Reporting Timor

By | November 22, 2011
0 Comment

Further to my post about the dearth, despite millions of dollars of aid, of any local Timorese media outlet reporting the chaos/civil war going on Timor Lorasae, here are some bloggers who stepped into the breach. Of course, they probably have satellite connections, but they convey authentic and powerful accounts of what they’ve seen:

  • Diligence, “Random observations from an English speaking foreigner in Dili, Timor-Leste”. Still in Dili, it seems. “I can’t see things improving greatly for a number of days except if you are journalist. For them, this is what they get up in the morning for.” Er, true.
  • Lookingglass View, Sue. Nicely written. Still there it seems: “What kind of world do we live in when a 3-year old knows that a Blackhawk means you are safe?”
  • Dili-Dallying, “Two years in Timor-Leste”. “As I sit here, typing this post, I can hear the sound of gun and mortar fire. It’s been going on for four hours already.”
  • tumbleweed in timor lorasae, Singaporean Bridgette, who writes trenchantly and well. She left at the weekend, but is still in contact with folk in Dili. “The police man died. NO ONE should die this way.”

Some good writing in here. Thank God for blogs.

Symantec’s Hole

By | November 22, 2011
1 Comment

I am starting to be a bit concerned about the future of blogs, but there’s no question a blog is the best way to get information out to people quickly, especially if it’s about the Internet, technology or tech-related stuff. It needn’t be a blog, but it needs to share the blog’s most powerful features – speed, easy to use and easy to find, and deliverable by the best mechanism we’ve come across so far: RSS.

Case in point: Symantec, one of the world’s biggest makers of antivirus software, are red-faced after EEye Digital Security revealed on Thursday that it had found a software vulnerability inside Symantec’s Anti-Virus Corporate Edition 10.0. As darkreading says, the vulnerability  requires no user intervention and could be used to create a worm. This is an important event, and Symantec need to let their customers, and people in general, know about this as soon as possible. So why is the company’s website making no reference to the exploit, except for a “Symantec Client Security and Symantec AntiVirus Elevation of Privilege”, which cannot mean anything to anybody except the smallest circles (an Elevation of Privilege, is, according to Microsoft, “the process by which a user obtains a higher level of privilege than that for which he has been authorized. A malicious user may use elevation of privilege as a means to compromise or destroy a system, or to access unauthorized information.”)

No mention in the heading of a vulnerability, or a problem with the very software that is used by a lot of people. Unless you really know what you’re looking for, the advisory doesn’t really shed much light on the issue. Nor does Symantec’s main website: While the main page includes a link to the advisory under its Recent News tab on the left of the page, with the less than informative “AntiVirus Notice: Norton Customers Not Affected; Advisory for Corporate Customers”, I could find no press release two days after the vulnerability had been found and been acknowledged by Symantec. The latest Symantec news release is from Wednesday, the day before the vulnerability was found, and there’s nothing there I can find that relates in any way to the issue at hand. This despite there definitely being a statement out there, because eWeek quote a statement from a Symantec spokesman sent to the magazine.

I’m requesting a comment from Symantec to see what they say about this. Apologies if I’ve missed something here, but my feeling is that Symantec need to be very upfront about this kind of thing — a vulnerability in a piece of software its customers rely on to keep out the bad stuff — and to inform readers, journalists, users and investors in a faster, more open and more informative way than they did so far. A blog would be the perfect place to start.

Internet Darkness Over Timor

By | November 22, 2011
1 Comment

Timor-Leste is, sadly, again exploding into violence as disgruntled former soldiers have turned on their former bosses. Australian and New Zealand troops have been deployed in the country in a sad echo of what happened in 1999. This after billions of dollars of aid from the West to rebuild a nation that survived a quarter century of Indonesian occupation and a brutish withdrawal that left most of the Indonesian-built infrastructure in ruins or flames.

But there’s another sad aspect to this story: Millions of dollars from governments and multilateral organisations have been invested in the East Timorese media but nowhere can you find an active East Timor-based web site shedding light on the situation. All 1,500+ news reports that one can find on Google are all from foreign news sources. The web site of Suara Timor Lorasae, formerly Suara Timor Timor and one of three newspapers in Dili, is down with its bandwidth exceeded, presumably due to excessive reader interest. Timor Post, another newspaper, has not been updated since June 2005 [sic]. The third, Diario, does not seem to have a web site. The website of RTTL – Radio-Televisão Timor Leste, the government body responsible for Radio Timor Leste, the state radio station, and its TV counterpart TVTL — is still under construction (the website was registered in 2003.) Another, East Timor Press, hasn’t been updated since, er, 2004. (Here’s the Wikipedia entry on Timor, which was updated yesterday to include the deployment of Australian, New Zealand, Malaysian and Portuguese troops.)

I can find no East Timor site working out of East Timor that has any information about this uprising, the most important development in the country’s recent history. OK, so not many Timorese have access to the Internet but this is a vital link with the outside world, a chance for Timorese to convey what is going on to governments, exiled Timorese, interested readers and others. Now, in the midst of terrible violence and the humiliation of seeking outside military intervention, there is again no domestic media getting the story to the world’s most important medium.

From the Ashes of Blue Frog

By | November 22, 2011
2 Comments

The Blue Frog may be no more,  but the vigilantes are. Seems that despite the death of Blue Security in the face of a spammer’s wrath, the service has built an appetite for fighting back. Eric B. Parizo of SearchSecurity.com reports on a new independent group called Okopipi who intend “to pick up where Blue Security left off by creating an open source, peer-to-peer software program that automatically sends “unsubscribe” messages to spammers and/or reports them to the proper authorities.”

Okopipi has already merged with a similar effort known as Black Frog and has recruited about 160 independent programmers, who are dissecting the open source code from Blue Security’s Blue Frog product. The idea seems to be the same: automatically sending opt-out requests to Web sites referenced in received spam messages, the idea is to over-burden the spammer’s servers (or those of the product he’s advertising) as a deterrence and incentive to register with Okopipi. By registering he can cleanse his spam list of Okopipi members.

Some tweaks seem to be under consideration: Processing will take place on users’ machines and then on a set of servers which will be hidden to try to prevent the kind of denial-of-service attack that brought down Blue Frog.

Possible problems: I noticed that some of the half million (quite a feat, when you think about it) Blue Frog users were quite, shall we say, passionate about the endeavour. These are the kind of folk now switching to Okopipi. This, then, could become an all-out war in which a lot of innocent bystanders get burned. The Internet is a holistic thing; if Denial of Service attacks proliferate, it may affect the speed and accessibility of a lot of other parts of it, as the Blue Frog experience revealed. (TypePad was inaccessible for several hours.)

Another worry: Richi Jennings, an analyst with San Francisco-based Ferris Research, points out on Eric’s piece that project organizers must ensure that spammers don’t infiltrate the effort and plant backdoor programs within the software. “If I’m going to download the Black Frog application,” Jennings said, “I want to be sure that the spammers aren’t inserting code into it to use my machine as a zombie.” I guess this would happen if spammers signed up for the service and then fiddled with the P2P distributed Black Frog program.

Another problem, pointed out by Martin McKeay, a security professional based in Santa Rosa, Calif., that spammers will quickly figure out that the weak link in all this is it rests on the idea of a legitimate link in the email for unsubscribing, and that spammers will just include a false link in there. Actually I thought the link Blue Frog used wasn’t unsubscribe (which is usually fake, since if it wasn’t would then pull the spammer back within the law) but the purchase link. How, otherwise, would folks be able to buy their Viagra?

One element I’d like to understand better is the other weakness in the Blue Frog system: That however the process is encrypted, spammers can easily see who are members of the antispam group by comparing their email lists before and after running it through the Blue Frog/Black Frog list. Any member who is on the spammer’s list will now be vulnerable to the kind of mass email attack that Blue Frog’s destroyer launched. How is Okopipi going to solve that one?

Has PR Taken Over The Conversation?

By | November 22, 2011
5 Comments

Here’s the hot news for a Monday: PR firm Edelman has teamed up with Technorati to develop localized versions of their offering in German, Korean, Italian, French and Chinese. Edelman’s PR teams worldwide will retain exclusive use of these sites as they are being developed, beginning with French this summer. These localized versions – which will include keyword/tag search and more – will evolve into more robust public-facing sites that everyone will be able to access beginning in the first quarter of next year.

Interesting. And, I have to say, puzzling. What is a PR firm doing developing content for what is basically a blog search engine? (I’m sure both companies consider themselves more than that, but strip it away and that’s what you’re left with.) Here’s to me what is the kicker, from Steve Rubel’s blog (Steve now works at Edelman):

This is the first in what we hope will be a series of collaborations with the Technorati team. It is designed to help our clients participate in global conversations. In addition to working with Technorati, we also plan to align ourselves with other companies that are developing outstanding technologies that will help us further this important goal. We look forward to hearing your reaction and ideas.

Now, I’m trying to think this through. Edelman’s interest is in promoting its clients. Fair enough. Technorati would be a great place to do that through advertising. But are there not conflicts of interest, and if so, where and when do they arise? What happens if blogs critical of Edelman’s clients start appearing on Technorati? How do readers know that the rankings are not being tweaked to hide such blogs lower down the search results? How do we know that faux blogs or PR-sponsored material is not finding its way up the rankings, or that the material being translated on these non-English Technorati sites is being developed in-house, so to speak?

I guess I worry too much. Perhaps this is all good stuff, a merging of minds intent on the same transparent goal: better information for all. But some of this new blogosphere world is starting to sometimes sound like a parody of itself; of a court full of people spouting all the right buzzwords, but lacking a lot of their original meaning or sincerity. Or maybe I misunderstood it all in the first place. Technorati man Peter Hirshberg, for example, writes about the Edelman/Technorati deal thus:

With the incredible growth of the blogosphere, brands and media companies worldwide realize that their communications environment is also in for big changes. The clout that bloggers have developed the U.S. is going global. The lessons that marketers have begun to learn here— get a clue, listen, participate, engage— will soon apply everywhere.

Yes, it’s true that the blogosphere is big and going global. Well, it already has gone global. And it’s true that a lot of marketers still need to get a clue. But does it mean that a PR firm takes what sounds to me like a board-like, potentially gate-keeping position in one of the key starting points for anyone looking for information in the blogosphere?

I’m no staunch fan of traditional media. But it spent decades, centuries even, building Chinese walls between the marketing and the editorial departments (and, in some cases, between the opinion pages and the news gathering pages.) This was so that what you read wasn’t influenced (or unduly influenced) by the guy paying the bills, whether it was the proprietor or the advertisers. It didn’t always work. At some places it never worked. But you kind of knew where, as a reader, you stood. For sure, we’re all struggling to find this new balance in the blogosphere, and there’s no reason it needs to look anything like the old model. But we should be talking about it, not just gushing about it, just because everyone is using the same satchel of buzzwords.

Perhaps the key to all this lies in Richard Edelman’s blog. He goes into greater detail about the deal, and it’s clear he’s focusing on the analytics side of Technorati — it’s phenomenal ability to track the blogosphere, not merely in terms of users, but in terms of what they’re talking about. This is a goldmine for marketing folk, of course, and having a global presence Edelman is going to love to get its hands on the analytics of Korean and Chinese blogs — a relatively unknown territory to anyone who doesn’t read those languages. There’s lots in there for them, as there is in the idea that “every company can be a media company”, although I think this one, too, needs a bit more analysis.

But the key is in the last two goals Richard mentions: “make PR people valued contributors to the discussion, not the often-reviled spinmeister or hype artist lampooned in the media.” This means, at best, PR becoming more honest and factual in their presentation of information, rather than spin. At worst, it means that the average user will increasingly find it hard to sift between what is PR and what is objective, impartial commentary. For every independent blog there will be a spin blog, or a blog that might be independent on 99 subjects but one. After a while, you’ll forget which one, and that’s when the message finds its way through.

The fourth goal Richard mentions is this: “we are certain that this tool will be useful to brand marketers and corporate reputation experts alike. Look at the corporate reputation benefits for Microsoft, GM and Boeing, all three getting praised for new openness as they initiate blogs such as Scobelizer or Randy’s Journal.” What I think this means is that companies are getting praise for setting up blogs  — although one should distinguish between Scoble and Boeing, I fear; one was a guy and a laptop, carving something out of nothing; the other was a major initiative using hired help. Richard concludes: “For brands, the blogosphere will be a unique way to solicit expert opinion, to mobilize the base of enthusiasts and to monitor worldwide trends (avian flu if you are KFC). A globalized world needs global tools and analysis.” Several different issues at play here, not all of them compatible. “Solicit expert opinion”. Does that mean listen to the bloggers who know what they’re talking about, before it becomes a big mess, a la Kryptonite? Or is “mobilize the base of enthusiasts” put out the word to people who understand its importance, or mobilize as in pass around freebies to key bloggers in the hope they’ll say nice things about your product?

Many bloggers, I believe, do a great job, even a better job than journalists in their transparency and sourcing. But that doesn’t mean the genre is settled and invulnerable to manipulation. Perhaps we’ve already hit the intersection where these potentially conflicting interests collide and merge into something new. If so, what is it? PR was invited to the conversation; they may well be the smartest people in the room, and, while old media was wringing its hands, they may have already taken the conversation over. If so, what was the topic again?