For me, the drain started with two boilerplate email invites I got from CC Chapman, a co-conspirator in social media. CC often has his finger on cool new things online, so I immediately clicked through to check out Quechup.com (unlinked intentionally -- don't even go there!). It looked like a pretty generic dating site. It had blogs. I liked Gather better as social media blogging, but hey, I'm not dating.
Then the tweets started coming through on my Twitter, along the line of "OMG! Quechup spammed my entire address book with invites! I didn't mean it, don't do it!"
The site's widgetry included an invitation to search through your address books on gmail, outlook, and so on to find folks who were already registered. But instead of just looking for friends who were also there -- the site spammed invites to every address book entry (or in the case of gmail, everyone you'd ever written to, as many times as your email occured, apparently!).
I didn't use that widget, so I didn't broadcast further spam, but it did get a number of us thinking. By later in the day, people had labelled Quechup as a "trust virus" or the "Q problem," and were referring to the site, unlinked, as Quexup or Ketchup or some misspelling so as to not boost their search engine listings!
I did a bunch of research on Quechup, but didn't have time to blog it yesterday -- so I passed the research on to Xeni Jardin, at Boing-Boing, with the thought that she could use it. So thanks, Xeni, for the hat tip in your initial entry warning folks away from the site!
I confess, I may be too nice. My first thought was that the company had been online since 2005, so perhaps some poor java or php programmer had crosswired their address book sweeper for friends on the service, with their invite sweeper. I am an old lady, as IT goes (pushing 50 now), and I didn't learn until my 30's to never push new code live before a weekend, much less a holiday weekend (iDate, Ltd. -- the parent company -- is in Las Vegas).
I researched the company, and the principals' previous ventures, and tried to contact them, but they have not yet written back, which bodes ill. I learned painfully, from an ex, that distinguishing between incompetence and maliciousness can't be our first priority sometimes -- we need to protect ourselves.
We need to be careful how we give people permissions to use our personal data, our friends lists -- but what's worse, is that if you leave java and activeX and such enabled in your browser, technically a site wouldn't have to ask your permission to sweep your address book; you've already given them permission.
The specter hovering behind web2.0 is the promiscuous use of technologies, which, if you enable them, allow programs to run without your explicit and individual permission on your computer. Some of these may be spyware and malware, but for the most part we knowingly or naively accept this as the cost for having all the fun stuff like Flash animations or Java applets to inform and entertain us, as tools and toys.
We are all playing in a technological pre-school, a germ factory, when we go online. Whether Quechup is malware or inept, they are just a first blush of problems that could impact us, with or without a button that says "search my address book."
--
Shava Nerad, News and Opinion Correspondent:
Shava’s column, Iconoclasm, published about once a week to Gather Essentials: News, is an examination of the provocative ideas emerging in media and world culture behind the news.
Shava Nerad has been working on the Internet for twenty-five years, at the boundaries of Internet and social issues. She is CEO of Indigenis, a consulting group working at the intersection of virtual worlds, social networking, and gaming communities, and development director of The Tor Project.
She lives in Somerville, MA with her teenage son, her fiance (a professional magician and fundraising coach), and a corgi/dachshund mutt named George.
Opinions here have nothing to do with Tor or Indigenis.
You can find all of Shava's Iconoclasm columns at http://Iconoclasm.gather.com
Keep up with Shava’s other postings and Gather activity by joining her Gather network -- just click here and select the orange “Connect” button on the left-hand side of the page (colleage connections only please, unless you know me on the street!)
You’ll find Shava and other News Correspondents, plus celebrity content and plenty of other News experts at News.gather.com
rate
email
print
link to this page
