Harry Potter and the Lesson in Online Safety

November 20, 2012 at 7:27 pm (internet, kids, security) (, , , )

In these days of children being online earlier and earlier, there is an increasing worry about online stranger danger and sites like Get Safe Online and organisations such as the Child Exploitation and Online Protection Centre (CEOP) and excellent resources like the ICO Youth website and Own Your Space spend quite a lot of time and effort attempting to educate the general public, and young people in particular about the issues associated with increased use of the Internet.

Well, it struck me today that there is already a very illustrative lesson of the dangers of using a mediated text-based communications environment where you easily build up trust but don’t really know who is on the other end – chapter seventeen of ‘Harry Potter and the Chamber of Secrets’.

When Harry is asking Tom Riddle how come he is standing ghost-like over the barely alive body of Ginny Weasley, he asks ‘How did Ginny get like this?’

‘ … I suppose the real reason Ginny Weasley’s like this is because she opened her heart and spilled all her secrets to an invisible stranger.’

‘My Diary.  Little Ginny’s been writing in it for months and months, telling me all her pitiful worries and woes …’

‘It’s very boring, having to listen to the silly little troubles of an eleven-year-old girl … but I was patient.  I wrote back, I was sympathetic, I was kind.  Ginny simply loved me.  No one’s ever understood me like you Tom … I’m so glad I’ve got this diary to confide in … it’s like having a friend I can carry round in my pocket …’

So what is the muggle equivalent of a ‘friend you can carry round in your pocket’?  Well, a collection of connected friends in your phone’s contact list of course.

So be careful who your friends are – who recieves your words as you write them on the page and they disappear like magic.  The illusion of trust is easy to come by on the Internet.  Just never confuse it with the real thing.  It could lead to the take over of your mind by the world’s most feared wizard …

So remember the wise words of Arthur Weasley … “Haven’t I taught you anything? What have I always told you? Never trust anything that can think for itself if you can’t see where it keeps it’s brain?”


Permalink 3 Comments

Not so secret secret questions

November 19, 2012 at 7:44 pm (moan, security) (, , )

I’ve always been slightly annoyed with ‘secret questions’ that aren’t secret, and consequently have for ages always made up an answer and if its been for a website I’m going to want to use again (rather than one of of those annoying websites that force you to register just to become a one-off customer of theirs) will keep a record of my answer somewhere.

Well I had classic confirmation of what a waste of time such things can be today.  I had an online account with a large retailer that wanted to know my favourite colour.  So I found something suitably obscure – at the end of the day there are plenty to choose from!

Now I can understand why the use of a second shared ‘secret’ (as long as it really is a secret) might be useful in an online system where you need some kind of assurance that the remote person is who they say they are.  But in this case, my wife was in the store doing something and they needed the answer to the secret question.  Of course, she didn’t even know the question let alone my obscure answer.

Now normally, she would probably have rang me to see if I knew or could find out, but in this case the store assistent said ‘never mind, lets try some’ … and typed in ‘red’, ‘blue’, and so on.  Then he said, oh, I’m not sure what other colours to try … so he rang their main office and explained that a customer was in store wanting to change something, but couldn’t remember her secret question answer … and then they asked to talk to her and asked for some personal details (date of birth, address, that kind of thing) and then promptly told her the answer to the question!

So, first of all, for the in-store situation, it just shows that it was totally unecessary to need the secret question at all – she was there, with account numbers, physical artifacts, personal knowledge, a store loyalty card – they really didn’t need anything else to know who she was – as evidenced by the fact that they were quite happy with all this information in order to disclose the secret answer!

And secondly, if the secret question is to be of any use, then they really can’t just put customer service over security and give it out to anyone who happens to be in the store, confident, annoyed with their systems and who happens to be armed with enough of someone’s personal information to sound convincing!

So – in summary, security is fine, but not at the expense of customer usability.  However, if customer usability just blows holes an any security defenses, and no one seems to mind, then someone should really be asking some serious questions about the need for such security in the first place!  Also, while I’m at it, this also shows that something that can be secure enough in one context (e.g. online transactions) can be totally pointless in a different context (i.e. when the same system is used ‘in person’).

I suppose I also should point out that a security question that a huge majority will answer with, I assume, something like one of only twenty odd values is also a bit meaningless.  So in future, when asked for your favourite colour for a security question – I recommend getting a little more inventive. Just don’t forget to make a note of it somewhere!


Permalink Leave a Comment

Can I have some friction in my sharing?

November 6, 2012 at 8:07 pm (internet) (, , , , )

I’ve hated the idea of “frictionless sharing” ever since I first saw the Facebook Yahoo! app post to my Facebook wall that I’d read one of their articles (I instantly removed the post, remove the app, and haven’t clicked on a Yahoo! link since).

I share the view that I’ve now seen in a number of places – this might be frictionless but it isn’t sharing.  At best is automatic visibility.  Sharing is something you do when you make a conscious decision that someone else might be interested in something you have to say.  It is curation or cultivation of some context that you have filtered out from everything else and decided is worthy of a wider audience.  It is making time to make a point (like this blog post perhaps) and making a, hopefully small amount of effort, but still a conscious effort, to pass it on.

The use of social media is a performance – it is constructing a view of ourselves that we would like others to see.  Most hope that their status will be construed as witty, intelligent, cool or be looking for some reaffirmation from friends or some token of support or validation of their actions … whatever, but the point is that this is all part of someone saying “this is me”.

So when I see apps that automatically post that so-and-so has read such-and-such an article, and is listening to this or that, I often wonder if that is part of the image that the person is happy to be presenting.  Often it is – but sometimes you wonder why someone is reading a specific article.  Of course what is missing is the reaction to the article.  Yes I might read an article about something, but did I like it?  Did I agree with it?  Did it disgust me?  When I had to click “Like” to get it listed on Facebook, that would give a clue.  When I have to click “share” to post it, I get the option of some context as to why I’m posting it.  When the app posts on my behalf, noone has any idea about the context of my reading it and may attempt to draw their own conclusions (most of which will almost certainly be incorrect).

I fully subscribe to the idea of people have private thoughts to experiment with ideas and consider a range of options before making up their minds about something.  They should be free to follow a range of links about a topic, many they won’t agree with – only then can they get a well-rounded view of it all.  But in an age of “frictionless sharing” will people start to think twice before they click on a link or see a film or watch something on TV or listen to that track?  Will we slowly breed a society of banal conformity?

Well maybe there is hope – it would appear that the idea of automatic posting may be starting to take its course.  Yes it might be good for Facebook to decide that telling your friends that you’ve clicked on something will increase their internal hit counts and encourage your friends to click too, which helps their ad business … but it would appear that some are starting to question it too.  At last.

You used to be able to pick up a book or read an article and keep the knowledge of the activity firmly in your own head.  This is a good thing.  Lets hope it’s not too late to turn that around.

Further reading on this topic:


Permalink Leave a Comment

An Elite Circle of Friends

November 1, 2012 at 9:46 pm (internet, odds) (, , , , , , , , )

Now this is an intriguing idea – from a post on failblog – run your Facebook account with a strict friends limit, say of 10.  Then when a new friend request comes in, only accept it if you are willing to delete one of your existing friends …

Well, according to Dunbar’s number, we can only cope with social groupings of 150 or less anyway – and massive Facebook friends lists don’t change that no matter how many people shout to have more than 5000 listed on the site.  In fact, what is a friend anyway on such sites?

In fact, there are social networks that limit your number of contacts – Path does in fact limit you to 150.  But if that is still too many, at the other extreme is Pair – the social networking tool to share and communicate with just one other person.

I wonder if you could combine the ideas of chatroulette (“Broadcasting nudity or suggestive content is not allowed” – yeah right) and facebook and create a friendroulette service – a social network where you always have, say, 20 friends total but every day a new friend is added and one is taken away.

Maybe it could be limited to certain common interests, or maybe just completely random (although probably assuming you speak the same language otherwise it might be a bit pointless).

Or how about a musical chairs social network?  Start with 100 friends, but everyday one drops off the list?  Maybe you get the option to keep the winner as a permanent contact?

Or maybe a network where you are only allowed to add a new friend if someone else has added you and if someone unfriends you, it randomly drops someone from your own list too.

Or possibly a network where you had to earn friendship – it would automatically add you once your paths have crossed a few times and you really have a connection and something to share with each other.  And if you stop talking to each other, the connection fades until its gone completely (a bit like an ant trail).

Geo-fenced social network?  Your list of friends only consists of those who have been in the same physical location that you are now in during a set time period – maybe the last week.  As you move around, the list of people changes creating a link across time to the same space.

Would be one way to beat the Filter Bubble at any rate and introduce a little serendipity back into meeting people.


Permalink Leave a Comment