Archive for March 30th, 2010
Yahoo Hacked in China: Journalists, Others Affected
Associated Press initially reported that three foreign journalists and one analyst have seen their email accounts hacked into today. The New York Times subsequently reported that there were “at least a dozen rights activists, academics and journalists who cover China,” including the author Andrew Jacobs. AP: “They were greeted with messages saying, ‘We’ve detected an issue with your account’ and were told to contact Yahoo, they said Tuesday. Yahoo technicians told one of the four that his account had been hacked and restored his access, but it was not clear if the other instances were related.” Sponsor Jacobs reported that “hackers altered (his) e-mail settings so that all correspondence was surreptitiously forwarded to another e-mail address.” Among those affected were Clifford Coonan of Variety magazine and Kathleen McLaughlin, a freelancer. Agence France Presse reported that Yahoo! was avoiding directly addressing the hacks, saying only that it “condemns all cyberattacks regardless of origin or purpose.” Yahoo! was roundly condemned for hurriedly turning over user information on reporter Shi Tao to the Chinese security forces in 2005. Their actions resulted in a long prison term for Shi for sharing Chinese media coverage policy with foreign sources. The late U.S. Congressman Tom Lantos called CEO Jerry Yang a “moral pygmy” for his collusion and subsequent slippery excuse-making. Earlier today, intermittent blocking of Google was reported in the country. China has the most sophisticated and widespread online censorship regime in the world, dovetailing social measures, criminal statutes and electronic measures. Additionally, some believe that government-sponsored, or at least encouraged, hackers have been behind multiple attacks on the properties of foreign companies, like the one that occasioned Google’s surprising announcement of its intended withdrawal from China in January. Discuss
Gmail Becomes an App Platform: Google Adds OAuth to IMAP
You may or may not be excited by the acronyms OAuth and IMAP/SMTP, but the combination of them all together is very exciting news. Google Code Labs announced this afternoon that it has just enabled 3rd party developers to securely access the contents of your email without ever asking you for your password. If you’re logged in to Gmail, you can give those apps permission with as little as one click. What does that mean? It means mashups based on the actual emails in your inbox. If you’ve given a 3rd party app secure access to your Twitter account, then you’ll be familiar with the user experience. The first example out of the gate is a company called Syphir , which lets you apply all kinds of complex rules to your incoming mail and then lets you get iPhone push notification for your smartly filtered mail. Backup service Backupify will announce tomorrow morning that it is leveraging the new technology to back up your Gmail account, as well. Sponsor People are often wary about the idea of giving outside services access to their email, and well they should. OAuth is designed to make that safe to do. Combined with the IMAP/SMTP email retrieval protocols, it gives an app a way to ask Gmail for access to your information. Gmail pops up a little window and says “this other app wants us to give it your info – if you can prove to us that you are who they say you are (just give Gmail your password) – then we’ll go vouch for you and give them the info.” The 3rd party app never sees your password and can have its access revoked at any time. You can read more about OAuth, how it was developed and how it works, on the OAuth website . Why is this so exciting? Because it means that the application we all spend so much time in, where so much of our communication goes on and where you can find some of our closest work and personal contacts – can now have value-added services built on top of it by a whole world of independent developers, without your having to give them your email password. That’s the kind of thing that the data portability paradigm is all about. It’s the opposite of lock-in and seeks to allow users to take their data securely from site to site, using it as the foundation for fabulous new services. Google says it is working with Yahoo!, Mozilla and others to develop an industry-wide standard way to combine OAuth and IMAP/SMTP. See also: Rapportive – an incredible GMail contacts plug-in . Discuss
Automattic Announces VaultPress Security Plugin
Automattic, the makers of WordPress.com, have introduced VaultPress , a plugin to plug the backup gap. Users of WordPress’ hosted service have their blogs backed up automatically (so to speak). So if something goes pear-shaped, the content is caught before it hits the ground. However, if you use a self-hosted version of the software you must back up your content yourself, and heaven help you if you forget. Sponsor Now, by downloading and installing a simple plugin, self-hosted users will have the same safety net as their hosted counterparts. Matt Mullenweg, founder of Automattic, announced the plugin on the VaultPress blog . “Today, this means every bit of content will be safe, from plugins and themes to the smallest comment or post revision, with WordPress-aware, real-time, multi-cloud backups.” In an email, he said, “In the past two hours we’ve had over 600 beta applications with an average of 9 sites each.” The product alleges “real-time, continuous monitoring” of your site against dangerous and fraudulent activity. It also automatically updates fixes. Interested users can sign up for VaultPress in private beta. Automattic plans to charge $15.00 per month for the service. Discuss
TechStars’ Andrew Hyde Launches Freelance Marketplace Startup
Back in January, a healthy comment discussion followed a post in which we looked at the topic of “spec work,” or freelance work done for a client before an agreement of compensation is formed. One of the most vocal opponents to spec work is Andrew Hyde of TechStars and StartupWeekend fame, whose blunt opinions sparked a debate over how a marketplace for freelance work should properly function. Today, Hyde and a few friends are launching Pick , a marketplace and directory that connects clients with freelancers. Sponsor Freelancers in fields like design, development, photography, copywriting, marketing and management can sign into Pick and create a profile to share their portfolio and contact information. More importantly, however, Pick asks freelancers to list their work availability and a price range. This allows clients to narrow their search to find freelancers in the specialty they need based on location, availability and price. “The [freelance] process is a mess. There are a ton of freelancer sites out there, but freelancers never promote them because they largely exploit the community. I thought there had to be a better way,” Hyde told ReadWriteWeb. “I wrote my solution and said someone should build it, and nobody did, so here we are.” Through the creation of Pick and the growth of its community, Hyde hopes to put a dent in other marketplaces which he says are providing platforms for what he calls ” exploitsourcing .” With a 2008 post titled “Spec Work Is Evil / Why I Hate CrowdSpring ,” and in 2009′s ” An Open Letter to 99designs ,” Hyde has become a leading voice in the movement against spec work and the services he believes promote it. “It is a major ethical flaw of both parties,” said Hyde of spec work in 2008. “Some designers I have talked to have escalated this lack of ethics to be on par with some very serious crimes, while other see it as dumping oil down a rain drain. A lot of people don’t take this lightly at all.” On the bright side of the negativity surrounding spec work, Hyde has channeled his passion against the practice into a new place for clients and freelancers to meet without the worry of exploitation. For startups that need design, copywriting or other freelance services, Pick could soon become an excellent alternative to the more common marketplaces. Having just launched, the service is a bit of a ghost town and is currently invite-only, but Hyde hopes to see around 1,000 users by week’s end. Freelancers can request an invite and clients can currently visit the site and browse the available profiles. Discuss
Does StreamWork Give a Picture of SAP’s Future?
This SAP story is getting a bit more interesting. Today we sat in in on a call with its team over at StreamWork , the new collaboration, SaaS service, previously known as 12Sprints. Dave Meyer lead the discussion. For the first time, at least for us, he helped crystalize how SAP will extend its relevancy. Meyer and his team were joined by StreamWork partners — a curious mix of companies that include Scribd, Evernote and Box.net , not exactly the trio you’d expect to show up as partners with SAP. Sponsor The story is not entirely without its bumps. We found a few but that’s not so surprising. We had trouble accessing the platform using a Google Chrome browser. It worked fine in Firefox. You can make fixes bit easier in a SaaS environment. Feedback comes in, the code gets a touch up and a new change is made. That’s a bit of a different approach for SAP. It leads to the possibility that SAP is shifting its efforts by using a SaaS platform as a window to its deep back end, specifically Business Objects. SAP is taking an open-source approach. It integrates with Google Open Social and can pull in data from third-party source using RESTful web services. Google Open Social serves as a platform for tools that can be used within the framework of the StreamWork product. For example, an OpenSocial gadget to do polls may be used to get quick answers for team members. That’s one way to be relevant n a new age of web-oriented technologies and continued emergence of forceful, open-source competitors, both on-premise and the cloud. The direction does seem right. the StreamWork platform could serve as a front end to the enormous SAP program libraries that companies keep on-premise. For now, though, the integration is relatively simple and not yet really defined. We received this statement from SAP after the call when we asked about access to SAP applications through StreamWork: “People will begin to see some initial integrations SAP’s Developer Network, which should preface some additional capabilities to come. While we can’t share granular plans, SAP has full intentions to integrate StreamWork into existing business applications. Users should see these developments over the next year. It also is up to customer feedback to prioritize which comes first, SAP has many integrations in the works and will determine which to pursue based on customer need.” But the philosophy seems correct. But how do Scribd, Evernote and Box.net fit in? In a web-oriented world, static files can be a glut, obstructing the work flow. Scribd serves as viewer for accessing those important documents that may be deep in the enterprise but are still largely relevant. Evernote is one of those products that is pretty much designed for the individual, not the enterprise. It’s for taking notes, pictures or any item that a community member wishes to post into a StreamWork activity. Box.net provides the storage capabilties for documents that can be shared with different groups. Folders store documents that can be uploaded and shared within a real-time environment. We spent some time using the StreamWork platform today. It is designed to drive business decisions. It’s not for playing around. This is definitely its differentiator. You can see as a collaborative service and the potential deeper SAP environment. The story is coming together. The product is in its early stages. We’ll now see how it does fits with the rest of the vast SAP applicaton suite. Discuss