Posts Tagged ‘Facebook’

« Older Entries

Facebook – Your Identity Neighborhood Watch

Friday, December 3rd, 2010

NW-Logo
A couple of years ago Facebook released Facebook Connect. According to them:

“Facebook Connect is the next iteration of Facebook Platform that allows users to “connect” their Facebook identity, friends and privacy to any site. This will now enable third party websites to implement and offer even more features of Facebook Platform off of Facebook – similar to features available to third party applications today on Facebook.”

While it provides an easy way to extend your login to other sites, it also, perhaps, has another hidden advantage.  Presence has become more prevalent across Facebook. While that may help your employer know you online at work, it also lets your friends know that you are around.  When I’m talking about presence information, I mean the following quoted from Wikipedia:

“presence information is a status indicator that conveys ability and willingness of a potential communication partner—for example a user–to communicate.”

Since you need to log in to Facebook to access these sites, you in essence tell your friends that your online.  So, your friend list becomes a neighborhood watch for your identity.  Perhaps they see you online when they know you are out of town or maybe it is other odd behavior that seems out of place.  It’s behavioral security at its finest.  There is also the built-in alerting mechanism of the multiple text messages to check your account and reset your password from all those friends looking out for your best interests.

I suppose there is also an advantage in that you control a site’s access to your information.  At least somewhat… and I guess if you trust your identity to Facebook. I was not too fond of Facebook Connect initially. Maybe I should give it another shot…

What do you think?

Tags: , ,
Posted in Identity and Access Management, Social Networking | No Comments »

Authentication By Location?

Wednesday, September 22nd, 2010

Recently my wife & I decided to activate our home security system. We’d lived in our house for more than 2 years without it, but some recent thefts in our area convinced us it was time to bite the bullet. Thanks to this latest addition our home security setup now boasts:

  1. Handle locks & deadbolts on all the doors
  2. The aforementioned security system
  3. Motion lights in the yard
  4. 1 ferocious Labrador Retriever named Brisco
  5. The sonic fence from LOST

OK, perhaps #5 was a stretch. But hopefully you get the gist of what I’m saying, which is that layered security methods = greater overall security. If all I did was use handle locks on my doors, this would be the technical equivalent of using ’123456′ as my password (on second thought, having a weak password might be akin to foregoing locks entirely!).

I'd think twice before crossing...

I'd think twice before crossing...

Earlier this week, Google opted to enhance its own security measures by offering two-factor authentication for certain segments of its Google Apps user base. The logic behind this method is for the user to combine something she individually knows with something she uniquely has, making it significantly more likely that the user is who she says she is. In Google’s case what the user has will be her mobile phone, which will receive a randomly generated pin for the user to enter into the web browser in order to complete the authentication process. Seems like a perfectly acceptable solution, right? But for those of us in the security space, it also gets the brain churning about other ways this can be accomplished. What else does a user have that might be useful in confirming their identity?

A recent ZDNet blog post by Joe McKendrick pointed out another thing that everyone has: their location. McKendrick suggests that maybe, just maybe, location could eventually play a role in identity verification. I’m an avid Foursquare user so of course this is a topic that interests me. Furthermore, we’ve all received those courtesy calls from our credit card companies when we’re running up charges from a location that’s far enough from home that they suspect them to be fraudulent. Facebook has implemented a similar, automated location-based security check. Last month Finsphere announced PinPoint, “the first location-based fraud monitoring service” for the financial services industry. Today Location Labs announced “a ‘Universal Location Service’ platform that aggregates locations of phones across carriers for developers and centralizes privacy management for end-users” (via ReadWriteWeb). The old saying “location, location, location” has never been more accurate. But is this approach viable and secure at a time when location spoofing is only an iPhone app away?

This is where I’d like our readers to chime in. Can you see a scenario where location (via a mobile device) becomes part of a reliable authentication scheme? Is it possible to eliminate or minimize the risk of location spoofing? Feel free to leave a comment…

Tags: , , , , , , , , , , , , , , , ,
Posted in Facebook, Identity and Access Management | 1 Comment »

Putting the Practical Back in IAM

Wednesday, June 16th, 2010

2353470227_cf37943a16-1Let’s face it: explaining Identity & Access Management to a layperson isn’t easy. How often do those of us who work in the space respond to the simple question “so what do you do?” at a cocktail party or a family event, only to see that familiar glazed-over expression less than 30 seconds into our reply? IAM is a space that’s prone to acronyms and cryptic concepts: SSO, virtual directory, WAM, federation, SAML, LDAP, etc. Of course, the issue here is not so much that these concepts are over your grandmother’s head. The problem comes when your grandmother is a high-level executive trying to figure out how IAM is going to provide significant ROI for her company. As product and service providers in this space, we’re the ones responsible for making the practical case for Identity & Access Management. My belief is we could all be doing a better job of this.

The inspiration for this post was a recent interview conducted with Dieter Schuller, VP of Business Development for our partner Radiant Logic. The interview covers its own fair share of acronyms and concepts, most of which are at the core of what this blog’s readership does for a living. But eventually it shifts into a practical (and very powerful) example of what identity correlation can do for a business, courtesy of Dieter:

For example, we just worked with a major electronics company, where they started with access management, single sign-on, delegated administration, but they wanted to make their portal a much better experience so when the user logged in, rather than just serving up products, the idea is you know enough about me because you have an order entry system that tracks what I bought online, you have a product registration system that tracks what I bought offline, you have a product database so you know that I bought a camera and now you should try to sell me a camera case.

They actually took it a step further and actually integrated it to their partner systems as well. They have a relationship with Facebook, for example, and, for that particular identity, started to look at what their movie and music preferences are and serving up content based on that.

Take a step back and think of what this interview would have meant to a non-IAM professional had it not included this real-life scenario. I think it would have led to multiple Google searches to define MDM, CDI, virtual directory, etc, if the reader had the time. Instead the reader comes away thinking about what this technology meant to an electronics company and how this might help his/her own business. In the real world this can mean the difference between a company becoming a prospect, and a prospect becoming a client or a customer.

“For example” can be powerful words in the context of security technology. We need more for examples in this space, not less. Have you seen examples of IAM companies providing practical real-world descriptions of how their products and services are being leveraged? If so, please share in the comments!

Tags: , , , , , , , , , , , , , , ,
Posted in Identity and Access Management, Virtual Directory | No Comments »

New IHaveKids Feature – Create a mug

Tuesday, February 3rd, 2009

Today we launched a new feature in our ‘I Have Kids’ Facebook app.  Users will now have the ability to order mugs containing their child (or friend’s child) profile photo, or a mug containing the photo and the child’s current status message.

On the My Kids page, you will three ways to create a custom mug.  Next to the child’s status message, you will now see a small red mug icon.

Clicking on this will allow you to order a mug containing the child’s current status message and profile photo.

In the bottom left corner of the child’s profile, there is a link allowing you to order a mug containing just the child’s profile photo (“Order a ‘Bobby’ Mug”).    There is also a link allowing you to order a generic mug using any photo you have stored in Facebook album (“create your own mug”).

On the Friends Kids page, you will also have the ability to order either of types of mugs mentioned above (profile photo, or profile photo and status message).

We will be experimenting with adding the ability to order other custom products in the future.  As usual, please send us your feedback.

-Dave

Tags: , ,
Posted in Kids, Social Networking | No Comments »

Facebook's New Trojan Horse?

Friday, January 30th, 2009

As anyone who knows me will attest, I am a certified Starbucks junkie. I own a Starbucks Gold Card, my Twitter profile page is adorned with a photo of a Starbucks cup, and the manager at the local Starbucks shop greets me like I’m one of her children. So you can only imagine how happy I was to find the My Starbucks app on Facebook several months ago. This app allowed me to proudly display my favorite drink, the grande non-fat Caramel Macchiato, for all my Facebook friends to see.

Yesterday morning I received a curious e-mail:

———- Forwarded message ———-

From: My Starbucks <apps+ohiz1c=1@facebookappmail.com>

Date: Thu, Jan 29, 2009 at 5:29 AM

Subject: My Starbucks

Thanks for using My Starbucks. We are excited to announce that, as of next week, My Starbucks’s name and functionality will be changed to SpeedDate. Data entered into the original app won’t be used anymore. Soon you’ll be able to try SpeedDate, the fastest way to meet new people, so stay tuned!

Thanks,

My Starbucks

P.S. If you want to opt-out of this app, click here.

This email was sent by My Starbucks. You can disable emails here.

Read that again if you need to. It took me several reads for the message to sink in.

My Starbucks, a coffee-focused app, is changing to… SpeedDate??

WHAAATTT?!?! So now this application’s 20,000+ monthly active users who put their trust in a coffee app are going to be asked to date each other?

Call me cynical, but this move has all the makings of a trojan horse. My Starbucks worked its way into users’ Facebook profiles under the guise of being a coffee aficionado’s tool, built up a critical mass of loyal users, then sprung the SpeedDate concept out of nowhere.  Granted they’ve e-mailed notice to users, but its matter-of-fact tone makes it sound as if this was a natural and obvious move. Given that the viral growth of Facebook apps has slowed considerably as Facebook has cracked down and imposed limits on the mechanisms applications once used to spread, it makes sense that the developers would want to launch SpeedDate with a significant head start rather than starting over from scratch.

Frankly, it’s tough to understand how Facebook can let this happen. Users give applications access to their profiles with the understanding that they are going to provide certain types of functionality around a very specific theme. Granted application developers may change the way things work and add new features over time, but if I add TripAdvisor’s Cities I’ve Visited app I would not expect to receive a message later down the road saying they’re changing their focus to virtual pets. On the other hand, I could not find anything obvious in the Developer Terms of Service that would prevent such a transition from occurring.

In the event this move is legitimate, it opens up some interesting possibilities in the application marketplace. Potential buyers would no longer need to care about an application’s functionality or theme when considering a purchase. What would prevent Mark Cuban from purchasing RockYou!’s Super Wall and its 12 million+ monthly active users in order to build out a new application that promotes the Dallas Mavericks or his HDNet venture?

What’s your take? Do you think Facebook will ultimately allow this transition to take place? Do you think they should? Is my outrage over this move fueled by my sadness over losing My Starbucks? Feel free to chime in with your comments below! In the meantime, I’ll be heading over to Starbucks for my morning jolt… ;-)

-Chad

Tags: , , ,
Posted in Social Networking | 2 Comments »

A Milestone Is Reached: 100,000 Users

Tuesday, January 6th, 2009

[Photo by h.koppdelaney]

A couple of days ago we reached an important milestone for our ‘I Have Kids’ Facebook application.  There are now 100,000 people using our application!  We’d like to thank all our users for helping us reach this goal.

In a previous blog post we described our contest where the person who invited the 100,000th ‘I Have Kids’ user would get a $250 AMEX card as a prize.  Well, we have a winner!  Cassi Navarro from Arizona (USA) invited our 100,000th user.  Congrats Cassi!  As promised, CoreBlox will also be donating a matching $250 to the CoreBlox Penny Campaign charity of Cassi’s choice.

 

-Dave

Tags: , ,
Posted in Kids | No Comments »

'I Have Kids' Changes

Monday, December 29th, 2008

 

Last Friday we released a new version of our ‘I Have Kids’ Facebook application.  This release included the following changes:

 

  • New Feature:  Narrow Profile Box Support
    • Users now have the option of moving their ‘I Have Kids’ information from the Boxes tab on their (parent) profile to Facebook’s narrow profile box (in left hand column)

                    

  • New Feature: Wall Feed Story
    • After a user comments on a child’s wall, a newsfeed story will be posted to that user’s profile

                    

  • Enhancement:  We now default the Parent1 field to the currently logged in Facebook user.  This will prevent user’s from accidently creating a child profile that they do not get access to.

          

  • Fixed: Some users were seeing errors at the bottom of their FriendsKids page.  This has been resolved.
  • Fixed: Emoticon feed story text
    • We have improved the text and grammar of some of the emoticon news feed stories that are generated when a parent update’s their child’s emoticon
  • Fixed:  After creating a new child profile, users will no longer see a feed story on their Facebook profile saying that today is the child’s birthday (unless it actually is).

 

-Dave

Tags: ,
Posted in Kids | No Comments »

Invite our 100,000th user and win $250!

Thursday, December 4th, 2008

Our ‘I Have Kids‘ Facebook application is fast approaching a major milestone: 100,000 users!  As a token of appreciation to those who have helped spread the word, we are going to give a $250 AMEX gift card to the person who invites the 100,000th user (the person you invite must add the application).  Furthermore, we’re going to donate an additional $250 to the Penny Campaign charity of that person’s choice.  Don’t miss the chance to win some extra holiday shopping cash and help a worthy charity in the process.  Invite your friends to try I Have Kids today!

-Dave

Tags: ,
Posted in Kids | No Comments »

New 'I Have Kids' Feature: Walls

Tuesday, December 2nd, 2008

Today we launched a new feature on our ‘I Have Kids’ Facebook app that has been on our to-do list and that users have requested over time.  Most Facebook users are already familiar with the Wall concept.  The recent redesign of Facebook did away with this classic Wall feature, but we decided to include it in our app.  The Facebook Wiki defined a Wall as “a space on each user’s profile page that allows friends to post messages for the user to see while displaying the time and date the message was written”.

The goal is to allow users to interact more within the app.  We feel that including a Wall on each child’s profile is one of the best ways to achieve that.

Contact us with any feedback.  Happy Commenting!

Thanks,

-Dave

Tags: ,
Posted in Kids | No Comments »

Become a Fan!

Tuesday, November 25th, 2008

Since some people may not be fully aware of our presence on Facebook, I figured I’d list all the ways you can interact with us on the social network that adds 1 million new users every 4 days.

 

  • Become a fan of CoreBlox (the company): this is a great way to keep up with what we’re up to at CoreBlox and show your support
                

CoreBlox, Inc. Fan Page

 

 

 

  • Become a fan of our ‘I Have Kids’ Facebook application:  this is where you can get info on what changes we have been making to the app, see a list of which of your friends use the app, and ask us and the rest of the ‘I Have Kids’ user community questions about the app or provide general feedback
      'I Have Kids' Fan Page
      
-Dave

Tags: ,
Posted in Kids | No Comments »

« Older Entries