look at how “New Web-Search Formulas Have Huge Implications for Students and Society.”
Search results now differ from person to person based on algorithms have been altered to include social media data. Knowing that most people don’t go past the second page of results, they have tailored their ranking system to consider links you have clicked on and create a filter system based on those previous links. This isn’t something ground breaking since Amazon and Netflix have been using it for years to recommend books and movies, but is new to the major search engines.
At the 2011 Technology, Entertainment, and Design talk, Eli Pariser, the author of The Filter Bubble, shared his reservations with the “invisible algorithmic editing of the web.” He believes it only shows us what it thinks we want and not what we need to see.
[I]t was believed that the web would widen our connections with the world and expose us to new perspectives, Pariser said: Instead of being limited to the newspapers, books, and other writings available in our local communities, we would have access to information from all over the globe. But thanks to these new search-engine formulas, he said, the internet instead is coming to represent ‘a passing of the torch from human gatekeepers [of information] to algorithmic ones.’ Yet, algorithms don’t have the kind of embedded ethics that human editors have, he noted. If algorithms are going to curate the world for us, then ‘we need to make sure they’re not just keyed to [personal] relevance—they also should show us things that are important, or challenging, or uncomfortable.’
It seems that search engines may be focusing on personal factors, but are not personalizing the process. The user has no control over results. That customization is left to a rigid algorithm. If a restaurant says that they make burgers “made-to-order,” then I expect to be able to pick mustard and onions on one visit, and pick cheese and ketchup on the next visit. The server should not just look at my past orders and make an educated guess. There is nothing “personal” about that.
Could this lead some well meaning people down an unintended and risky path to censorship-by-computer. Users must gain more control over these search formulas. There are certainly times when social media parameters are acceptable, but sometimes you want and need to see the other side. It depends if you are settling an argument between your friends over song lyrics or writing a thesis on communism. Until users are offered more liberal control, I think this “personal” ranking system will actually suppress and limit a lot of important information that users are seeking. The social impact on a search comes at a pretty high price.
Jennifer Wensink, August 25, 2011
Sponsored by Pandia.com
More Open Source Woes: Malware Problem Grows
August 25, 2011
The article, Attack on Open-Source Web App Keeps Growing, on The Register, reports of an alarming attack on the open-source online shopping application, osCommerce. The attack injects malware into the computers of users of the shopping app.
Being open-source, osCommerce is understandably a very popular product for any online vendor. There own website boasts that over 250,000 shop owners, developers and entrepreneurs utilize their product. With that being the case, Amorize’s bleak report on the number infected with the malware is no surprise. At the time of publication of the article, experts estimated over 8.3 million pages were infected.
The attack is best explained by the article:
Armorize said attackers are exploiting three separate vulnerabilities in the open source store-management application, including one that was discovered last month. Harold Ponce de Leon, the lead developer of osCommerce, said there’s only one vulnerability that’s being exploited, but he admitted that no one on his team has spoken to anyone at Armorize to reconcile the difference of opinion.
This exploitation of open-source software is bad news for not only the open-source community, but also the search industry as well. The rate at which pages are becoming infected signifies how quickly one unprotected piece of software can infect an entire community.
There is a patch for the problem but unfortunately, as evidenced by the number of infected, it is not being applied. Anytime an update is available, it is imperative that users download it immediately. If you are using open source, you may have to worry about more than legal hassles. Will this affect Lucene and other open source search solutions? Stay tuned.
Catherine Lamsfuss, August 25, 2011
Sponsored by Pandia.com
Google Enterprise Elevates Its Game with Security Certification
August 16, 2011
Google recently announced that both their Google Apps suite and their Google Apps engine have received SSAE-16 security certification. The certification could open a lot of new doors for Google in the world of enterprise. ZDNet provides coverage in, “Google App Engine Now Officially Secure.”
The certification process covers everything from physical security at the data center to making sure that only pre-cleared staff have access to customer data, to evaluating Google’s redundancy and incident reporting . . . And the bottom line to all this is that several enterprises require their cloud providers to be compliant with these standards – formerly SAS 70, and now SSAE-16. And this means that Google App Engine is open to a whole new customer base, with confidences bolstered by an authoritative second opinion.
While not a major deviation from their previous certification, the stamp of approval from the American Institute of Certified Public Accountants is good business. As data continues to grow exponentially on the web and on the cloud, security will continue to be the top priority. Continuing to redefine themselves in a way that gives them freedom to rely less on their famous search model, Google now has the security authority to venture into new realms.
Google does not seem particularly quick off the security launch pad in our opinion.
Emily Rae Aldridge, August 16, 2011
Sponsored by Pandia.com, publishers of The New Landscape of Enterprise Search
-
- Subscribe to Beyond Search
Feature archive
News archive
-
