Twitter Discloses Reason For Several High Profile Account Security Breaches: Support Tools Compromised

Several high profile twitter users' accounts were breached this today. Barack Obama, FoxNews, BritneySpears, RichSanchezcnn, LeoLaporte and others were all taken over. Some of the posts made by the hackers on these accounts varies from funny (FoxNews announced that Bill O'Reilly is Gay, RichSanchez said he was high on coke) to scams, (Barrack Obama offered prizes if you take a survey). The post from Biz over at Twitter is below:

Monday Morning Madness

This morning we discovered 33 Twitter accounts had been "hacked" including prominent Twitter-ers like Rick Sanchez and Barack Obama (who has not been Twittering since becoming the president elect due to transition issues). We immediately locked down the accounts and investigated the issue. Rick, Barack, and others are now back in control of their accounts.

What Happened?

The issue with these 33 accounts is different from the Phishing scam aimed at Twitter users this weekend. These accounts were compromised by an individual who hacked into some of the tools our support team uses to help people do things like edit the email address associated with their Twitter account when they can't remember or get stuck. We considered this a very serious breach of security and immediately took the support tools offline. We'll put them back only when they're safe and secure.

Reacting Quickly and Fixing the Problems

In addition to this Monday morning madness we're coming off a wacky weekend where lots of folks were tricked into participating in a Phishing scam aimed at Twitter users. In both cases, our on-call team was able to attend to the matter quickly and prevent too many people from being affected. Our support team is definitely going to have a busy week because we reset a bunch of passwords just to be on the safe side.

Could OAuth Have Helped?

We plan to release a closed beta of the open authentication protocol, OAuth this month but it's important to note that this would not have prevented a Phishing scam nor would it have prevented these accounts from being compromised. OAuth is something we can provide so that folks who use third party applications built on the Twitter API can access to their data while protecting their account credentials.

Evernote Teams Up with Eye-Fi for Wireless Photo Uploads

Previously highlighted Eye-Fi—the SD card that wirelessly uploads images to your computer or the internet—has teamed up with popular note-taking application Evernote, allowing users to upload digital camera photos directly to Evernote without plugging in their camera. With Evernote's ability to recognize text in photos, it's an obvious win—and one more way you can expand your brain with Evernote. [Press Release]

(Via Lifehacker.)

Stores Clueless About Mobile Barcode Scanning Applications?

scanning_barcodeWith the rise of app-laden smartphones like the iPhone and Google's Android OS, now on T-Mobile's G1, many penny-pinching shoppers have downloaded barcode scanning applications onto their mobile devices. These apps allow consumers to compare the prices of merchandise on a store's shelf to competing stores in the area just by taking pictures with their smartphone's camera. The prices are instantly retrieved and displayed on the mobile phone so consumers can know before they buy if they're getting a good deal.

Although consumers may be catching on to this barcode-scanning trend, some stores are still in the dark. For example, a Target store in Michigan recently requested a shopper to stop scanning merchandise, saying it went against store policy. The customer reported the event to the application's makers, Big in Japan, whose app Shop Savvy is a popular download for Android handsets.

Big in Japan called the Target store in question and spoke to the manager, who indicated that she was not aware of the policy. We also contacted Target's corporate headquarters to confirm Target's policy, or lack thereof, but we first had to explain the application to the company representative. They had never heard of such a thing before! (As it turns out, Target has no policy whatsoever on barcode scanning their merchandise.)

The same customer also noted they had visited Sam's Club, where they demonstrated the application to a store employee who seemed 'confounded that such technology even existed,' wrote the user.

Instant Price Match Is Retail's Future

shopsavvyAlthough this is just anecdotal evidence from one customer, it's entirely believable that without concrete store policies in place, you're going to encounter rogue employees here and there who have no idea what you're doing and will ask you to stop.

On the flip side, stores that do get hip to this trend may decide to implement store policies that ban scanning, once they realize that customers could discover their high prices. A post on AdLab for example, a blog about advertising and marketing, suggests retailers do just that. They also recommend retailers should consider investing in a a cell phone jammer. They even provide a 'No iPhones on Premises' sign for printout.

That doesn't seem to be a very proactive way of dealing with the technology. In fact, it reminds us of how both the music and movie industry attempted to quash the pirating of songs and films: they just tried to make it stop. Instead of going a route destined for failure and trying to shut down barcode scanning altogether, retailers could choose to embrace the trend. They could offer easy-to-find barcodes on their promotional items with signage encouraging customers to compare the price instantly with other stores in the area. They could make barcode scanning the new advertising circular.

Hopefully, stories like those of the Shop Savvy customer will remain isolated incidents and no other store employees will bother customers looking to save money. If you've used barcode scanning applications and have experiences to share, please let us know in the comments.

(Via Read/WriteWeb.)

Nate Silver of FiveThirtyEight Profiled by the New York Times

November 10, 2008

Finding Fame With a Prescient Call for Obama

At 9:46 p.m., blogging on his site, Nate Silver called the presidential election for Barack Obama. The television networks followed suit about an hour and 15 minutes later after most polls in Western states closed.

Of course, Mr. Silver had a head start: he had forecast that Senator Obama would beat Senator John McCain back in March.

In an election season of unlikely outcomes, Mr. Silver, 30, is perhaps the most unlikely media star to emerge. A baseball statistician who began analyzing political polls only last year, he introduced his site,, in March, where he used his own formula to predict federal and state results and run Election Day possibilities based on a host of factors.

Other sites combine polls, notably RealClearPolitics and Pollster, but FiveThirtyEight, which drew almost five million page views on Election Day, has become one of the breakout online stars of the year. Mr. Silver recognized that people wanted to play politics like they played fantasy baseball, and pick apart poll numbers for themselves instead of waiting for an evening news anchor to interpret polls for them.

FiveThirtyEight is “among the very first things I look at when I get up in the morning,” said Allan McCutcheon, who holds the Clifton chair in survey science at the University of Nebraska-Lincoln. “He helped make sense of some of the things that didn’t seem sensible.”

Mr. Silver has also become an in-demand analyst, appearing on MSNBC, CNN, “The Colbert Report” and Fox News.

“From a marketing standpoint, I’d rather hedge a little bit more,” he said, “but we’re the ones who are bold enough and are stupid enough to say what the polls translate to.”

He spent election night in a small studio inside the Newseum in Washington, as an on-air analyst for “Dan Rather Reports” on HDNet. During the campaign, Mr. Silver had learned a thing or two about television polish: he smoothed his hair, ironed his jacket, applied Visine drops and dabbed on concealer before a “hit,” as he had learned to call it.

This was his second television booking of the day, and a producer from “The Tonight Show” had called earlier. A makeup artist brushed on powder and a producer yelled into a cellphone as Mr. Silver sat sideways at his computer, his elbows splaying from his keyboard at angles that would alarm an ergonomist, squinting at Excel spreadsheets.

Mr. Silver has believed in numbers the way authors believe in words, as capable of expression and provocation, since he was young.

He “was a numbers fanatic,” said his father, Brian Silver, a political science professor at Michigan State University.

“When we took him to preschool one time, we dropped him off, and he announced, ‘Today, I’m a numbers machine,’ and started counting,” Brian Silver said. “When we picked him up two and a half hours later, he was ‘Two thousand one hundred and twenty-two, two thousand one hundred and twenty-three...’ ”

By kindergarten, he could multiply two-digit numbers in his head. By 11, he was conducting multivariate analysis to figure out if the size of a baseball stadium affects attendance (it doesn’t). By age 13, he was using statistics to manage a fantasy baseball team. When his parents refused to buy him computer games, he taught himself the Basic programming language and created his own.

He graduated from the University of Chicago in 2000, and was working for (and bored by) the accounting firm KPMG when he began messing around with baseball statistics. He tried to predict players’ performance based on their similarity to players from the past, like Bill James, a pioneer in baseball statistics, had done. But unlike Mr. James, Mr. Silver adjusted for body type, including factors like height and weight, discovering, for example, that taller pitchers age better.

He built a predictive system called Pecota around that, and sold it to Baseball Prospectus, a statistical organization, in 2002, staying on as a writer and consultant for the company. For the 2007 season, he correctly predicted the White Sox would lose 90 games. And for the season that just concluded, he predicted the longtime basement-dwelling Tampa Bay Rays would be a top team.

“I think everybody in our field is pleased and proud to see Mr. Silver’s work in political analysis taken seriously, and I’m sure that analysis is shaped to some extent by the ways of thinking that have been developed in our field,” said Mr. James in an e-mail message. “It’s a vicarious pride, much as one takes in the performance of the old school’s football team.”

Late last year, Mr. Silver, an Obama supporter, became frustrated with how primary poll results were being reported, and how sloppy polls and rigorous polls were given the same attention.

“What you heard on television was, Hillary was inevitable, she’s up 20 points,” he said. “She’s up 20 points because people had heard of her. They hadn’t heard of Obama.”

Mr. Silver posted his speculations on the liberal Web site, and earned attention when he projected Senator Obama would win 833 Super Tuesday delegates, which was within about a dozen of the actual vote estimates.

He began feeding a database with every poll available, from the University of Akron to Zogby International, state demographics and election results from 1952 forward. He weighted all the polls on historical accuracy, and adjusted them for whether they tended to favor Democrats or Republicans and other factors, then built a model that simulated elections.

He began to see patterns, like leads in polls over the summer should be discounted, or a shift in opinion in North Carolina usually moves with one in Virginia.

In March, he introduced, and it quickly became a go-to site for readers whose interest in raw numbers had grown after the close (and miscalled) elections in 2000 and 2004. As his reputation grew online — there’s a Facebook group called “There’s a 97.3 Percent Chance That Nate Silver Is Totally My Boyfriend” — the mainstream media he disparaged for sloppy reporting came calling.

Political predictions are “big this year because of Nate Silver,” said Sam Wang, who runs the rival site Princeton Election Consortium. “He loves discussing the details of the data, and his commentary is quite good. He’s made this hobby mainstream.”

Between his live TV appearances on election night, Mr. Silver updated his model and determined around 8 p.m., after New Hampshire went to Senator Obama, that Senator McCain had no way of winning. By the end of the night, Mr. Silver had predicted the popular vote within one percentage point, predicted 49 of 50 states’ results correctly, and predicted all of the resolved Senate races correctly.

The show ended at 1 a.m., and minutes later producers outside Mr. Silver’s studio were celebrating and popping Champagne corks. A crew member started to dismantle the desk where Mr. Silver was still examining data.

“You don’t have to go home, but we’ve gotta take your desk away,” the crew member said.

“O.K., just let me post this,” Mr. Silver said, narrowing his eyes at the screen.

One thing Mr. Silver cannot predict: what happens now. He suspects that Nov. 4 was the height of his popularity, and that producers will not be phoning as frequently any time soon. Publishers have been calling about a book, and he will continue with FiveThirtyEight, using it to predict Congressional votes during the Obama administration — if anyone cares.

“That’s the paradox,” he said. “You would think that you elect this guy and you want him to effect change, and then he gets elected, and people don’t care about bills being passed.”

YouTube adds “Read Comment Aloud” feature from xkcd

This comic is a week or so old.

Randall Monroe, the creator of xkcd, suggested that if YouTube commenters had to listen to their comments read back to them aloud, it might lead to better discussion on YouTube. Some Googlers thought that was a pretty fun suggestion, so they did it. YouTube now has an audio preview so you can listen to your comment before you post it. I love that Google had the sense of humor to add this feature.

From his own blog, or blag, as he calls it:

"It seems someone at YouTUBE took this comic seriously and decided to add an “Audio Preview” feature. Now you can hear your comments read aloud to you.

Of course, it’s an optional button using speech synth rather than a mandatory dramatic reading, so it’ll just be used for entertainment by people who haven’t played with a speech synthesizer before:

But then, after a little more browsing around, I see this:

So maybe there’s hope after all."

Obama launches iPhone app; US election good for Twitter

Obama Campaign launches iPhone app

Sen. Barack Obama's presidential campaign launched an iPhone application on Thursday that turns the vaunted device into a political recruiting tool. You can learn more about this app at the Obama iPhone app Web site.

The most notable feature "organizes and prioritizes your contacts by key battleground states, making it easy to reach out and make an impact quickly," according to the software.

On my phone, the application ranked contacts in Colorado, Michigan, and New Mexico at the top; at the bottom was a friend whose cell phone has a Texas number, though she actually lives in California.

The application anonymously reports back the number of calls made this way: "Your privacy is important: no personal data or contacts will be uploaded or stored. Only the total number of calls you make is uploaded anonymously."

The software is the latest effort by politicians to capitalize on technology, joining other examples such as ads distributed through YouTube, Web-based fund-raising, Facebook pages and fan groups, and e-mail recruitment drives.

The Obama for America iPhone application is available for download through Apple's iTunes store, said Raven Zachary, an iPhone consultant who's directing the launch effort.

A "get involved" feature uses the phone's GPS-based location sensing to find the nearest Obama campaign headquarters, and "local events" likewise pulls up a list of activities sorted by proximity.

A "media" section provides links to video and photos, but beware: YouTube showed errors following some of the links. Perhaps the newer videos hadn't been prepared for iPhone display yet.

The application also shows Obama statements to the news media and a guide to Obama's positions on various issues.

Additionally, the application shows how many calls have been made nationwide and how many you made. Those statistics are the kind that can motivate people--they can feel like they're part of something bigger. That may sound a bit silly as a motivational tool, but consider that Smule's Sonic Lighter application for the iPhone is popular, despite the fact that it costs 99 cents more than its free competition, likely because people can see where else on the globe people are using it and because the longer you run the application, the bigger your own spot on the map becomes. It's a kind of competition.

Twitter benefiting from US presidential election debates:

Twitter usage and sign-ups received a healthy boost during last Friday’s first presidential debate for the 08 campaign. The official Twitter blog reports that, despite Friday traditionally being a slow traffic day:

  • Friday updates jumped 18.5% from previous Friday.

  • Updates during the debate increased 160% compared to same time last week.

  • Signups on Friday were up 23%.

  • Signups during the debate were up 135% compared to same time last week.

Although, as Wired notes, the shot in arm for Twitter also co-incided with the company’s launch of a dedicated politics tracker - Twitter’s new Election 2008 site - and the blog/mainstream media attention that followed. Of course the fact that this has translated into increased sign-ups and use suggests that chicken or egg, the strategy is paying off.

Former Virginia Governor's Comment On Science At Convention Lights Up Twitter

Reposted from Wired

It didn't ignite the crowd at the Pepsi Center in Denver Tuesday night in the same way as Hillary Clinton's speech did, but the 2008 Democratic National Convention keynoter of former Virginia Governor Mark Warner lit up the micro-blogging service Twitter as its geek community celebrated a throwaway line in Warner's speech.

Warner, a former Capitol Hill staffer for senator Chris Dodd (D-Connecticut) and telecommunications entrepreneur, focused his speech on creating an environment that keeps America competitive in the global economy.

In a one-liner, he quipped: "Just think about this: In four months, we will have an administration that actually believes in science!"

It was as if Warner were acknowledging a constituency that feels as if the Bush administration had thrown a Harry Potter invisible cloak over it for the past eight years. Many members of that online constituency poked their heads out from under the cloak on Twitter.

"In four months, we'll have an administration that actually believes in science. lol, but YEAH!" tweeted kmcg.

"My fav from 2nite: 'Just think about this: in six months we will have an administration that actually believes in science'-Mark Warner; YES!" agreed tujaded.

Those were just two of a slew of comments on Twitter reacting to Warner's remark. Here's a quick summary:

  • jlangenbeck: "Warner's speech was fantastic. We have to fund and tech to save this nation and remain competitive,"

  • epolitics: "Diggin' me some Mark Warner.  Science! (poetry in motion)"

  • dagsalot: "I'm a big fan of former Gov. Mark Warner right now. 'Think, in 4 months, we could have a presidency that believes in science!' It'd be nice!"

  • twitterdoug: "Best line of Warner's speech so far -- In four months we will have an administration that believes in science."

During his talk, Warner also pointed to the importance of broadband rollout, education and job training to keep jobs from migrating to India, referring to his own efforts as governor to revive small towns in Virginia.

"We delivered broadband to the most remote areas of our state, because if you can send a job to Bangalore, India, you can sure as heck send one to Danville, Virginia, and to Flint, Michigan, and to Scranton, Pennsylvania, and to Peoria, Illinois," he said. "In a global economy, you shouldn't have to leave your hometown to find a world-class job."

The Democrats have made broadband rollout part of their party platform, and both Obama and Warner have expressed support for net neutrality.

Mozilla Labs' Ubiquity: Firefox becomes Quicksilver

Lots of talk today across the web about Mozilla Labs' new project, Ubiquity.

If You Want To Create a Mashup, Just Ask Your Browser. Mozilla Labs Launches Ubiquity

Ubiquity prototype lets users take command of Firefox

Ubiquity: Firefox Gets its Quicksilver On

This blog has a nice writeup: Ubiquity In Depth

Quoted from Ars Technica:

Mozilla Labs has released the first working prototype of Ubiquity, a natural-language command-based shell for the Firefox web browser. Although the Ubiquity project is still in early stages of development and the software still has some serious bugs, it already offers some useful functionality and exudes an enormous amount of potential.

The Ubiquity prototype, which is implemented as a Firefox extension, offers an unobtrusive and extensible command interface that enables users to interact with the browser and a number of remote web services. The user can launch the Ubiquity command interface with a configurable keyboard shortcut and then type in an instruction. The command interface has an autocompletion mechanism which attempts to guess the rest of the user's command string and then displays available results.

The command interface is conceptually similar to desktop launcher tools like Enso, Quicksilver, and GNOME-Do. Unlike those tools, it places a strong emphasis on web content manipulation and web services. In many ways, it's like an interactive mash-up system. Ubiquity can respond to user instructions in several different ways. It can directly alter the contents of a web page, it can manipulate the browser interface, it can load a page in a new tab, and it can display output in a notification pop-up.

New commands can be implemented natively in JavaScript, so it is trivially easy to extend the system and bring it new capabilities. The developers have even created a simple Ubiquity command editor that allows users to input new command implementations directly into the browser. Mozilla provides a detailed tutorial that explains how some of default Ubiquity commands were implemented. It is even possible to use popular third-party JavaScript libraries like JQuery to simplify development of new commands. The Ubiquity developers aim to eventually create a tool that can automatically convert Ubiquity commands into full Firefox extensions.

One of the commands that particularly impressed me performs in-place translation of selected text blocks. The user selects a bit of text, initiates the Ubiquity command system, and then begins typing the word "translate" to select the translation command. Ubiquity will use a remote translation web service to automatically detect the language of the selected text, translate it into English, and display a preview of the English translation in the Ubiquity results listing. When the user hits enter to complete the command, the foreign text in the page itself will be replaced inline with the English translation.

Ubiquity offers some very compelling functionality in its current state, but it still has a lot of limitations. The biggest weakness is its lack of support for pipelines. Modularity and support for combinatorial command chains are the greatest strengths of the conventional Linux command-line shells. Ubiquity would be far more powerful if it provided a way to supply the output of one command as the input to a subsequent command.

Ubiquity is largely an experiment in user interaction, but it is likely that some of its functionality will eventually be streamlined directly into the Firefox browser itself. One potential integration vector is the Firefox AwesomeBar, a rich autocompletion system that matches user input against fragments of URLs and page titles and offers the best results based on how frequently a page is visited and how long ago it was last viewed. Many enthusiastic fans of the AwesomeBar have speculated that the system could be expanded to encapsulate more functionality and potentially even a full command system. Perhaps the AwesomeBar could converge with the search box and the Ubiquity command system to form a next-generation Firefox UberBar.

One of the principal developers of the Ubiquity extension is Aza Raskin, the founder of Humanized and son of the celebrated Macintosh luminary Jef Raskin. Aza and several of his colleagues from Humanized were hired by Mozilla earlier this year to work on experimental projects that could shape the future of the web. I've had the pleasure of meeting Aza at several open-source software community events and I've always been immensely impressed by his excellent presentations on software usability. He has bold ideas and very intriguing solutions to seemingly intractable usability problems.

Aza advocates creating software that conforms to the Taoist notion of Wu Wei, which is to "act without doing." The Ubiquity extension, which clearly builds on the experiences that the Humanized developers cultivated while creating Enso, is a profoundly elegant articulation of that Taoist concept.