Person Career

"Move Fast, Break Trust?"

This week’s blog post is written by fellow PhD Candidate Nicholas Gorski, who came across yet another bug in Facebook’s privacy during the latest rollout. The post germinates from a discussion about how the motto “Move Fast, Break Stuff” sounds fun for an engineer, but is this attitude apt when it comes to your relationships with your friends and family? As an explicit clarification to the engineers at Facebook: This post is intended to incite thought about attitudes towards privacy models, and not make any claims about coding abilities or the inevitability of bugs. —arnab

 

Mark Zuckerberg’s motto for Facebook, now used as company differentiator in engineering recruiting pitches, is “move fast, break stuff.” As previously reported, Facebook certainly broke things in changes pushed out Tuesday evening: By previewing the effects of your privacy settings, you were briefly able to see your profile as if you were logged in to a friend’s account, which enabled you to view your friends’ live chats as they were taking place, as well as look at pending friend requests.

Tuesday’s changes apparently also broke another privacy setting, though. By now, everyone is aware that Facebook exposes privacy settings for personal information in your profile. This includes items such as your Bio, description, Interested In and Looking For, and Religious and Political Views. However, Tuesday’s changes appear to expose this information to everyone in your network regardless of your privacy settings and even whether or not they are your friend.

[click the pictures to enlarge]
Screen shot 2010-05-06 at 2.27.40 PM

Screen shot 2010-05-06 at 2.27.49 PM

Try it out for yourself. First, set the privacy settings for some of your personal information to exclude certain friends of yours that are in your network, and then preview your profile as them. If the privacy breach hasn’t been fixed yet, your friend will still be able to see your personal information even though they shouldn’t be able to according to your privacy settings. As we mentioned, this extends beyond your friends: anyone in your network may be able to view your personal information (it may even extend beyond your network).

Screen shot 2010-05-06 at 2.27.55 PM

Screen shot 2010-05-06 at 2.28.02 PM

(Note: the privacy leak may have since been fixed… although an awful lot of people now have public quotations on their profiles.)

Unfortunately, it’s unlikely that this bug is going to get the attention that it deserves. Facebook is exposing a privacy policy to its users, but is broken such that it ignores this policy. Upon rolling out Buzz, Google was lambasted in the press for defaulting to a public privacy policy for your contacts – if you opted in to creating a public profile. In this case, Facebook let you set an explicit privacy policy, but then exposed that information anyway.

How could this seemingly minor privacy leak hurt anyone, you might ask? The canonical example of the danger of Buzz’s public contacts was the case of the female blogger with an abusive ex-husband. No harm actually befell this security-conscious blogger, but it certainly could have. In the case of Facebook’s privacy breach, the information that was made public was only profile information relating to your biography, religion and romantic preferences. Given the masses of Facebook users, how many people’s sexual preferences could have been inadvertently outed? How many people could have had potentially embarrassing biography information exposed to their parents, people in their network, or potential employers? The privacy safeguards are there for a reason, after all.

One might be inclined to write it off as a mistake, potentially a bug in a PHP script written by a junior software engineer — something hard to believe, given the reported talent of their employees. But Facebook’s motto, and their current agenda, makes it clear that the privacy leaks that have come to light this week are more than that. They are a product of corporate indifference to privacy; indeed, Facebook’s corporate strategy for monetizing their site depends on making as much of your information public as they can. The EFF has repeatedly sounded alarms about the erosion of privacy on Facebook, but is it too late?

Much of the information that was once personal and guarded by privacy settings has now migrated to the public portion of the site, and has been standardized in order to facilitate companies using your personal information to tie in to their marketing and advertising campaigns. The books that you like, the music that you listen to, your favorite movies: all of these are valuable data that companies will pay Facebook for, in aggregate. It will allow them to target you more specifically. When you expose this information publicly, though, are you really aware of how it will be used – not just today, but tomorrow? Information will persist forever in Facebook’s databases, long after you delete it from your profile.

In the meantime, Facebook’s corporate attitude of playing fast and loose with your profile information makes it likely that future privacy leaks will occur — that is, if any of your profile information remains private for much longer.

RIP, Asheem Chakravarty

Indian Ocean’s percussionist and singer, Asheem Chakravarty passed away yesterday after a heart attack. This is truly sad news; Indian Ocean is one of my favorite bands and I have been to many of their concerts. Losing a member of a band as tight-knit and flawless as Indian Ocean is quite a big blow. My heart goes out to Asheem’s family and friends, Sushmit, Rahul, and Amit.

Asheem’s percussion was the backbone of the band, and if you listen carefully you’ll notice that it only stops for one thing — his vocal solos (This is why having 2 percussionists in a band is awesome). My most distinctive memory of Asheem is his solo singing of a sloka that opens a song from the Kandisa album, Khajuraho:
Brahmanandam parama sukhadam kevalam jnanamurtim dvandvaateetam gagana sadrusam tatvamasyadi lakshyam ekam nityam vimala machalam sarvadheesaakshibuutam bhaavaateetam triguna rahitam sadgurum tam namaami.

(Rough translation from here — “I salute to that true teacher who is the source of eternal bliss, supreme happiness, who has true wisdom who is beyond the dualities, who is infinite, whose attention is always on the divine, who is unique, eternal, pure, steady, and who sees with the eyes of wisdom who is beyond thoughts and beyond three faculties.”)

I am thankful for the wonderful rendition of slokas that are thousands of years old into your songs and making this accessible to our “pop-rock” generation. You may not be with us any more, but your voice and your tabla will echo in the universe forever. Rest in peace.

Street View Fun

Here’s a fun video:

Ever wonder what it’s like for the dudes who have to drive those Google camera cars around? I think it’s a little something like this…

 
On the other side of the Atlantic, to promote the UK band Editors’s new album, Sony has produce a new streetview hack, where you have to browse around London to discover hidden things :

This is how it works: a cleverly hacked version of Google Street View allows users to preview tracks from the album in the areas of London that inspired them. As well as being able to move around as you would in the normal Google Street View, there are red arrows to find in nine different London locations (one for each track of the album) that each point to a location off the road – click it to find custom panoramic photographs of the band, shot at night by photographer James Royall.

Here’s a preview video of the game:

|

Barack Obama Nobel Prize Sound Bites

From the Wikipedia :

On October 9, 2009, U.S. President Barack Obama was awarded the Nobel Peace Prize less than one year after his taking office (in fact, the nominations closed on February 1, about 11 days after Obama took office). While the committee praised his ambitious foreign policy agenda, it acknowledged that he had not yet actually achieved many of the goals that he had set out to accomplish. Former Polish President Lech Wałęsa, a 1983 Nobel Peace laureate, commented: “So soon? Too early. He has no contribution so far. He is still at an early stage. He is only beginning to act.”

This is pretty amazing news. My Facebook, News and IM streams are flooded with one-liners. I though I’d collect them all:

  • “I too would like a Nobel Peace Prize for the thesis I am about to write in the future.” — me
  • “it’s a pretty swell booby prize for losing out on the Olympics” – n.d.
  • “Surely preventing Sarah Palin from taking over the free world deserves a prize… even if it is a Nobel?” — v.b.
  • ““NASA bombs moon”; “Obama wins Nobel Prize” — is today Onion News Day?” — me
  • “Barack Obama linked to terrorist Yasser Arafat” — fark via a.a.
  • “The Nobel? Really? I mean, cool…but it seems like we have our cart on the wrong side of the horse. Not that it isn’t a very nice cart.” — c.m.
  • “…thinks they might as well have given him the Nobel Prize for Literature, Chemistry (we’ve all seen the shirtless photos), Physics and Economics as well. Oh and made him a Knight Commander of the Order of the Bath” — r.d.
  • “Nobel Committee Rewards Obama For Not Being Bush” — f.n.
  • “I just want to point out that the Nobel Committee made its decision BEFORE Miley Cyrus quit Twitter.” — j.h.
  • “Obama will win a second Nobel next year if he can restrain himself from reacting to the snark generated by this one.” — m.w.
  • “Pretty sure Obama will just trade in his Nobel for a Google Wave invite.” — t.b.
  • “The news of Obama’s Nobel Peace Prize spreads. Across the miles I can almost HEAR my dad’s eyes rolling.” — p.g.
  • “Obama wins Nobel Peace Prize? About time Rakhi Sawant wins an Oscar, then.” — s
  • “If you don’t think Obama deserves that Nobel, then you’ve never seen Sasha and Malia fight.” — a.e.
  • “Apparently Arizona State has a higher standard than the Nobel Committee. Good thing I never tried to apply there.” — r.m.
  • Business Insider has some more.

At the Yahoo! Key Scientific Challenges Graduate Student Summit

I’m at the Yahoo! Graduate Student summit for today and tomorrow. About the event:

On September 3 and 4 the Academic Relations team will host 21 exceptional PhD students at the Key Scientific Challenges Graduate Student Summit. These students are winners of this year’s KSC program, and over the course of the two day summit they will be attending tech talks and workshops, presenting their work, and discussing research trends with top researchers from Yahoo! Labs. These 21 students will also be joined by the program’s past winners and Yahoo! Student Fellows.

Thought I’d share notes:

  • Great spread of grad students in terms of research areas. HCI, Economists, Social Scientists, apart from typical CS people.
  • Presenters for Thursday:

    Welcome & Overview of Yahoo! Labs
    Prabhakar Raghavan, Head, Yahoo! Labs

    Search Technologies Overview
    Andrew Tomkins, Chief Scientist, Yahoo! Search

    Machine Learning & Statistics Research Overview
    Sathiya Keerthi Selvaraj, Senior Research Scientist

    Economics and Social Systems Research Overview
    Elizabeth Churchill, Principal Research Scientist

    Computational Advertising Research Overview
    Andrei Broder, Fellow and VP, Computational Advertising

    Web Information Management Research Overview
    Brian Cooper, Senior Research Scientist

  • Posters for the poster sessions look pretty awesome!
  • |

    "My pledges as a reviewer"

    CUHK Professor Yufei Tao’s homepage has this interesting tidbit:

    My pledges as a reviewer:

    • I will treat your work with respect.
    • I will spend enough time with your paper. I will not make any decision without a good understanding.
    • In case I decide to recommend rejection, I will do so on solid grounds. I do not reject papers based on subjective and vacuous statements such as “I don’t like this idea”.
    • I will write reviews in a courteous manner. I have seen harsh reviews by other people which heavily mention my publications, and thus make people feel I was the reviewer. I will never do anything like this.
    |

    Maintained Relationships on Facebook

    Facebook Research Scientist Cameron Marlow has some interesting thoughts about Maintained Relationships, people who often stalk each other’s feeds, but don’t necessarily talk that much:


    In the diagram, the red line shows the number of reciprocal relationships, the green line shows the one-way relationships, and the blue line shows the passive relationships as a function of your network size. This graph shows the same data as the first graph, only combined for both genders. What it shows is that, as a function of the people a Facebook user actively communicate with, you are passively engaging with between 2 and 2.5 times more people in their network. I’m sure many people have had this feeling, but these data make this effect more transparent.

    I’m really jealous of the Facebook Data Team. They get to play with all that data!

    Brink of crashing

    Indy racer Danica Patrick had a memorable quote in this nice Honda promo :

    If you’re driving your car and you feel frightened a little bit, we bump up against that feeling as much as we can to try and push that limit further, and get comfortable there and then push it again, so you’re constantly on the brink of crashing, because that’s the fastest.

    | |

    pepsi rebranding

    Brand New reports the purported rehaul of Pepsi’s entire branding inventory :

    More information at Adage.com (Google cache link) :

    NEW YORK (AdAge.com) — PepsiCo today said it will pour some $1.2 billion over three years into a push that will include sweeping changes to its brands, including what Chairman-CEO Indra Nooyi characterized as a revamp of “every aspect of the brand proposition for our key [carbonated soft drink] brands. How they look, how they’re packaged, how they will be merchandised on the shelves, and how they connect with consumers.

    The white band in the middle of the logo will now loosely form a series of smiles. A “smile” will characterize brand Pepsi, while a “grin” is used for Diet Pepsi and a “laugh” is used for Pepsi Max. Also, Mountain Dew will be rebranded as Mtn Dew.

    daily cute

    Sculpted Beastlies by webcomic artist and sculptor Leslie Levings.

    |