Do you know the advantages and pitfalls of sites like Digg, ShareThis and Viral Inviter?
Sunday, December 7th 2008 @ 9:08 AM (not yet rated)
This is a topic that is becoming very important. Social bookmarking refers to a growing field of websites that allow people to bookmark websites online. You may have heard of things like:
- Digg
- Delicious
- Fark
- Furl
- Reddit
- ShareThis
- Google Bookmarks
- AddThis
What are Social Bookmarking sites about?
There are literally dozens of these sites. What's interesting is that the sites gather information from all their users, along with "tags" that are really just keywords that people think up to help them categorize the site or page they bookmark. Often, at the end of an article you may see an icon such as the ones shown in the image above that says "Share This" or "Digg This", etc. This makes it really convenient for remembering pages you liked.
Sites like Digg have become very popular for ranking their "Diggs". Each time somebody clicks on the icon or link, and Diggs a page to say they want to vote for it, or save it as a bookmark, it gets counted. The whole thing becomes a competition, and search engines like Google regularly use these counts in determining the popularity of pages.
Sound great! What could be risky here?
It all sounds good, right up until the bookmarking site asks you if you'd like to "share" or "find out which of your contacts from your email address books is already using !"
How do they do this? They ask you to provide the username and password for your favorite email account. At this point you are giving the site permission to search your personal address book for email addresses they already have AND to add your entire list of email contacts to their database. This could be convenient, or it could be a BIG RISK, depending on how good the site is at protecting their databases and ensuring that they don't abuse the information.
I'd like to get your views and experiences using social bookmarking sites. Have you had any particularly good experiences as a user, or in getting pages rated highly by search engines. OR... have you had any bad experiences? It may be hard to know if your email list has been abused - only your contacts will start getting a lot of unsolicited email.
And what about that username and password that you provided to them? What happens to them? Can they be stored, intercepted or abused?
Viral marketing is another phenomenon on the web that is growing, primarily to enable websites to grow their email contact lists for newsletters exponentially.
Many viral marketing sites ask you to enter 3 or 5 email addresses so you can win a prize, or get access to some "valuable content". Or, in a way that is similar to social bookmarking, they may ask to view your email list and "automatically invite all your friends".
For a business, this can be extremely intrusive, as it may expose the email addresses in your entire customer database! So, if your office staff is passing time waiting for their next assignement by entering contests online, you need to make sure they are NOT using an email account that has access to your customer email list!
May of these sites also have their own browser toolbars that you can download. Toolbars are really software programs that plug into your browser, and in some cases, can carry spyware. If anybody in your office does this they need to be careful with which sites they load toolbars from, but that's a whole other topic.
If you have any stories about your experiences with either "social bookmarking" or "viral marketing", please post comments here, or send me a note. I'd like to do a more detailed security paper on this topic, or include this discussion in one of my upcoming Streetwise Security Zone Podcasts - a regular series of audio recordings I've started doing that you can subscribe to (click HERE to find out more). Maybe you would like to be interviewed on a podcast?
Note: Before you think, "Hey this guy's a hypocrite! - He has a ShareThis link right after warning us about it", please read this. The ShareThis link below lets you bookmark this page in any of the Social Bookmarking sites. However, I did not use the second stage of their registration process which implores me to let them run through my email contact list. But the bookmarking feature is not really a privacy threat in itself.
| Share | My live security awareness webinars are a quick and affordable way to provide your entire staff with professional quality security awareness training and education - whether it's general training or for specific teams or industries. I offer group rates and can tailor content to your specific needs. Please call or email me at the coordinates below, or CLICK HERE to see my training webinar catalog.
Scott Wright
The Streetwise Security Coach
Join the Streetwise Security Zone at:
http://www.streetwise-security-zone.com/join.html
Phone: 1-613-693-0997
Email: scott@streetwise-security-zone.com
Twitter ID: http://www.twitter.com/streetsec
To receive weekly security tips and other notices about helpful content available on this site, please make sure you are on my list by clicking HERE, and entering your name and email address.
 |
