Beware, all you out there in the Twitterverse – it looks like a new vulnerability has hit the troubled microblogging site and this time it has nothing to do with a man howling “Goooooaaaaaaaal!” or a vuvuzela. Information security blog Praetorian Prefect has dug deep into what looks like a new persistent cross-site scripting (XSS) vulnerability on Twitter that could have spelled even more trouble for the site if it didn’t get taken care of soon. Sponsor The hack was originally pointed out by an Indonesian Twitter user who created the account 0wn3d_5ys to show off the hole. We won’t link the account here, because while it appears to be a benign demonstration of the vulnerability, it has the potential to inject malicious code. As opposed to the most recent Twitter scam, where users spread a phishing scam by clicking on a link sent in a Direct Message that said “Is this you?”, an XSS attack requires no action on the user’s part and could be entirely self-propagating. This particular hack takes advantage of a vulnerability in the Application Registration page, where a shortened link referring to a JavaScript snippet can be inserted, allowing the hack to occur. According to the article at Praetorian Prefect, the vulnerability has been public knowledge for days and Twitter has already been notified. At the moment, the hack still appears to be fully functional. Twitter said that they “are aware of the issue, have fixed it for new applications and are working to fix it for all applications.” Luckily, this seems to be another case where a security hole was found, reported, and fixed before any havoc could be wrecked across the Internet. Discuss

Click here to read more

Not only did Bing arrive as a new search option in Apple’s iOS4 update yesterday, but Microsoft also just launched a new version of its native Bing for iPhone app . The app now features a RedLaser -like barcode scanner and an enhanced social search mode that highlights results from your social network on Twitter and Facebook. In addition, the app now also features a basic Twitter and Facebook client. Sponsor Twitter Client and Social Search The Twitter/Facebook client is very basic and only allows you to respond to tweets, retweet and post new tweets. The app does not feature a URL shortener or any other advanced features. Chances are, you wouldn’t want to use the Bing app as your standard Twitter and Facebook client, but the features are good enough to allow you to interact with your friends when their Tweets and Facebook status updates appear in your social search results. Barcode Scanner: Fast, Easy – But With Limited Results The most interesting feature addition to the Bing for iPhone app is the barcode and cover art scanner. With this, you can quickly scan a barcode an any product with the iPhone’s built-in camera and compare prices at different online retailers. In our short test, the app was able to read barcodes pretty easily – even on an iPhone 3G without autofocus. While RedLaser and ShopSavvy sometimes take a while before they recognize a barcode (especially if you don’t have a very steady hand), the Bing app quickly latched on to any barcode we threw at it. Sadly, though, the shopping results in the Bing app can’t compete with those in ShopSavvy, for example. While Bing only returned 3 results for this book , ShopSavvy returned over 50 results, including 15 from local brick and mortar stores. Discuss

Click here to read more

Yesterday, Utah’s Attorney General, Mark Shurtleff , used his Twitter account , to notify the world that he had OK-ed the execution of a prisoner . “I just gave the go ahead to Corrections Director to proceed with Gardner’s execution. May God grant him the mercy he denied his victims.” The Tweet elicited some shock and moral outrage. The shock I initially felt was, I think, more due to this announcement being made via a medium better known for less life-altering announcements, like personal lunch menus and the unboxing of electronics. Sponsor The issue here is less one of the capital punishment’s morality – Twitter is not responsible for the decisions made by representatives of the state of Utah – and more the use of Twitter by a public servant. The tone of Attorney General Shutleff’s subsequent Tweets seem strident and unprofessional. All other things being equal, that is any Twitter user’s right. But not if you are representing your government, your state and its people. Then, it strikes a terribly discordant note, as the Tweets below might illustrate . The first Tweet comes off flippant and the second angry. Neither is appropriate when juxtaposed with the murder of one man – a police officer – and the execution of another. If I were Governor and this man were my AG, the very least I’d do would be to take away a Twitter account he clearly is not responsible enough to use. Discuss

Click here to read more

The 2010 FIFA World Cup is now the most popular event in Web history . Record usage began last Friday before the wins and losses. Not since Obama’s election day victory has the Web swayed under a greater burden of Internet-connected hope. The official FIFA World Cup website is currently receiving as many page views as Facebook. For all of us creators of the Web it’s a great time to learn more about real-time visualizations as well as how to better handle soaring usage numbers. So here’s a roundup of how Twitter, Facebook, Univison, ESPN/ABC and app makers are handling all the excitement. Sponsor Univision Promises 900 Hours of Coverage Univision.com is an official internet broadcaster of the World Cup and is offering live streaming of all 64 matches. On average a quarter of a million people in the U.S. and Puerto Rico are watching live streams of each match. These streams have helped drive 16 million page views to Univision’s interactive media platform, including mobile and mobile apps. Its Soccer App also recently became the second most popular free app in the iPhone store. World Cup on Twitter The official FIFA World Cup website is currently receiving as many page views as Facebook. Radio and TV once gave the world real-time soccer coverage. But today you can forgo both and simply watch Twitter’s World Cup tweets as fans of each team go head to head as each game is being played. With peaks up to 3,000 tweets per second this marvel of millions of soccer tweets is inspiring, except that Twitter can’t really handle it. In a recent blog post Twitter suggests users brace themselves for weeks of Fail Whales. Facebook Coverage As always Facebook is in the thick of it with its campaign to get you to like everything. Facebook’s sports page has a passion rank, which currently puts Chile’s victory over Honduras in the number one spot. Almost a half a million people have liked Chile’s World Cup profile. And in related soccer-passion news , Chile’s capitol city of Santiago used tear gas and water cannons to disperse celebrants and arrest 81. This year is the first time in 48 years that Chile has won a World Cup match! World Cup on ESPN/ABC The match between England vs. the U.S. drew 16 million viewers, and became the fifth most popular World Cup match ever covered by U.S. television. Complimenting this coverage was 1.7 million visitors to the ESPN website during the first four days. Of additional interest is analysis that indicates multi-platform users who switch between TV, radio, mobile and the Web are engaged for five times longer than those who only watch on TV. Flood of Soccer Apps Of course this roundup would not be complete if we didn’t mention the huge flood of Phone and iPad apps that are begin offered. The number of people trying to get us to promote their World Cup apps has skyrocketed. And while there are plenty of top World Cup app posts out there, I would only recommend one: the Vuvuzela iPhone app. It’s currently the number one free soccer app at the iTunes store. Even though this app is only capable of emitting 90 decibels (a real Vuvuzela horn hits 130), in the hands of a small child this app could be almost as annoying as all the Vuvuzela haters combined. Discuss

Click here to read more

The “Dark Figure of Crime” is not, as one would imagine, a London-fog-bedecked, cloak-and-dagger figure slinking down a shadowy alleyway. It sounds very Hollywood, but “The Dark Figure” is simply a term used by statisticians to describe a crime that goes unreported. Serious and even violent crimes go unreported for a myriad of social, political and personal reasons. What does this have to do with Twitter? Criminologists have for years grappled with that dark figure, and while police science research on social media is in its infancy, the ability to compare official and real-time crowdsourced data could change how we research crime. Sponsor Guest author Laura Madison is the co-founder of the Canadian Association of Police on Social Media. She will be publishing the results of a survey regarding Twitter use by North American and U.K. in the coming weeks. She tweets @org9 and @canadianpolice . Crime that has been reported by victims – a burglary for example – is only a percentage of what is actually occurring in our communities. How do we know? We use what are called social surveys. Some of the survey questions could be: “Have you been the victim of a burglary in the past five years?” and “Did you report it to police?” We then look at the official reported crimes involving burglary and compare that with social survey results. All of this is very interesting but what does this have to do with social media, annotation, metadata and Twitter’s Promoted Tweets? For me as a social scientist on Twitter, there’s an exciting potential for everyone from governments to nonprofits to utilize the power of real-time to hypothesize, design, conduct and finally utilize analytics. If good research design is defined as “the analysis of data in a manner that aims to combine relevance to the research purpose with economy in procedure,” then Twitter’s new promotional platform not only adheres to this principle but advances the potential for rapid-paced and geographically salient research results on just about any topic. Possibilities For Policing Agencies As a criminologist I think a lot about how social media can be utilized in my field and in the field of police sciences. We can study attitudes about crime, fear of crime, urban myths, moral panics, laws, legislation, police services, victim impact, sentencing reform, prison reform and restorative justice. We can look at social media studies and compare them to official crime rates and government social surveys, reports and peer-published research and analysis. We can do research around issues such as the Facebook panic button and other social media applications directed at sex offender detection, and importantly we can elicit responses from those who currently use social media. Policing agencies, for example, could use their annual communications budgets to purchase a number of Promotional Tweets to, for instance, alert the public about a wanted person or request information from targeted geographic population. They could use polls to gauge performance, community perceptions, satisfaction and reform. Then they can use the associated data for back-end analytics and to illustrate what I call user-to-user “resonance chains” that show where their tweets went and who retweeted them, and lay out this info for further proactive planning. For a good example of this in action check out @vpdcanada , @trafficservices and @deputysloly ; a further good source for police information on social media is @cops2point0 . What Must Happen Next With all of the positive out of the way, let’s look at some issues that may need to be addressed before some of what I outlined can come to fruition. I will also introduce some of my ideas for application development. First comes privacy wherein an application that we could build would gather relevant data such as age, location, education level, etc., but would hide identifying information by assigning a code number for those wishing to contribute to social science research. Second, ethically acceptable research policy beings with the establishment of a clear and fair agreement between the investigator/agency and research participant that clarifies the responsibility of both. Professional researchers and agencies may request a release before research is conducted. We could make an application for all sorts of legal and research releases for use on social media, could we not? Third, random sampling is a requirement for many experimental designs. How can we do this on Twitter? Perhaps this can be achieved by the creation of an application that can do random samples or shuffling of willing participants. Fourth, not everyone who may want to purchase promoted Tweets knows how to design an effective 140-character promotion, so how can we assist? Again, create an application or an easy editor/style guide that enriches what Twitter might already have. A Final Note As Twitter rolls out its platform for Promoted Tweets, I encourage my peers and social media scholars to get to know what they look like and begin to imagine new ways this could be harnessed for social change as well as for promotional value. I invite further discussion about these are ideas, and I’m hoping that together through innovation we can make Twitter a socially and scientifically accepted tool with which people can do valid and welcomed research. Photo by georgie_c . Discuss

Click here to read more