{"id":192,"date":"2008-09-02T14:24:24","date_gmt":"2008-09-02T18:24:24","guid":{"rendered":"http:\/\/blogs.law.harvard.edu\/digitalnatives\/?p=192"},"modified":"2008-09-02T14:25:19","modified_gmt":"2008-09-02T18:25:19","slug":"koobface-hacking-the-credibility-of-friends","status":"publish","type":"post","link":"https:\/\/archive.blogs.harvard.edu\/digitalnatives\/2008\/09\/02\/koobface-hacking-the-credibility-of-friends\/","title":{"rendered":"Koobface: Hacking the Credibility of Friends"},"content":{"rendered":"<p>In the past two weeks, I\u2019ve received a number of Facebook messages with unprintable subjects and what resembled YouTube links. It turns out I\u2019m a little late on this, but these messages are really the <a href=\"http:\/\/www.kaspersky.com\/news?id=207575670\">Koobface worm<\/a> that has been making the rounds on Facebook and MySpace since early August. Suspecting spam, I had deleted the messages right away. But then I took a step back and thought, \u201cWhy don\u2019t I see more viruses on Facebook?\u201d This was the first time I had encountered a worm on Facebook, and I can\u2019t find any reports of it happening on the site before.  <\/p>\n<p>Don\u2019t get me wrong, I\u2019m perfectly happy with that situation; I\u2019m just surprised more people haven\u2019t taken advantage of it. What the Koobface is worm purposely exploits is the social credibility that drives online networking. We lend more credibility to our friends than a complete stranger, and that difference may be enough to make us click the link. To use Facebook as a particular example, the value of the site lies in how easily it allows users to share and receive information with people whom they care about.  Every Page I \u201cfan,\u201d every band I put in my profile, every group I join is essentially an endorsement capitalizing on my credibility within my social network. The Social Ads campaign attempted to monetize this principle, and perhaps the backlash to that campaign, all top of privacy issues, was also colored by the unease of one\u2019s credibility being used for the monetary gain of a third party. <\/p>\n<p>This credibility of friends concept has been thoroughly exploited through email attachment viruses, such as the <a href=\"http:\/\/en.wikipedia.org\/wiki\/VBS\/Loveletter\">Love Bug<\/a>. From a security standpoint, Facebook is in a much better position than individual email hosting services to eliminate any worms in its system. (Perhaps early action is the reason this isn\u2019t more common?) It is in Facebook\u2019s interest to protect the credibility of its users and thus the integrity of its site, so their <a href=\"http:\/\/www.insidefacebook.com\/2008\/08\/26\/update-facebook-security-fighting-koobface-worm-chain-letters\/\">response<\/a> has been immediate and serious. A <a href=\"http:\/\/www.facebook.com\/security\">Facebook Security<\/a> page is dedicated to dealing with these issues. <\/p>\n<p>The whole subject of computer viruses reminded of the excellent Mattathias Schwartz article on trolling in NYT Magazine. It has already been <a href=\"http:\/\/blogs.law.harvard.edu\/digitalnatives\/ on this blog\">covered <\/a>from a different angle, but I wanted to pull out a quote that especially struck me. Despite these attacks that aim to undermine the very credibility of friends, the view out is not necessarily pessimistic: <\/p>\n<blockquote><p>So far, despite all this discord, the Internet\u2019s system of civil machines has proved more resilient than anyone imagined. As early as 1994, the head of the Internet Society warned that spam \u201cwill destroy the network.\u201d The news media continually present the online world as a Wild West infested with villainous hackers, spammers and pedophiles. And yet the Internet is doing very well for a frontier town on the brink of anarchy. Its traffic is expected to quadruple by 2012. To say that trolls pose a threat to the Internet at this point is like saying that crows pose a threat to farming.<\/p><\/blockquote>\n<p>In drafting up this post, I tried looking for research on how youth determine with credibility of friends and applied that to the digital world. What I found was a good deal more information on youth and the credibility of media, including the excellent \u201cDigital Media, Youth, and Credibility\u201d volume of The MacArthur Foundation\u2019s series on Digital Media and Learning that John Palfrey <a href=\"http:\/\/blogs.law.harvard.edu\/digitalnatives\/2008\/08\/26\/digital-media-youth-and-credibility\/\">blogged <\/a>about just last week. (I had also spent the summer interning at MacArthur \u2013 it\u2019s good to be back blogging with Digital Natives.) The issues of friends and credibility are complex and extend well into the offline world, but I\u2019m curious to explore this a little further. If anyone has any resources, insights, opinions to share, leave them and a follow-up post may be in order! <\/p>\n<p>&#8211; Sarah Zhang<\/p>\n","protected":false},"excerpt":{"rendered":"<p>In the past two weeks, I\u2019ve received a number of Facebook messages with unprintable subjects and what resembled YouTube links. It turns out I\u2019m a little late on this, but these messages are really the Koobface worm that has been making the rounds on Facebook and MySpace since early August. Suspecting spam, I had deleted [&hellip;]<\/p>\n","protected":false},"author":1636,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[17419],"class_list":["post-192","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-uncategorized"],"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/archive.blogs.harvard.edu\/digitalnatives\/wp-json\/wp\/v2\/posts\/192","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/archive.blogs.harvard.edu\/digitalnatives\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/archive.blogs.harvard.edu\/digitalnatives\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/digitalnatives\/wp-json\/wp\/v2\/users\/1636"}],"replies":[{"embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/digitalnatives\/wp-json\/wp\/v2\/comments?post=192"}],"version-history":[{"count":0,"href":"https:\/\/archive.blogs.harvard.edu\/digitalnatives\/wp-json\/wp\/v2\/posts\/192\/revisions"}],"wp:attachment":[{"href":"https:\/\/archive.blogs.harvard.edu\/digitalnatives\/wp-json\/wp\/v2\/media?parent=192"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/digitalnatives\/wp-json\/wp\/v2\/categories?post=192"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/digitalnatives\/wp-json\/wp\/v2\/tags?post=192"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}