Will Knott

Before you go to a Twestival, how should you keep an eye out for your friends off Twitter? Well, why not wear your Twitter friends? (yes that does sound like a very bad superhero team).

Wear their faces on your chest. (eewww) OK, pictures of their faces. Better? Or have their mug on your mug.

Walter Higgins at Sxoop (pronounced Skoop, or Scoop) is a image manipulation software developer for a a while now. The headlined Pixenate, an online photo editor, is integrated on many sites worldwide. He also has a history of making image manipulation tools for Twitter. He’s responsible for all the Santa hats this Christmas, and he’s brought out something new, the Twitter Mosaic.

You tell it your Twitter user name (no need for a password) and it generates a mosaic of all your twitter friends or followers. A big image. This can be turned into Mugs, T-Shirts and Bags.

All of this is made possible because of Web2.0 and the philosophy of open APIs (both Twitter’s and Zazzle’s). What has been done recently at http://sxoop.com/twitter/ simply wouldn’t have been possible a few short years ago. Needless to say, these APIs are being battered at the moment. Walter has more details on how to get things running quickly too and the end products seem to be reviewed very well.

So you can create a physical social (media) object and drink to the health of your fellow Tweeters from a Twitter Mosaic mug  (hopefully full of  clean water thanks to Charity:Water) and wear your friends in public.

The Twitter Mosaic is indeed the beneficiary of a Tuesday Push, so soon after demoing it at the Cork Open Coffee Club. And yes I got to know Walter through the Open Coffee movement. However its a cool idea, a great set of products and it since to see someone in Ireland making money in there times. And making money while Twitter is still trying out how.

take care,

Will Knott

Related articles by Zemanta

• Sxoop Technologies turn a buck on Twitter (patphelan.net)
• Tuesday Push was Sxoop (web2ireland.org)
• Twitter Mosaic: Using the long tail to make money from Twitter (antonmannering.com)
• My Twitter Mug is here – Merry Christmas to me! (u-g-h.com)
• Tuesday Push: Twitter Mosaic from Sxoop Technologies (ewritecork.com)
• Push it: Twitter Mosaic from Sxoop Technologies (cjwriting.com)

Get your twitter mosaic here.

Dear Ms. Marianne Mikko Member of the European Parliment,

I’ve been reading reports that you have called for a registration of bloggers.

Given the importance of the Internet in Estonia, I suspect that you would get a lot of, er, assistance in answering an explanation of what you mean.
Or at least a high level of details on what you are actually requesting.

Most blog posts are highly personal by nature, be it personal observation, on the ground reporting of a war in their local neighbourhood, on the antics of their cat (depressing there are a lot of these) or the rote by which a blogger investigated the dealings of a disgraced public official.
They are closer to opinion pieces than investigative reporting.

There are also blogs which by their very nature need to be anonymous. Those detailing illegal activities by officials for instance. A registration of such a blogger is likely to lead to intimidation or death.

Do you wish to clarify your wording.
Say in a blog of your own for instance?

Yours sincerely,
Will Knott

http://WillKnott.ie

I’m not a fan of Facebook

Which is a problem when it comes to Photomeets and Photowalks. And slightly impromptu events and meetings, as the initial invite is sent out via a Facebook invitation. I sort of went off it in the flood of applications, and I’m not surprised that LinkedIn is getting a flood of new users.

The one thing I loved was the friend feed. The quick status updates of “Bob is arriving at three” and “Alice is looking forward to the meeting” and “Eve is still listening”. Of course these are the essential parts of Twitter or Jaiku, or even FriendFeed.com (not the same thing, but I’m intrigued by their rooms to abate noise).

The main use of Facebook I’m doing is trying to track someone I don’t know down and contact them, or as I mentioned, meet-ups (as opposed to Tweet-ups or Meet-kus).

Why all this, it’s because I know about the next photowalk this weekend, (and yes I’m grateful that it e-mails out all messaes and the message contents now) but I have no idea if I’m going yet (and won’t know until that morning). I just don’t want to have to log in to FaceBook to say so.

take care,
Will Knott

“Was given chocolate. That’s a far better freebie than bloomin’ memory sticks!” — Jemima Kiss via Twitter.

Image via Wikipedia

By now everyone has heard the old story about people giving up their passwords for chocolate. Although Bruce Schneier has pointed out that he would gladly give a fake password for chocolate. Which is a little better than loosing a lot of information about your customers. Yes I’m typing about Bank Of Ireland.

This is an interesting problem for the Bank. In 2006 Bank Of Ireland agreed to refund phishing losses suffered by customers of their internet banking service. And later updated their terms of service to include

13 Indemnity

13.2 Without prejudice to the generality of Clause 13.1 above, the Bank shall have no liability whatsoever in respect of any loss suffered by the Customer as a result of their breach of Clause 4 [jm: Security/Authentication] by way of knowingly, negligently or recklessly disclosing the Security Devices or any of them.

– via Justin Mason.

Richard Burrows, Governor of the Bank of Ireland, has declared on a news report that

1. monies lost will be refunded and that
2. the laptops were secured with a password.

However I reply

1. What hoops do victims of this loss have to jump through? After all some of the stolen information was not from BOI customers, but also those who had approached the bank for a life assurance quote. Besides, the usual procedure is to create a new account somewhere or getting credit cards in their identity, not touching the victims bank accounts directly, but ruining their credit rating in the process.
2. This concerns data not the laptops. Its possible that the OS requires a password to be provided, however it is quite easy to remove a hard disk and attach it to a separate machine. Completely by-passing any password requirements of the OS. Either encrypting the customer data on the disk (as happened in the IBTS incident) or making the entire disk an encrypted file. The data was unencrypted.

The information on the four BOI laptops contained the names, addresses, financial details and some medial records of its life assurance customers. Gosh that is a goldmine of information for identity thieves, phishing operators and even the odd blackmailer (if the medical information reveals things). I’ve written about this before, and I don’t think things have gotten any better.

And it happened some time ago.

Bank of Ireland said the four laptops disappeared between June and October 2007 and contained the names, addresses, bank account details and medical histories of about 10,000 holders of the bank’s life insurance policies. Ireland’s second-largest bank made the admission after the chief regulator, Data Protection Commissioner Billy Hawkes, told Irish broadcasters RTE he had been informed of the lost customers’ data only last Friday.

– via IHT

It’s the silence that is slightly worrying. The Irish Banking Federation hasn’t said anything. True that these were probably €900 laptops. But the information on them do open up the bank for potentially billions of damages; not that, given the statement by the Data Protection Commissioner, such punishment is likely to happen.

Now I’m hearing rumours that the banks are now encrypting customer data, but do you trust a bank with your data that can’t even link correctly to the page with the information about the incident on their own site? Hopefully someone will notice that correct things sooner than they noticed that the missing customer data might be important.

take care of your data,
Will

UPDATE – April 28 2008
Number affected by BoI laptop thefts trebles – “The technical investigation has identified that details relating to 31,500 policies, policy applications and a small number of mortgage customers were contained on the stolen laptops.” So the numbers are worse that previously announced, and the fact that not all of those at risk are customers of the BOI. If the Data Commissioner can’t deliver punishment via a 4×2 then his remit should be altered.

To be honest it sounds like an April Fools joke, but it appears that Google have plans to release a “clippy” clone-like helper to Google Docs and Spreadsheets (as an Easter Egg) . Instead of a paper clip, the application appears as a living Google logo. Hopefully his entire existence is as an animated image.

Still think of the possibilities…

see more crazy cat pics

take care,
Will

Demotion is something of a kludge. I wanted a word which started with D. So “Demotion” covers being fired, leaving a job, redundancy and in a limited case… death. Simply put, demotion covers anything to do with leaving a job or letting someone’s job go.

But loosing information? Yes.

It’s not yours

Everyone know that, unless you own the company, the computer at work is not theirs to own, in much the same way that the company car does not belong to them, and that the telephone provided by the company does not belong to them. Yet in the same way that a company rep can fill the company car assigned to them with their stuff, many people customize their work computer and fill it with at least a little of their data.

Which isn’t a good idea. While a representative can request a little time to remove any personal belongings from the company car, the same shouldn’t be expected from the company computer. I know of one case where the staff left their desks to a meeting in the canteen, and upon being told that the company was laying them off, returned to their desks to find that they were locked out of their computers. Anything not on removable data was trapped in there.

With the ubiquity of USB Flash disks and cloud computing, no one has an excuse to have their personal information on the machine. But what if it’s not just personal data.

All your database

How would you feel if your boss asked you for every email address and phone number you had accumulated over the course of your employment? This is what happened to Junior Isles. He worked for 9 years as a journalist and helping with putting on conferences for PennWell. When he left to set up a rival company, PennWell issued an injunction on the three requiring them to “return all the claimant’s property including any information in paper form or stored on any computer”. Isles had uploaded the details of hundreds of contacts into Microsoft Outlook on his desktop when he joined the company. Under UK law a journalist can retain his journalistic contacts. Every time he got a new contact, he added it to Outlook. PennWell claimed that these numbers were company property. Isles went to the high court. He lost.

Had Isles kept his journalistic contacts separate from his other work-related numbers, he would have been able to take them with him. His mistake was to mix the numbers up with non-journalistic ones – those with whom he worked setting up conferences – which should have remained with the company.

The technology used is no defense either. Be it on paper, SIM card, cloud or PDA. It means that legally your employer owns the details of your LinkedIn or FaceBook account if you mix personal and company contacts. And if you do, well its your own fault for doing it.

An untried and nested consequence of this is a small company using cloud computing. Using Google Docs, GMail and a VoIP solution such as Skype, it is possible to create a reasonably cheap office environment. If an employee uses and does all his or her work on these systems using their own personal id, then, legally, the company owns their electronic identity and not the person. The lesson is if you find yourself in such a situation, create a new id. Or use multiple profiles on the same machine. Either that or make sure your contract specifies that you keep all data stored in such accounts when leaving the company.

But let us assume that you have correctly separated (and kept separate) work and play. Lets assume that you leave the company with all your data intact. It is still possible for the company to loose data.

Tarballs

When someone leaves a company, everything that the person learned in there goes with them (which is why you have “no competition” clauses in contracts). Frequently when a person leaves a corporation, everything that the person created is also destroyed. The corporate e-mail account is erased. The machines used are re-formated. This means that unless someone searches for the data and takes it off the machine, its lost.

Even is the data is carefully stored away, its not always possible to get everything back…

What use is building a great home-grown billing system if it’s not documented by the implementer? All over the industry are people who make themselves irreplaceable by refusing to detail what their data means.

I’m sure many contractors have been given a tarball of ‘code’ that someone wrote before moving on, and asked to ‘make it go, it just needed some final tweaks’. Alas, without a database schema, some insight into what was being attempted, it’s invariably easier to start from scratch again.

– John Looney

Password unavailable

If someone leaves in an ordered fashion, then data is somewhat recoverable. If someone walks away unexpectedly from the company, there is some recourse. When an employee dies, well you can’t ask them for their old passwords. While a company should have some “back door” (or even an alternative “front door”) in to their systems, some companies may face similar problems as next-of-kin due to security and procedures of third party providers. Besides. Can you remember a password you last used a few months ago?

While not everything is cut-and-dried, remember to keep work and play separated.

Take care,
William Knott

With kind thanks to John Looney of Google (for the tech and social angles) and Simon McGarr of Tuppenceworth.ie (for the legal questions and answers) and for all the people quoted above for providing their perspectives.

tags : 4 Ds of Information loss, 4ds,legal, demotion, fired, quit, redundancy, cloud computing, personal information, contacts, electronic identity, multiple profiles, documented