Wanna see a big phat privacy hole on Orkut? Go to messages. Click compose. Click “friends and friends of friends.” Click next. Copy & paste all of your friends and their friends’ email addresses.
Oh, but don’t worry, you can’t delete either your account, your photos or any of your friends! (update: i am wrong about friends.. see comments) So, do you really trust the friends of those friends who keep adding everyone and their mother to the network?
Don’t worry, when everyone gets the hang of it, you’ll get to deal with your Orkut inbox because everyone in any community you’re in, or any friends of friends can send you messages there. As if you didn’t get enough virus mail this week.
Note for those who explicitly emailed me to ask why i’m particularly cranky about Orkut, why not other sites… 1) I am notoriously critical of all of the YASNS sites; 2) i made the reference to Jar Jar for a reason…. when you hope something is going to be really good because you have respect for the company behind it and the creation comes out to be insulting to the core, you can’t help but walking out of the theatre feeling sick to your stomache. Sure, i realize that it’s alpha. But there are enough shitty YASNS out there for Google to join in and insult us through privacy violations, a dreadful ToS, non-functional software and poorly thought out social consequences.
Update: Chris posted a response from Orkut in the comments. They say that it is not a privacy hole because only the names of your friends that make their email addresses available are shown. On one hand, it is really good to hear that this is a known and intentional approach. On the other, this is not the perception that i would imagine people would have when they see that long list. This is a good example of actual privacy vs. perceived privacy. While one might think that users should just get it, this is an example where the owner should really be better about explaining what’s going on and giving people an option to opt-out.
Speaking of which, can i opt out of the friends-of-friends sending messages to me?
danah is hating orkut
danah noticed the massive security hole that exposes private email addresses to any friends of your friends: apophenia: orkut pissyness, round 2. She has other criticisms as well….
You’ll only see the e-mail addresses of people who chose to share them with you: if you mark your email address as not to be shared with friends and friends of friends, they won’t be able to get your address this way. If you look at the list of people it’s addressed to, you’ll see that some are listed without addresses (unless you’ve got very permissive friends).
Crankiness is one thing, but don’t let it get in the way of the facts 😉
Yes, you can easily delete your friends, though it’s not the most intuitive. Click on FRIENDS, select the one(s) you want to delete, click EDIT, then DELETE.
By the way, I agree with many of your concerns, though not quite the severity to which you seem to be particularly repulsed.
It seems odd to simultaneously complain about really bad bugs, and about the invite-only nature of the site limiting participation. Presumably they will get the worst of the kinks worked out before the thing goes totally public.
FWIW I agree with many of the complaints posted here but despite that the site seems to show more promise than other social networking thingies, and they have shown the willingness and ability to improve things rapidly.
Adam – *thank you* for figuring that out!
Maciej – i definitely think parts of it are better, but parts of it are worse.
What i’m fundamentally frustrated with is the fact that it does not go to the next level. It’s more a slight variation on the rest. Only, with more explicit ratings of friends.
A privacy hole in Orkut?
Like lots of other techies, my friends have sucked me into the Orkut vortex. I’m not sure I’m that thrilled with it, but here’s a complaint I don’t quite get: Wanna see a big phat privacy hole on Orkut? Go…
A privacy hole in Orkut?
Like lots of other techies, my friends have sucked me into the Orkut vortex. I’m not sure I’m that thrilled with it, but here’s a complaint I don’t quite get: Wanna see a big phat privacy hole on Orkut? Go…
A privacy hole in Orkut?
Like lots of other techies, my friends have sucked me into the Orkut vortex. I’m not sure I’m that thrilled with it, but here’s a complaint I don’t quite get: Wanna see a big phat privacy hole on Orkut? Go…
A privacy hole in Orkut?
Like lots of other techies, my friends have sucked me into the Orkut vortex. I’m not sure I’m that thrilled with it, but here’s a complaint I don’t quite get: Wanna see a big phat privacy hole on Orkut? Go…
danah – what do you see as the next level for these social networking sites?
b/c I’ve asked for your opinion here’s mine, but feel free to disregard: Personally, I don’t think it will become useful for me until they operate seamlessly through my homepage. My homepage already has my resume, links to all of my friend’s that have homepages, and all the “about me” that I care to share. The only features that Friendster et. al seem to add a way to link to friends that don’t have homepages, a bunch of empty fields to fill in, and a relatively easy-to-use interface on top of that. I’m not sure these “features” outweigh the cost of the repetitive profile and network maintenance that YANS incurs.
It seems to me that sites like LiveJournal are infinitely more useful as a social networking service, and provide a compelling enough set of features that I would actually visit on a daily basis. It has a notion of friends (and allows it to be asymmetric), strong communication links within your friends circle, and discussion communities.
So, I, for one, believe the “next level” will be when we decentralize the social networks back into people’s homepages, be it FOAF, a LiveJournal/Xanga/Friendster/TypePad/Movable Type/Tribe/Orkut/LinkedIn federation, or whatever technology comes along. Note that this lively discussion popped up here, on your homepage, not on your Orkut/Friendster/Tribe page.
Well, I reported your privacy hole to my “friends of friends” list, and 356 of 1137 email addresses were shown. I then got an email from Orkut asking me to tell people:
====
Could you please send an email to your friends and friends of friends to tell them that there is no security hole?
We worked very hard to ensure that the privacy of our members is not compromised in any way. I don’t want our members to get the wrong impression.
I would greatly appreaciate it if you could pass the following message to you friends (:
You’ll only see the e-mail addresses of people who chose to share them with you: if you mark your email address as not to be shared with friends and friends of friends, they won’t be able to get your address this way. If you look at the list of people it’s addressed to, you’ll see that some are listed without addresses (unless you’ve got very permissive friends).
====
So I sent that back to everyone on the original list, but now I find myself “jailed”. Unlike Marc Canter you can’t say I have too many friends too fast, I’m only at 60 some odd.
maybe they jailed you because you spam hysterical doom messages which turn out to be totally and fundamentally wrong.
I just got an email from an Orkut FOAF, and my email address is set to “friends” visibility. Glad I used a disposable address!
if you hate it so much, then why are you still on orkut? i see that you’re active, with 109 friends…..
to do as soon as I have time…
I want to foaf-ify my blog. It’s pretty similar to rss sindication, so shouldn’t be too difficult. This was prompted by the orkut bashing that’s going on over on danah’s blog. I think orkut is certainly amusing, but she’s right that it’s not taking thi…
to do as soon as I have time…
I want to foaf-ify my blog. It’s pretty similar to rss sindication, so shouldn’t be too difficult. This was prompted by the orkut bashing that’s going on over on danah’s blog. I think orkut is certainly amusing, but she’s right that it’s not taking thi…
to do as soon as I have time…
I want to foaf-ify my blog. It’s pretty similar to rss sindication, so shouldn’t be too difficult. This was prompted by the orkut bashing that’s going on over on danah’s blog. I think orkut is certainly amusing, but she’s right that it’s not taking thi…
Danah – thanks for an interesting and informed critique (round 1 and 2).
Makes me glad I decided against joining in the first place.
http://scribbling.net/online_monkey_mind
Joe – how do you propose i do research from outside of my informants?
Insecurity at Orkut
Like many others, I’ve been paying attention to Orkut in the last couple of weeks…(post continues on issues feeling ‘insecure’ about Orkut, and why.)
i understand that you use orkut as a method to gather information; however, i question the utilization of the information in your specific critique. your critique is not objective and does not invite views different from your own – qualities that are not associated with “research” as a tool for advancing broader dialogue about information, or for furthering inquiry into how orkut could be better designed or utilized.
My critique is not my research.
but presumably your research informs your critique; therefore, espousing a close-minded view of the application serves more to discount any other views, or other ways the research might be applied. i simply question using your participation in a venue such as orkut as a rationale for research and then delivering such a scathing critique of the application, especially since you are an academic and knowledgable in this field, and your views may impact others’. i don’t think you encourage a diversity of views into a topic when you condemn something you’ve researched only from a very nonobjective, personal point of view.
I’m sorry that you feel that way.
Gina – Danah – thanks for an interesting and informed critique (round 1 and 2).
Critique? I suppose that depends on whether by “critical” you mean “Characterized by careful, exact evaluation and judgment” or “Inclined to judge severely and find fault”.
I’m not seeing much evidence of the former.
Orkut is scaring me
I’ve been meaning to write about this for days, and haven’t had a spare moment. Here’s what some other people…
You control who may send you messages and whether those messages are delivered as email, orkut-internal messages, or both. Go to Home->Settings. There’s a big list of all the different ways people can send messages, and for each one you can opt in or out of either medium. So if you don’t want friends of friends to be able to send you email through Orkut, this is how you do it.
This is unrelated to whether your email address is visible. As someone else mentioned, you control that in your profile.
Insecurity at Orkut
Like many others, I’ve been paying attention to Orkut in the last couple of weeks…(post continues on issues feeling ‘insecure’ about Orkut, and why.)
“The food here is *terrible*!”
“Oh, I know. And such small portions!”
My big gripe is becoming the trolls in 9000 groups with no info, obvious scripts…
My big gripe is becoming the trolls in 9000 groups with no info, obvious scripts…
never the less
who invite me for membership of orkut
That’s a friend
willem