Google Hummingbird - the Beginning of Latent Search

Most of us have had a chance to experiment with Siri on an iPhone or some of the Voice Assistants on an Android mobile device. You may not have experimented with something Google rolled over the past few weeks code named Humingbird though. It's a major new core algorithm for Google that allows users to use conversational speech for searching. I'm amazed at how under the radar this has been. Different terms are being tossed around for this including "latent", "conversational" and "abstract" - here's a quick 2 minute video I recorded demonstrating how it works.


We're so used to searching on keywords it's second nature. Larry Kim from Wordstream refers to keyword searches as "Caveman English".  Hummingbird is probably the biggest change in Google's search technology since 2001. It's similar to Facebook's Graph Search, allowing users to use more abstract or latent language when searching - the same kinds of things we do when having a conversation with another person.

It's also something Google has to do to stay competitive. Both Facebook and Siri use Microsoft's Bing for searching with Apple just switching from Google to Bing with iOS7. Current estimates put Google's search market share at around 70% with many referring to the company as a search business that also does experiments.

If Apple gets Siri fixed up and Facebook also fixes up Graph Search, Google could pretty rapidly lose search market share. Facebook has to be a huge concern right now - recent comScore reports that analyze Americans’ surfing patterns found people are spending more time on Facebook than Google. If Facebook can get their search act together (it's pretty bad right now) lookout.

Right now, Google's Voice Search sure feels pretty natural to me - grab the latest version of the Chrome browser and give it a try.

Facebook IT Operations Director: Improving ICT Education in Challenging Times

In January for the past few years, our NSF funded National Center for Information and Communications Technologies has been co-sponsoring a Winter 2012 ICT Educator's Conference in San Francisco in collaboration with the Mid-Pacific Information and Communications Technologies Center. 

This year the conference was held at the Microsoft offices in downtown San Francisco and we were fortunate to have Facebook's Director of IT Operations, Steven Ruggiero as one of the keynotes. Heres his presentation - it's really good.  



Thinking about a technical career or know someone who is? Good stuff for students, parents, educators, guidance counselors, etc. 

Cookies, AT&T, Facebook And Your Privacy

This post is based on a question received via Twitter from @mmurfsurf. I apologize for the delay in my reply.

Last month, you may have seen a story or two about an AT&T Wireless / Facebook security problem. Some AT&T mobile Facebook users were being logged into other Facebook users accounts. The Associated Press ran an interesting story about a Georgia mother and her two daughters that logged onto Facebook from mobile phones and wound up in a startling place: strangers' accounts with full access to troves of private information. That AP article said the glitch was the result of a "routing problem" at the family's wireless carrier, AT&T -- revealing a little known security flaw with far reaching implications for everyone on the Internet, not just Facebook users. In each case, the Internet lost track of who was who, putting the women into the wrong accounts.

Both AT&T and Facebook claim this particular problem has been fixed but, it's brought to the front some major security issues with sites that require authentication. Iljitsch van Beijnu in an excellent post titled Facebook, AT&T play fast and loose with user authentication over at ars technica claims 99% of all sites implement user authentication themselves with some doing it right and others not doing it right. Here's more from Beijnu:

Putting a password in a normal text box means it's transmitted in the clear. To avoid this, it's necessary to use an encrypted HTTPS session, at least to transmit the password. Some sites do this, others simply send it in the clear where it can be intercepted relatively easily, especially—but not exclusively—on unencrypted Wi-Fi networks, such as Wi-Fi hotspots.

The second problem with home-grown user authentication is that it really only secures a single page. If the user later loads the page again, or loads another page, she would have to type the password again to really be secure. The solution to this problem is for the server to store some information in the form of a "cookie" on the user's system. Cookies for a certain site are automatically transmitted along with every HTTP request made to that site, so the server can recognize the user by the information in the cookie. So far so good. (Ignoring the fact that cookies can also easily be intercepted if sessions are unencrypted.)

Beijnu lists a couple of cookie related possibilities for the AT&T/Facebook snafu:

Possibility One

When mobile phones first gained the ability to access the Web, a lot of work was done to optimize the experience on slow, memory-starved devices with a slow connection. Much of that magic involves Web proxies. One way for this particular Facebook user authentication issue to come up on AT&T's mobile network would be if there is a caching proxy in between the server and the user that doesn't pay attention to cookies. So if user A with cookie X visits Facebook, the proxy caches the page user A gets. Then, when user B comes along with cookie Y, the proxy simply sends the cached page to user B, which is of course the page that only user A is supposed to see.

Possibility Two

Another possibility is that AT&T uses proxy cookies. WAP, a protocol that was used to create a Web-like experience for phones not capable enough to show the real Web, doesn't support cookies. This makes life hard, so proxies that let WAP clients talk to Web servers often implement "proxy cookies," where the proxy stores the cookies on behalf of the client. However, in that case it's essential that the proxy knows which user it's proxying for at any given moment, otherwise it sends the wrong cookie to the server and the user is logged in as someone else.

It's not clear exactly what was fixed and what happened - at least from the information I have access to. However, it looks like both AT&T and Facebook were at fault - AT&T for mixing up cookies and Facebook for using clear text cookies. It's important to understand it is not just an AT&T/Facebook problem.

How can user information and privacy be better protected? The solution is simple and Beijnu says it well - encrypting all sessions would solve these problems: passwords and cookies can't be intercepted and proxies can't get to the data.

Impressions: Twitter, Facebook, YouTube and the Iranian Revolution

Saturday, June 20, 2009, was a fairly typical day for me. The only thing different than most Saturdays was we woke up early and dropped my daughter off at the airport for a graduation gift trip with her friends. On the way home my wife, younger daughter and I decided to stop at the mall and have the Apple store take a look at my daughter's busted power button on her iPod touch. We made a reservation at the Apple Genius Bar and ended up with about an hour and a half to kill walking around the mall. My wife and daughter ended up doing most of the shopping and I ended up peeking at my Twitter feed on my iPhone. I noticed a lot of tweets tagged #iranelection and decided to start following those tags.

Like tens of thousands of others for the rest of the day I watched a revolution tweet by tweet - described in 140 characters or less on Twitter. The Iranian government had pretty much shut down traditional media (television feeds, reporters, etc) but that did not matter - they could not shut down the web. As Secretary of Defense Secretary Robert Gates said, the Iranian government "could not draw the net tight enough to stop everything" It was evident when I got home and turned on the TV - guess where the major networks (CNN, Fox, etc) were getting their updates on Saturday - Twitter, Facebook, YouTube......

The ability to read, watch and experience through the eyes of others what was happening in real time was something I had never experienced before. The closest think I can compare it to was was it felt like like watching a live battle - not through the eyes and interpretation of a reporter or camera person - but through the tweets of the individual soldiers.

For the past few days there are reports the Iran government has been confiscating laptops, cell phones, etc and analyzing historical information on the devices. It is very simple to pull historical information off cell phone SIM cards (for example) and they will be able to track down some of the posters this way. It has also been reported the government is taking a close look at those videos on YouTube and will be identifying some of the protesters this way too. There are also reports of looking at things like Twitter names and tracing IP addresses to ID people. There also may have been a counter attack using social media, hacking Moussavi's Facebook page and posting incorrect information to confuse and upset his supporters.

What can be done? Not much without shutting the entire country down from the rest of the world. I'm guessing tsomeone is taking a serious look at cell phone signal jammers that could shut down cellular communications when things start to get out of control. Sure things can be shut down temporarily but a jammer is not going to stop a user from tweeting or recording video and then posting the content when they do get a connection. It will be very difficult to shut this stuff down for extended periods of time.

So many really smart people have told me they just don't get social media apps like Twitter and I struggle sometimes describing why and how I use them. I'm hoping a lot of people are getting it a little more after the past weekend. Saturday will stick with me and I'll remember it in a way that I remember the first time I saw a color television, used a modem, sent an email and searched the web.

Tamar Weinberg on Facebook Etiquette

Tamar Weinberg has an excellent post over at Techipedia titled The Ultimate Social Media Etiquette Handbook. In her post Tamar discusses a number of social media utilities including a couple of my favorites - Facebook and Twitter. Here's are some Facebook egregious sins that you must not perform on social media sites. Tamar says avoiding these violations will help you learn how to manage and maintain online relationships on a variety of popular social media sites.

• Adding users as friends without proper introductions. If you’re looking to make friends, tell people who you are. Don’t assume they know you — especially if they, well, don’t.
• Abuse application invites and consistently invite friends to participate in vampire games. Many call this spam.
• Abusing group invites. If your friends are interested, they’ll likely join without your “encouragement.” And if they don’t accept, don’t send the group request more than once by asking them to join via email, wall post, or Facebook message.
• Turning your Facebook profile photo into a pitch so that you can gather leads through your Facebook connections. Thanks, but no thanks. Facebook is about real friendships and not about business — at least not to me.
• Using a fake name as your Facebook name. I can’t tell you how many people have added me and their last name is “Com” or “Seo.” I’m not adding you unless you can be honest about who you are. Once upon a time, Facebook deleted all of the accounts that portrayed people as business entities or things. I wish Facebook would employ the same tactics yet again, because I’m not adding a fake identity as a friend.
• Publicizing a private conversation on a wall post. In case it isn’t obvious, Facebook wall posts are completely public to all your friends (unless you tweak your privacy settings). Private matters should be handled privately: via email or even in Facebook private messages.
• Tagging individuals in unflattering pictures that may end up costing your friends their jobs. Avoid the unnecessary commentary also, especially on your childhood pictures that portray your tagged friends as chubby and not so popular. Further, if your friends request to be untagged, don’t make a stink of it.

Good advice, especially to those just starting out with Facebook. Be sure to read Tamar's entire post linked here.

Some Interesting Facebook Statistics

Facebook keeps track of some interesting information on their statistics page:

• More than 140 million active users
• More than half of Facebook users are outside of college
• The fastest growing demographic is those 25 years old and older
• Average user has 100 friends on the site
• 2.6 billion minutes are spent on Facebook each day (worldwide)
• More than 13 million users update their statuses at least once each day
• More than 2.5 million users become fans of Pages each day
  
• More than 700 million photos uploaded to the site each month
• More than 4 million videos uploaded each month
• More than 15 million pieces of content (web links, news stories, blog posts, notes, photos, etc.) shared each month
• More than 2 million events created each month
• More than 19 million active user groups exist on the site
• More than 35 translations available on the site, with more than 60 in development
• More than 70% of Facebook users are outside the United States
• More than 660,000 developers and entrepreneurs from more than 180 countries
  
• More than 52,000 applications currently available on Facebook Platform
• 140 new applications added per day
• More than 95% of Facebook members have used at least one application built on Facebook Platform

(Note: data from 12-18-08)

At current pace, Facebook is growing at around 600,000 users per day.

Digital Youth Research: Living and Learning with New Media

A couple weeks ago the latest study from Digital Youth Research titled Living and Learning with New Media: Summary of Findings from the Digital Youth Project was released. The study is the result of a three-year year collaborative project funded by the John D. and Catherine T. MacArthur Foundation. As part of the study, research on how kids use digital media in their everyday lives was done at the University of Southern California and University of California, Berkeley. Over a three-year period, researchers interviewed more than 800 youth and young adults and conducted over 5000 hours of online observation.

If you’ve been around young people recently the results should be no big surprise to you - here’s a quote from the study:

They found that social network and video-sharing sites, online games, and gadgets such as iPods and mobile phones are now fixtures of youth culture. The research shows that today’s youth may be coming of age and struggling for autonomy and identity amid new worlds for communication, friendship, play, and self-expression.

There are a couple of major study findings:

Youth use online media to extend friendships and interests.

Kids are using online networks to extend the friendships that they navigate in the familiar contexts of school, religious organizations, sports, and other local activities. They can be “always on,” in constant contact with their friends through private communications like instant messaging or mobile phones, as well as in public ways through social network sites such as MySpace and Facebook.

Youth engage in peer-based, self-directed learning online.

In both friendship-driven and interest-driven online activity, youth create and navigate new forms of expression and rules for social behavior. By exploring new interests, tinkering, and “messing around” with new forms of media, they acquire various forms of technical and media literacy.

The report implications, along with how we can take advantage of them in our classrooms, are very interesting. They include:

Adults should facilitate young people’s engagement with digital media.

Contrary to adult perceptions, while hanging out online, youth are picking up basic social and technical skills they need to fully participate in contemporary society. Erecting barriers to participation deprives teens of access to these forms of learning.

Given the diversity of digital media, it is problematic to develop a standardized set of benchmarks against which to measure young people’s technical and new media literacy.

Friendship-driven and interest-driven online participation have very different kinds of social connotations. For example, whereas friendship-driven activities center upon peer culture, adult participation is more welcomed in the latter more “geeky” forms of learning. In addition, the content, behavior, and skills that youth value are highly variable depending on with which social groups they associate.

In interest-driven participation, adults have an important role to play.

Youth using new media often learn from their peers, not teachers or adults. Yet adults can still have tremendous influence in setting learning goals, particularly on the interest-driven side where adult hobbyists function as role models and more experienced peers.

To stay relevant in the 21st century, education institutions need to keep pace with the rapid changes introduced by digital media.

Youths’ participation in this networked world suggests new ways of thinking about the role of education.

The authors ask the following questions:

What would it mean to really exploit the potential of the learning opportunities available through online resources and networks?

What would it mean to reach beyond traditional education and civic institutions and enlist the help of others in young people’s learning?

And finally:

Rather than assuming that education is primarily about preparing for jobs and careers, they question what it would mean to think of it as a process guiding youths’ participation in public life more generally.

Let’s say you are a novice and want to give this stuff a try. People often ask me where to start. Here’s my short answer:

1. Sign up for Facebook at www.facebook.com - it’s free.
   
2. Once you sign up search for people you know – it’s easy and you will find some. Old college roommates, professors, childhood friends, etc. You will likely also find most of your students.
   
3. Select some of the people you find and request their friendship in Facebook. Be sure to selec some experience users. Request my friendship if you want - just search my email address: gordonfsnyder@gmail.com
   
4. Watch what your Facebook friends do. Facebook is a great content aggregator . You’ll see things like embedded YouTube videos, Twitter posts, blog entries, pictures, etc. Be sure to check your page at least once a day to start with.
   
5. Build your Facebook page and start aggregating your own content – watch and learn from your Facebook friends.
   

If you are an educator, the study results are a must read. Powerful stuff that we can all take advantage of – inside and outside the classroom. Here’s how you can access the study results:

Two page summary linked here.

Study white paper linked here.

In addition a book based on the study is forthcoming from MIT Press titled Hanging Out, Messing Around, Geeking Out: Living and Learning with New Media. You can get more information on the book here.

A Social Networking Thinker You Should Know

I've been sick with the flu the last couple of days and, as a result, have had an opportunity to catch up with a number of my favorite bloggers. Jim McGee, over at McGee’s Musings wrote an excellent post yesterday titled Thinkers you should know - danah boyd. Danah is a Ph.D. candidate at the Berkeley School of Information and her research focuses on understanding social networks and their interplay with youth culture. In a 14 minute interview with Discover Magazine, she discusses how kids use technology, where mobile phones are going and the Facebook versus MySpace "smackdown".

Here's a link to the video at Discover Magazine <- click here to watch.

The interview is excellent and highly recommended. Here's how Jim finishes his post: her insights are worth factoring into your thinking about Enterprise 2.0. If nothing else, she’ll help you understand your future work force. I'll take it a step further and say she'll help you understand your children, your grandchildren...... and, if you are faculty, your current and future students,

Jevon MacDonald, who blogs at http://socialwrite.com, wrote an interesting reply to Jim's post on the FASTForwardBlog: Danah’s work has been incredibly important. Anyone wanting to really understand the social underpinnings of Enterprise 2.0 (social computing in general) should spend a week just reading everything Danah has written.

Danah blogs at http://www.danah.org - watch the video and take some time (maybe not a week but an hour or so) to take a look at her work if you get a chance.

Thanks Jim for your post. Oh yes - I'll be getting to the technical follow-up piece on Internet Traffic Shaping as soon as I feel better!

Microsoft Buys a Piece of Facebook and Files for Social Network Firewall Technology Patent

On October 25, Microsoft filed for a patent titled Integration of social network information and network firewalls. For a number of reasons, primarily security based, many corporations block social networking sites like Facebook and mySpace.

You may have also heard that, on October 24 (one day before the patent application), Microsoft and Facebook announced that Microsoft has purchased a 1.6% stake in Facebook for $240 million. According to Richard MacManus at Read/Write Web:

The amount invested is lower than expectations, which were around $500M. Microsoft's new deal with Facebook is all about bolstering their existing advertising arrangement - Microsoft will now sell Facebook's international display ads, in addition to the banner ads it already sells on the US site. However this deal leaves room for Facebook to run its own advertising network. Facebook's ad system will likely use social profiling to target ads, given the wealth of such data that Facebook has.

Lower than expectations..... still - do the math - $240 million for 1.6% of Facebook puts the value at $15 billion! The numbers are making me dizzy and I'm going off track.......

Seriously - after investing $240 million it does seem logical that Microsoft would apply for a patent on technology that would allow easier access to sites like Facebook from inside firewalls. In the patent application Microsoft proposes the problem with current firewall technology:

Internet protocol security (IPsec) allows the remote user or machine to be identified and is an additional mechanism for providing security to Internet traffic. A firewall may be programmed to require IPsec security on incoming connections. However, maintaining accurate connection information in a firewall can become tedious and prone to error. Detailed configuration knowledge may be required and the highest levels of protection may require frequent changes to the settings.

For example, broad application level exceptions may be authorized because it is too difficult or time-consuming to program a narrower, more appropriate, exception. Furthermore, due to the difficulty of configuring such elaborate settings, firewall configuration is generally statically set, wherein exceptions are configured once and then left unaltered thereafter. This decreases the security of the machine by causing the firewall configuration to not accurately represent the precise security requirements of a machine at a given moment, but instead represent the least restrictive superset of the needed configuration at all times.

And then the solution:

Instead of manually entering an allowed IP address or list of remote users to allow for setting a firewall exception, an invitation mechanism may be programmed to extract data about a connection invitation sent to an outside party and to appropriately program the firewall exception. The exception may be specific to the particular connection invitation, and, optionally, for limited duration. The invitation mechanism may be associated with an application, for example, an instant messaging program, or a game.

Alternatively, the invitation mechanism may be part of an operating system callable by an application or trapped by the OS itself. The firewall may receive an application handle and an identifier for the outside party, such as cryptographic material. The cryptographic material may be a public-key. The identifier for the outside party may be a handle, or pointer, to the public-key or an equivalent, such as a certificate. The exception may be timed corresponding to the type of application or invitation. For example, an exception for an e-mail-based invitation may be available for a period of hours, whereas an IP-based invitation for a game may be available for a minute or less. By making available the cryptographic material (e.g. public key) for an IPsec connection, the firewall can process the connection without interruption to the application, user, or OS.

Read/Write Web has also posted some web traffic stats regarding Facebook as compiled by Hitwise:

• Facebook.com was the ninth most visited website (as ranked by Hitwise) in the U.S. receiving .96% of all Internet visits for the week ending 10/20/07.
• U.S. traffic to Facebook.com has increased 102% YOY comparing the week ending 10/20/07 versus 10/21/06.
• Among a custom category of leading social networking websites, Facebook.com received 15% of U.S. visits for the week ending 10/20/07. That was second most among social networking websites behind MySpace.com, who received 76%. Windows Live Spaces received .40% for the same week.
• Facebook.com received '9.90%' of its U.S. traffic from Search Engines for the week ending 10/20/2007. Of that traffic, MSN Search and Live Search combined for .46% to Facebook.com last week. Google sent 6.82% percent of U.S. traffic while Yahoo! Search send 1.34% of traffic for the week ending 10/20/07.
• U.S visits for Facebook.com among users ages 35 and over have increased 19% comparing the week ending 10/20/07 versus 10/21/06.

Providing easier access to sites like Facebook from inside corporate firewalls has the potential to make these numbers even higher - at least that is likely what Microsoft is thinking.