The weak link in the spam war is always people

I always appreciate clever spam, at least aesthetically — it may be evil, but evil-and-smart isn’t quite as irritating as evil-and-stupid.

In this particular case, it was a comment in The Art of Conversation, which hit my moderation filter a few minutes ago.  The comment itself is simple but well-designed to stroke the ego: “Just passing by. Btw, your website have great content!”  (Okay, so they blew their English roll.  But that’s not unusual in the blogosphere.)  I actually contemplated approving the comment, but the sheer generic-ness of it made me pause an extra second.  And that pause was long enough to actually look at the signature — which is, of course, a link to a make-money-fast scheme.

I hadn’t previously realized that I don’t pay much attention to signatures, but somewhere along the line I clearly started tuning them out.  Going to have to be more careful about that in the future.

And there’s an important general point here: automated tools can only do so much in the fight against spam.  There was nothing technically sophisticated about this particular attempt to place spam in my blog, just a little smart social engineering.  They appealed to my ego, betting that I wouldn’t read the rest of the message closely enough to realize I was being used.  And they almost got me, despite my being pretty sensitive to these ploys.

What have you been seeing lately?  Has anything new and different from the spammers caught your eye?

Conversation Analysis and Multi-Threading

Some of you know rising_moon, some don’t, but I commend her to you as a generally smart and interesting person, and particularly this post from a few days ago.  It mostly asks questions, but presents a few interesting musings about the relationship of communities, knowledge management, and how to deal with the plethora of competing conversational threads that can arise around a topic.

In also reminds me of a point that I’ve thought about idly in the context of CommYou, but which could use a lot more thought.  Most people assume that deep asynchronous conversations should have threading, and it’s not too radical to have the ability to split threads — to promote a thread to being a top-level conversation unto itself.

But what about thread joining?  That is, it’s not unusual for multiple conversational threads to run in parallel, but they often really are running into each other and crossing over.  If you and I are both talking about X, it’s not unusual to hit a situation where really, what I want is to join your conversation with mine, so that we can cut down the redundancy.  At the moment, you do this by links and pointers, but there’s no real concept of unifying the conversations.

This might be particularly helpful in conversations that are mediated by social networks, where parallel conversations can easily arise, with some participants in one and some in the other — a bit of cross-pollination could sometimes provide some interesting insights.

Rising_moon’s post talks about nodes, and I suspect that’s the right way to think about this.  It’s not precisely that you would join two conversations into a single one, as that you could import a thread node from one conversation’s tree over into the other, and vice versa.  We normally think of a conversation as a tree; if we instead think of it as a directed graph inside a forest of conversations, we wind up with a lot of possibilities, some of which make sense and some of which probably don’t.

I’m just musing here — I don’t know if anyone has yet written a serious conversation tool that plays with this sort of thing.  (I haven’t seen one, but it wouldn’t surprise me to find academic work along these lines.)  But it’s a feature I am vaguely contemplating in the long term for CommYou, so I’d be interested in any thoughts about it…

The Rise of the Un-Person

On Friday, AllFacebook reported about current moves to kick convicted sex offenders off of social networks.  On the one hand, I understand the motivation behind this — people are terribly worried about online predation.  On the other hand, I’m increasingly disturbed by this trend.

As with most such, the beginning of the legal story was innocuous, or at least fairly sensible, with moves such as keeping convicted offenders away from schools.  This seems pretty rational on the surface, at least when well-applied, keeping them away from temptation and the danger away from kids.

But over time, the idea has expanded, and gradually become, if not always irrational, at least a lot less consistently grounded.  Some laws are requiring offenders to register publicly, so that parents can know about them.  Still justifiable, but shakier ground: everybody has to live somewhere, after all, and most places are somewhere near children, so the fact that they happen to be in the same neighborhood isn’t an indication of malign intent.  And it opens up a lot of likelihood of harassment of people who aren’t doing anything wrong.

(There are lots of other arguments as well, not least that the definition of “sex offender” is now very broad, covering everything from really scary predators to people who are just guilty of a dumb teenage mistake.  Not to mention the whole question of how we should treat someone who has genuinely reformed.  It’s thorny stuff.)

These new moves into the online space expand the argument even further.  It seems innocuous if you think of Facebook as simply a kids’ hangout where nothing important happens — on that logic, the risk is high and the cost in freedom low.  But that is, at best, a misinformed short-term view.

There seems to be little question that the online sphere matters more every year — indeed, almost every day at the moment.  Facebook is no longer just for kids: it and other social networks are increasingly crucial for everything from finding a job to staying in touch with your social circle.  On current trends, within ten years it’s going to be getting hard to have a life in this country without some social networking.

Which raises the question: what justifies cutting someone out of those networks?  Currently, it’s done casually, indeed sometimes frivolously by the network providers like Facebook.  But as these networks become ever-more important public utilities — as they become public space, as much so as the park you might go for a stroll in — it becomes a much more serious punishment, and one that can’t be applied arbitrarily.

Or to look at it another way: at what point does cutting someone out of the social web turn them into an Un-Person, whose life is more restricted than any released felon’s has been in the past hundred years?  We’re not there yet, but I can see that day coming.  And I believe we’re going to need to come to grips with the question soon…

Tightly vs. Loosely Knit Networks; or, The Echo Chamber

As I’ve observed before, the social network of Facebook tends to be a bit different from that of LiveJournal — the norm is to accept many more friend invitations.

The result is a more loosely-knit social network.  Whereas in LJ it is very common to have a pretty tight-knit network, largely composed of people who you know rather well, Facebook is leading towards friending a lot of people who you only know slightly.

I complain about that a bit, especially in asking the question, “Do I really care about these people?”  But I’m finding one real benefit to it: it has less of an echo-chamber effect than LiveJournal does.

The thing is, a closely-knit group tends towards a bit of groupthink.  That isn’t to say that everyone has exactly the same opinions or ideas, but the group itself, as a tight community, develops its own strictures.  Certain ideas predominate; those to the contrary tend to be a little quieter.  This can lead to an unhealthy belief that everybody, by and large, agrees with you.  (Locally, I often refer to the “Massachusetts Reality Warp” — many people locally really don’t understand how different this state is from the average.)

Facebook, I am finding, can be refreshingly different.  Granted, it tends to have less deep thought and opinion expressed than LJ — but when it does, it’s a fine opportunity to look outside one’s social shell.  No, you may not have seen this person since high school — but that means that they live outside your local echo chamber.  Engaging them in conversation can therefore be a much more productive chance to learn and teach, since you’re not preaching to the choir as much as you might be doing in a tighter-knit community.

Are your Facebook communities largely the same as your LJ ones, or are you widening your circle?  Have you found opportunities there to broaden your horizons?

The danger of implicit “conversation”

Today’s news headline (well, if you look past Facebook’s reverse-course on its Terms of Service) is that Tumblr has an anonymity problem.  It’s not surprising, but it serves as yet another reminder of how dangerous anonymity can be in fostering abuse.  Moreover, it illustrates the way that the new model of deriving “conversation” automatically may be kind of broken.

(Disclosure: I don’t know Tumblr very well.  I’m only picking on them because the news article is illustrating a general point that I’ve been thinking about lately.)

Tumblr, like so many new-fangled systems, kind of tries to do an end-run around traditional conversation.  It links together things that seem to be related, and treats them as a kind of meta-conversation.  This basically treats conversation as an emergent property of postings.

The problem is that the conversations fostered here lack many of the tools that good conversations require.  In particular, by deriving the conversation implicitly, they are also deriving the community implicitly.

That doesn’t really work, because community is more than a one-way operation.  You aren’t part of my community simply because you want to be: you are part of it if I say you are.  Tumblr, and tools like it, miss the crucial distinction.

Any moderately mature conversation system deals with this, by providing very explicit tools for managing your community — the ability to ban a specific person from commenting is the most elementary and critical feature such a system can have.  (No, CommYou doesn’t have it yet.  This is one of the reasons it’s still only in alpha: I consider the feature necessary before it goes to beta.)

It remains to be seen whether the implicit-conversation systems can get this right.  I suspect that, in order to do so, they’ll have to sacrifice some of their beautiful “it just works” emergent properties, and start providing more explicit community-management capabilities like the rest of us.

What do you think the community capabilities of these implicit tools will wind up looking like?  Do you think that implicit-conversation tools are going to manage to scale up to the ugly real world of the Net, or will they (like so many social systems before them) get toppled by the harsh reality of abuse?

138 is a pretty small number

The past month seems to have been a major turning point for Facebook.  I don’t know about you, but I’ve seen a very sharp and sudden spike in people I know getting onto it — I’ve gone from one or two new friends a week to several a day.

Along with that, I’ve given in and started to pay attention to my News Feed.  This is a big change for me: I’m an old LJ guy, and (like so many LiveJournal users) have tended to treat the Facebook News Feed as a shallow imitation of LJ postings.  But if that’s where the people are, I’ll make an effort to follow it.

It does lead to some thoughts about scale, though.  I’ve deliberately been more open about friending on Facebook than on LJ — the culture is different, so I’ve taken an attitude that I’ll accept a friend invite from almost anybody I know.  The result is that my Facebook friend list is already larger than my many-years-old LJ one, and growing much faster.

And the thing is, I don’t care about all those people equally.  I’ll friend the folks from my high school, but honestly — I only care about actively following maybe half a dozen of them.  So when I have hundreds of friends, I want to filter my News Feed pretty aggressively.

Now, Facebook does provide explicit filters nowadays — I can list people who I do and don’t particularly care about for my News Feed.  But those lists are limited to 138 people each.  When I noticed that the other day, I was brought up short.

On the one hand, 138 people seems like a lot.  But the way my friend list is growing, it won’t surprise me if I wind up with 500 people on it within a year, and most of those will be people who I don’t need to hear about regularly.  At that point, 138 may start looking kinda small.

(And of course, the geeks in the audience are now going, “138?  What kind of number is 138?”  No idea — it is oddly arbitrary.)

All of which mostly drives home the point that, in the new online social world, you can’t underestimate the problems of scale.  It’s not the physical world, and numbers that seem large in realspace can be kind of small in cyberspace…

The Danger of a Single Point of Identity Failure

A few minutes ago, I found myself locked out of my Facebook account, due to “database maintenance”.  It was pretty brief — maybe two minutes — but it occasions some concerns.

Facebook is doing a good job of turning itself into the central spot for identity online.  It probably won’t succeed — there are enough people adopting OpenID to provide a counter-balance — but it is part of a growing trend towards simplifying one’s online identity.  Whereas now, your identity is fractured into dozens of different sites, we are heading towards a time when you will only have a few online identities, possibly even just one.

Which is great in many ways, but introduces huge new technical risks.  It’s one thing for Facebook to lock me out of itself for a few minutes.  But what if that means locking me out of everything?

This isn’t an idle speculation: it happened to CommYou a couple of months ago.  CommYou initially doesn’t have any sort of “native” identity — you use your identity from some other site.  As it happens, most of my alpha users get their identity from LiveJournal.  But one day, LiveJournal went down for the better part of a day.  And not only could people not use LJ, they couldn’t use CommYou either, because they had no way to log in.

Step one of identity evolution was the growth of many identities, and the resulting fracturing of your online persona.  Step two, in process now, is the consolidation of those identities into a relatively small number of providers, so that you are basically the same person in whatever sites you like.

Step three, which has scarcely even been thought about yet, is going to have to be distributed identity — wherein you are the same person, recognized as such by many sites, but without the single point of failure.  You’ll be able to validate yourself via several different identity providers, but everyone will still understand that you are you.

I don’t expect this to happen soon, or easily — there are a lot of reasons why the established players would resist it.  But we’ll eventually have a major failure of an identity provider, which leaves a lot of people out in the cold, unable to log into many other sites because their identities went through that provider.  I expect that at that point, everyone will get the clue.

What do you think?  How many online identities do you expect to wind up with?  Any bets on how long it’ll take to develop this distributed-identity infrastructure?  I’m getting started on it soonish: CommYou is much of the way towards allowing you to link a bunch of identities together.  But that’s just the solution for one site, not a general fix for the problem…

The OpenID Summit; or, Steam Engine Time

One of the most important topics in online community is the Identity Management problem.  Users have, in recent years, been swamped by identities — a typical heavy online user is juggling dozens of different logins to different sites, causing endless confusion and a lot of fracturing of their online “persona”.

There have been a lot of experiments happening over the past four years to try to deal with this, and two major technology approaches have been making real inroads in the past year: Facebook’s proprietary Connect system, and the “Open Stack” (OpenID plus a bunch of less-well-known related standards).

Yesterday was a milestone day in pulling this all together and starting to make sense of it.  Facebook (which has recently started to get serious about getting involved with the OpenID project) invited all the movers and shakers in the space to a small summit meeting, to hash out the details, discuss their experiments, and figure out what really works.

I really can’t overstate how important this was: the results presented were beyond encouraging, and everyone seems to be quickly converging on answers to the all-important question of, “How do we do this without confusing the heck out of users?”

John McCrea posted a liveblog account of the day — if you have any interest in this space, go read it.  Now.  In particular, note that all of the slide decks presented during the open session are embedded, and all of them are well worth looking through.  This isn’t the usual tech brainstorming: these are the accounts of principled real-world experiments with ordinary users, and the lessons learned.

There are moments when you suddenly realize that Steam Engine Time has hit a technology: the problems and confusion are starting to look old and foolish, everyone wakes up to the fact that this tech is needed, right now, and they start pulling together to work out the details to make it hum.  Yesterday was Steam Engine Time for online identity — the transition from “we should probably do something” to “this is going to happen”.  Expect things to move fast from here…

Filtering and Politeness

Another interesting conversation from Siderea got me thinking about the concept of “friending”, what it means and is going to mean, and the fact that filtering — currently a relatively exotic concept — is going to become crucial in the years to come.

One of Siderea’s points (more in the comments than the main post) is that, in this new social-networked world, the default is probably going to be making yourself “available” via social networks.  That is, a “normal” person will be expected to be on one or more of these networks, and moreover the social norm will be to accept friend invitations from — well, practically anybody you know in real life.  Not accepting such an invitation will be considered a bit rude.

On the one hand, I definitely see where she’s coming from: I can see this particular trend of ubiquitous friending starting up already.  It’s common to friend people you haven’t seen in twenty years, and with whom you share little in common.  And I think she’s right that, for many people, refusing a friend invitation is perceived as a deliberate rebuff.  Certainly we’ve all seen the occasional drama that ensues when someone is unfriended.

That said, I can’t imagine that this is going to continue without changes.  It just plain doesn’t work.  The reality is that, while I may not want to offend these people by refusing the invitation, I really don’t care about them very much.  I don’t mind them being around in some loose sense and paying attention to me, but I’m not going to spend attention on them and I’m not going to share my most intimate thoughts with them.

So it seems like a middle ground is needed, and that middle ground is probably filtering: putting your “friends” into different buckets.  For the LiveJournal users in the crowd, this is totally unsurprising — LJ has supported filtering for years, both in the form of custom friend groups and simply in the asymmetrical nature of the thing.  (That is, the first level of filtering is, “Sure, you can read me but I’m not going to bother reading you.”  This is quite different from Facebook, where friending is always symmetrical.)

In practice, I already do filtering via custom friend groups.  In particular, I almost never unfriend someone, due to the drama potential.  But I only have time to really follow about half of my friends on a regular basis.  So I have a filter — a custom friend group — that I actually read all the time.  When I decide I don’t care quite as much about someone, they get transferred out of this filter.  They are never slapped in the face with it, so it allows me to preserve the social niceties, but it allows me to focus my precious time and attention on the people who matter most to me.

Other services are starting to catch on, but it’s slow.  Facebook now has a concept of custom friend lists, but it’s new and support is still spotty.  Twitter lacks any such concept, but it’s notable that some of the new Twitter clients have as a major selling point the ability to layer a weak form of filtering on top of it.  I suspect that, in the long run, all social networking tools are going to have to provide filters, often rather strong filters, in order to be usable in a world where people gradually wind up with a thousand people on their “friends” list.

How much filtering do you currently do?  Do you treat your friends list as really just friends, or do you let mere acquaintances on?  Do you really read everyone you friend?  Do you manage your services differently?  (Certainly I treat LiveJournal and Facebook very differently, since I’ve found them to have different social conventions.)  Where do you see this as all going?  We’re in the middle of some big changes in how we manage our social environment, and it’s fascinating to speculate about where that’ll end up…

Cities in the Net

Some of my readers already follow Siderea’s blog, but if you don’t, I commend her recent posting, Cities in the Net, and the ensuing discussion.  It considers social networks from an architectural perspective — a very practical way to think about online community and how it relates to real-world ones…