The Business Web 2.0
As CEO of business-based social networking site WeCanDo.BIZ, read my take on the role Web 2.0 technologies can play helping businesses to grow.
Saturday 6 December 2008, 1:57 PM
Google Friend Connect increases spam risk
It's too easy to send unsolicited messages using Google Friend Connect without knowing it.
We added a test page to our website this week so I could try out Google Friend Connect, as I wanted to see for myself what the implications were for webmasters and users as the GFC "gadgets" gradually rolling out across the web. If you aren't aware of GFC, it is Google's attempt to "socialise" the web by enabling social networking type features to be easily added to existing websites, whether they have existing communities or not.
If you want to take a look at our test page you can find it at http://www.wecando.biz/googlefc.php.
Here's what it enables you to do:
- "log in" to our website so that your identify can be seen to all others using GFC to log in; and you can see the identities of all those who have also logged in using the method
- "friend" other GFC users on our website, which will add them as friends on other websites supporting GFC
- engage in using other "gadgets" (what everyone else calls widgets) which currently allow Facebook-like "wall" comments, ratings and basic games (we have only the ratings one active)
- associate identities you have on other OpenID sites with your GFC account (which is, in fact, based on your membership of Google for Mail, Analytics, or whatever; or your Orkut or OpenID memberships)
- invite your other contacts in other GFC associated networks (e.g. Plaxo) to come and connect with you on that site
- post details of that site to a contact or e-mail list or back to MySpace, Facebook and a few other social networks
All fairly useful. But the thing that concerns me is that when you send invitations or links to websites back to the connections you have on Plaxo, for example, rather than them getting a message in Plaxo they receive an e-mail; and the e-mail doesn't make the source apparent, so it can't be seen why or how they've been selected to get your e-mail. It looks just like a random e-mail inviting them to a website.
I have used this feature of Google Friend Conenct only once to let my Plaxo connections know they can take a look at our GFC implementation. Many are interested in social media so I thought they'd like a peep. But I had no idea they'd get a random e-mail from me, without it apparent I was using GFC to send it, or that I had selected them from a Plaxo connections list.
What difference does this make? Well, I have some connections on Plaxo that are a little tenuous and to those guys this looked like spam. In fact, one of those contacts reacted badly because it looked to them just like I had dug out their e-mail address and sent an entirely random e-mail to look at my website, the "context" in which I had sent it not being apparent.
And to be fair to myself, I wasn't aware they'd be getting an e-mail with no reference points in it when I sent it.
I hate unsolicited mail messages as much as the next man, but GFC makes it easy to send messages and links to website with just a few clicks, without the implications of what you are doing being very apparent.
Of course, I get invitations to try this and that all the time on facebook and it that community it doesn't bother me as much as e-mails doing the same thing. But without a central network to post messages back to, as facebook has for Facebook Connect, Google is (I am assuming) unwittingly helping to contribute to a surge in in spam e-mails out without the sender really being aware of the implications of their simple actions.
If this can happen to me, I am sure it can easily happen to others. Expect other people playing with or finding their feet in Google Friend Connect to start generating a level of unsolicited e-mails that they have no idea about; and for it to get worse as more and more websites add and support GFC.
This is something for users, webmasters and IT departments to watch out for!
Ian Hendry
CEO, WeCanDo.BIZ
http://www.wecando.biz
We added a test page to our website this week so I could try out Google Friend Connect, as I wanted to see for myself what the implications were for webmasters and users as the GFC "gadgets" gradually rolling out across the web. If you aren't aware of GFC, it is Google's attempt to "socialise" the web by enabling social networking type features to be easily added to existing websites, whether they have existing communities or not.
If you want to take a look at our test page you can find it at http://www.wecando.biz/googlefc.php.
Here's what it enables you to do:
- "log in" to our website so that your identify can be seen to all others using GFC to log in; and you can see the identities of all those who have also logged in using the method
- "friend" other GFC users on our website, which will add them as friends on other websites supporting GFC
- engage in using other "gadgets" (what everyone else calls widgets) which currently allow Facebook-like "wall" comments, ratings and basic games (we have only the ratings one active)
- associate identities you have on other OpenID sites with your GFC account (which is, in fact, based on your membership of Google for Mail, Analytics, or whatever; or your Orkut or OpenID memberships)
- invite your other contacts in other GFC associated networks (e.g. Plaxo) to come and connect with you on that site
- post details of that site to a contact or e-mail list or back to MySpace, Facebook and a few other social networks
All fairly useful. But the thing that concerns me is that when you send invitations or links to websites back to the connections you have on Plaxo, for example, rather than them getting a message in Plaxo they receive an e-mail; and the e-mail doesn't make the source apparent, so it can't be seen why or how they've been selected to get your e-mail. It looks just like a random e-mail inviting them to a website.
I have used this feature of Google Friend Conenct only once to let my Plaxo connections know they can take a look at our GFC implementation. Many are interested in social media so I thought they'd like a peep. But I had no idea they'd get a random e-mail from me, without it apparent I was using GFC to send it, or that I had selected them from a Plaxo connections list.
What difference does this make? Well, I have some connections on Plaxo that are a little tenuous and to those guys this looked like spam. In fact, one of those contacts reacted badly because it looked to them just like I had dug out their e-mail address and sent an entirely random e-mail to look at my website, the "context" in which I had sent it not being apparent.
And to be fair to myself, I wasn't aware they'd be getting an e-mail with no reference points in it when I sent it.
I hate unsolicited mail messages as much as the next man, but GFC makes it easy to send messages and links to website with just a few clicks, without the implications of what you are doing being very apparent.
Of course, I get invitations to try this and that all the time on facebook and it that community it doesn't bother me as much as e-mails doing the same thing. But without a central network to post messages back to, as facebook has for Facebook Connect, Google is (I am assuming) unwittingly helping to contribute to a surge in in spam e-mails out without the sender really being aware of the implications of their simple actions.
If this can happen to me, I am sure it can easily happen to others. Expect other people playing with or finding their feet in Google Friend Connect to start generating a level of unsolicited e-mails that they have no idea about; and for it to get worse as more and more websites add and support GFC.
This is something for users, webmasters and IT departments to watch out for!
Ian Hendry
CEO, WeCanDo.BIZ
http://www.wecando.biz
Previous
