Saturday, 20 September 2008

Security of Online Communities

My friend had an accident 2 days ago, and I was keeping an eye out for him. Being Lebanese, we had swamped the hospital with visitors going and coming, as if it was a social event. While every other patient had his wife or "next of kin" beside him, my friend never had, at any moment in time, any less than three people , of which neither was a "next of kin". ...
Anyway, while there, I got into a conversation with a friend about Facebook , where a person had added both of us, and she was asking who was that person, as she thought because we had common friends, then she accepted her friend request. Turns out, neither one of us knew her, and it was just a random add by a random person. My friend, who is a little paranoid about this whole social networking thing , mentioned that there are alot of freaks out there, and this is just a platform for them to roam free.

That is true.

Which promoted quite an interesting technological debate. The internet, as Richard Stallman would say (I swapped emails with the dude, and he really believes in this) is a Free and Open Source platform for users to say and do whatever they feel like doing. The internet today, is what we call a "User Generated " medium in which the content is generated by and for the users, with, seemingly no restrictions. Ah, the keyword here, is the word "NO".

Well, not exactly.

Not long ago, Facebook, used to have very loose privacy settings. For example, regional networks, such as the London network, was clickable, and you could access the network's listing of all its members. That's very nice, but, there is an essential thing about social networks and communities, that changes dramatically once critical mass is reached. It's something like a bell curve : in the beginning, it's all free and open, with no restrictions. As the number of users go up, they will suggest new features, and new additions, or even add these features themselves. Although, at the point of critical mass , the number of users is large enough, that the number of malicious users becomes a threat.

A malicious user, is, a very, very bad person. The kind of person that will try to steal your identity, credit card details, try to shag you, stalk you, harrass you or your friends, etc.
A bit of math may you. If you have 2,000 users, then you'd probably have like maybe one or two malicious users, which, may not be much of a problem, and they would only be feeding on the idiots (as they say in formal Arabic: "the law does not protect the idiots"). But, if you have 2 million users, which you can consider a critical mass , then you'd have 2,000 malicious users, and that is the turning point. When you have 2,000 users, it's quite a big number, and they may even decide to create a "sub-community" to pool there powers together, and cause some serious damage, on a large scale. That is when preventive measures, restrictions and "corrective surgery" will need to made on the system, to prevent it's abuse, and that's when it starts going down again on the bell curve. (It's not actually a turning point, but rather resembles a saddle point where features are restricted, but newer, more safer ones get added, so it kinda goes up and down, but let's not get too mathematical ).

It's all social dynamics, and heavily influenced by network effects.

No comments: