All posts tagged ‘facebook’

File Under: Mobile
Feb
29
2012

Facebook and Others Aim to Make the Mobile Web a Competitive App Platform

By

A coalition of 30 technology companies hopes to turn the web into a competitive platform for building mobile applications. They have launched a Core Mobile Web Platform (coremob) community group through the W3C to provide a venue for collaborating on next-generation mobile web standards.

Facebook and Mozilla are among the leading members of the group. In an announcement today, Facebook discussed its motivations for participating. The social networking company says users who access Facebook through the mobile website outnumber the collective audience of all Facebook’s native mobile applications.

Facebook consequently wants to ensure its mobile website matches the quality of the experience users get from the native applications. In order to make that possible, open web standards will have to evolve to offer tighter device integration.

Mozilla has been pursuing that goal with its WebAPI project. That has introduced new JavaScript APIs allowing web content to access underlying hardware components and platform functionality, such as the cameras and cellular radio. As we recently reported, Mozilla is using those new APIs in the Open Web Devices (OWD) platform, a mobile operating system that is based on the organization’s Boot2Gecko project.

Mozilla is also working through W3C to turn the APIs into open standards so they can be supported by other browser vendors. The coremob community group will provide a means for mobile web stakeholders to discuss their technical requirements and help shape the emerging standards.

Facebook also announced the release of Ringmark, a test suite for evaluating the capabilities of mobile web browsers. The tests will help developers make informed decisions about what features they can safely use in various mobile web environments. Facebook hopes such information will help developers contend with the highly fragmented mobile web browser landscape.

The Core Mobile Web Platform community group has announced Ringmark, a test suite for evaluating the capabilities of mobile Web browsers.

The tests consist of two separate “rings” which represent sets of standard web features. The inner ring focuses on fundamentals like support for HTML video, native JSON parsing, CSS animation, and the Canvas element. The second ring includes a broader feature set, such as fullscreen support, touch events, and the device orientation APIs. I ran the test suite on an iPhone 4S, which passed all of the tests in the first ring and 229 of the 306 tests in the second ring.

In addition to Mozilla and Facebook, the coremob community group also includes major mobile network operators, hardware manufacturers, mobile platform vendors, and other web companies. The lineup includes AT&T, Verizon, Samsung, HTC, Nokia, Intel, Microsoft, Opera, Adobe, Netflix, Zynga, Sencha, among others. Conspicuously absent from the list: Apple and Google.

This article originally appeared on Ars Technica, Wired’s sister site for in-depth technology news.

Tags: ,
File Under: privacy, Security, Social
Jan
5
2012

Worm Steals 45,000 Facebook Login Credentials, Infects Victims’ Friends

By

A worm previously used to commit financial fraud is now stealing Facebook login credentials, compromising at least 45,000 Facebook accounts with the goals of transmitting malicious links to victims’ friends and gaining remote access to corporate networks.

The security company Seculert has been tracking the progress of Ramnit, a worm first discovered in April 2010, and described by Microsoft as “multi-component malware that infects Windows executable files, Microsoft Office files and HTML files” in order to steal “sensitive information such as saved FTP credentials and browser cookies.” Ramnit has previously been used to “bypass two-factor authentication and transaction signing systems, gain remote access to financial institutions, compromise online banking sessions and penetrate several corporate networks,” Seculert says.

Recently, Seculert set up a sinkhole and discovered that 800,000 machines were infected between September and December. Moreover, Seculert found that more than 45,000 Facebook login credentials, mostly in the UK and France, were stolen by a new variant of the worm.

“We suspect that the attackers behind Ramnit are using the stolen credentials to log-in to victims’ Facebook accounts and to transmit malicious links to their friends, thereby magnifying the malware’s spread even further,” Seculert said. “In addition, cybercriminals are taking advantage of the fact that users tend to use the same password in various web-based services (Facebook, Gmail, Corporate SSL VPN, Outlook Web Access, etc.) to gain remote access to corporate networks.”

Facebook fraud, of course, is nothing new. Facebook itself has acknowledged seeing 600,000 compromised logins each day, although that accounts for just 0.06 percent of the one billion Facebook logins each day.

This article originally appeared on Ars Technica, Wired’s sister site for in-depth technology news.

Tags:
File Under: Identity, privacy, Social
Sep
23
2011

Facebook Wants Your Past, Present, and Future On Open Graphs and Timelines

By

Facebook will soon allow its users to integrate all of their music, media, and lifestyle actions and interactions with their profiles, Mark Zuckerberg announced at Facebook’s f8 conference yesterday. Connecting profiles to services like Spotify will allow users to fill out their own curated “Timeline,” so friends can see each others’ media activities both as individuals and aggregated over their entire network, a move that will explode the amount of content on the site.

The new arrangement is part of two new Facebook initiatives, one of which is the Timeline. Users can fill in their Timelines with both content pulled in from other services — say, an article “liked” on Ars Technica or a game played — as well as “real world” activities like photos or status updates. The real world content can be filtered by date into the timeline, so users can fill in their backstory on the site with everything that happened before Facebook existed: moves to a new city, first words as a baby, or every single relationship breakup pre-2004.

Once in place, the timeline will be the new News Feed, with friends’ updates streaming past. But not everything will make it into the Timeline: small updates, like what music friends are listening to, may be relegated to the Ticker, the integrated online friends/status update bar rolled out Wednesday. Users will be able to choose which activities are significant enough to appear in their timelines.

Zuckerberg also placed emphasis on the new use of verbs in timelines, which will allow people to sort their friends activities in different ways. For instance, with a status update reading “Casey Johnston is watching Veronica Mars for the millionth time,” users will be able to click both “watching” to see what else friends are viewing at the moment, or “Veronica Mars” to see a list of other friends who like Veronica Mars.

These updates will feed into the second new feature, Facebook Open Graph, which collects and ranks the the activities or items that friends are interacting with. Apps that integrate with Facebook will be sorted in Open Graph based on popularity with a user and his or her friends, including Spotify, Hulu, Netflix, Foodspotting, Vevo, and Nike+, among many others. Open Graph is intended to help with app discoverability, showing users what their friends are doing without flooding their feeds every time a friend kills a mobster or plants a new crop of corn.

When Timeline was introduced, Chris Cox, director of product at Facebook, noted that “there is nothing we love to summarize more than time itself,” stating that with the new features it would be possible for users to create months or years in review.

Of course, Facebook’s entire motivation isn’t just for friends to become more intimate with each others’ past and present. Daniel Ek, Spotify CEO, spoke briefly at the conference, and noted that “because our [Spotify's] playlists are social, they [users] are more engaged. And because they are engaged, they are more than twice as likely to pay for music.” For Spotify, which boasted 2 million paying members worldwide as of Wednesday, the exposure to the better part of a billion Facebook members could mean big bucks.

The new completionist Facebook is a significant departure from what Facebook’s most avid competitors, Google+ and Twitter, currently offer on their sites. If Facebook can get users to buy into putting their whole life histories on the site, the amount of content there will explode, and create an investment and representation of self users won’t be likely to abandon. And with more content comes more opportunities to target ads.

The beta for Facebook’s timelines begins today, with availability being rolled out gradually. Neither Zuckerberg nor any of the speakers mentioned a timeline for the new version, but we expect it will be sooner rather than later.

This article originally appeared on Ars Technica, Wired’s sister site for in-depth technology news.

Tags:
File Under: Browsers, Security
Nov
29
2010

Secure Firefox With New HTTPS Everywhere Add-on

By

Earlier this year, the Firefox add-on Firesheep created quite a controversy by making it easy to capture unencrypted web traffic.

Firesheep sniffs unencrypted cookies sent across open wi-fi networks. That means anyone with Firesheep installed can watch your browsing sessions while you lounge at Starbucks and grab your log-in credentials for Facebook, Twitter or other popular sites. Armed with those credentials, anyone using Firesheep can essentially masquerade as you all over the web, logging in to other social sites, blogs and news sites using your Facebook or Twitter username and password.

None of Firesheep’s mechanisms are new. But Firesheep made sniffing web traffic point-and-click simple — it was suddenly dead easy to do something that used to require a good bit of hacking knowledge.

The best way to protect yourself from Firesheep is simply avoid connecting to unencrypted sites when you’re on an open wi-fi network. That means making sure that you connect over HTTPS rather than HTTP everywhere you surf. But sadly, doing so is complicated and depends on which site you’re trying to connect to.

That’s where the Electronic Frontier Foundation’s HTTPS Everywhere Firefox add-on comes in. The extension makes it easy to ensure you’re connecting to secure sites by rewriting all requests to an HTTPS URL whenever you visit one of the sites it supports.

Of course if the website you’d like to visit doesn’t support HTTPS, there’s nothing the add-on can do, but for many big sites — Twitter, Facebook, Google, PayPal, The New York Times, Bit.ly, Amazon — HTTPS Everywhere automates the process for you.

With HTTPS Everywhere installed, if you type “twitter.com” in the Firefox URL bar, the browser will automatically connect to https://twitter.com rather than http://twitter.com.

That’s a good start, but it won’t completely protect you from anyone sniffing with Firesheep. The latest beta release of HTTPS Everywhere, released over the long weekend, improves the add-on’s protection against Firesheep, but you’ll need to do some extra stuff.

First, head the HTTPS Everywhere preferences (Tools -> Add Ons -> HTTPS Everywhere -> Preferences) and check the “Facebook+” rule. Then install the Adblock Plus extension and use it to block the insecure http:// advertisements and tracking sites that Facebook (and other sites) sometimes include. There are more instructions on the EFF’s site.

Now you can browse Facebook at the coffee shop in relative peace. Certain parts of Facebook may not work properly — some applications can’t use HTTPS, and the chat app won’t work — but at least you aren’t broadcasting your login credentials to anyone who wants to listen. The EFF says it has alerted Facebook to the incompatibilities, and that it’s waiting for Facebook to fix them.

See Also:

Tags: , , ,
File Under: Browsers, Social
Nov
7
2010

First Look at RockMelt, a Browser Built For Facebook Freaks

By

The rumor mill has been buzzing for months about the imminent arrival of a new “Facebook browser” called RockMelt.

Well, it really does exist, and it’s here. RockMelt is being released as a limited public beta Sunday. Anyone can sign up to test it out, but the release will be throttled so as not to overload the cloud-based components of the app. RockMelt will be doling out download links as quickly as it can manage on a first-come, first-served basis.

The two founders, CEO Eric Vishria and CTO Tim Howes, demonstrated RockMelt to Wired a few days before Sunday’s launch.

It’s based on Chromium, so it inherits Google Chrome’s speed, looks, and basic functionality on both Mac and Windows.

And while its Facebook integration runs deep, RockMelt is not exactly a Facebook browser. It’s a social web browser, allowing you to post links, videos and status updates to both Facebook and Twitter (that’s it for now, but more services will be added later). There are also built-in clients for consuming your Facebook feed and managing multiple Twitter feeds, a chat client, and lightweight RSS reader. It does use your Facebook account to personalize the experience, but its reach is broader than just Facebook.

We’ve seen browsers custom-built for the social web before, most notably Flock, which launched as a MySpaced-up version of Firefox. Mozilla experimented with Ubiquity, an in-browser tool for posting to different social sites and interacting with web services. There are a number of add-ons that can embed social networking dashboards into the browser for you. These tools have grown in popularity as we’ve struggled to manage the ever-increasing flow of links, media and bits shared by our online friends.

So, the idea isn’t original. And RockMelt doesn’t sport a complete re-invention of the browser interface, either. But it is very streamlined, and there are some key elements that people who live and breathe the social web will find intriguing.

Continue Reading “First Look at RockMelt, a Browser Built For Facebook Freaks” »

Tags: , , ,
« OLDER POSTS