Thursday, April 30, 2009

Social Networks: The new spam battleground

Over the past few years, I've joined several social networks. Twitter, FaceBook, LinkedIn, MySpace, the now defunct Pownce, all give slightly different takes on the whole 'connect with your friends' thing and it's also a great way to meet new and interesting people who you never would have met otherwise. But lately, I've been seeing more and more of an old friend rear its head in this new medium and I fear for the future of the entire social networking concept because of it. Of course, I'm talking about Spam.

Spam, or unsolicited mass advertising, has been with us since the very first email message was sent way back in the 1970's. Originally confined to only email, these annoying messages now invade nearly every corner of our digital communications from cell phones to chat rooms and the problem seems to be growing worse by the day. The popular online service provider America Online estimates that up to 90% of the mail it processes every day is spam and that adds up to billions of messages every single month for AOL alone. A recent article by the BBC estimates that nearly 97% of all email sent in the U.S. is spam and that estimate might be low according to some researchers.

But social networks are different. Sites like FaceBook, MySpace, and Twitter, are all trust based networks where two way communication has to willfully be established in order for any meaningful exchanges to take place. One would think that these places would be some of the most spam free ones on the internet because, after all, why would anyone willingly accept a spammer they don't know as a friend? The answer lies somewhere between the 'I want real friends' and the 'I want a lot of connections' sides of the social networking scale and it's that delicate balance that spammers often exploit to find a way into otherwise private circles.

Spammers often pose as legitimate members of social networking sites and might even participate in them to garner users trust. Once they've gained credibility, that's when the trouble begins. Most social networking sites will not only give a spammer connection to you but to all of your friends as well compounding the problem by further confusing and exploiting the trust metric. Most times, users will friend a friend of their friends simply because there's an automatic trust by associations. Spammers count on this and exploit it ruthlessly, digging deeper and deeper into connected social circles until, ultimately, thousands of people might be left vulnerable to them.

Social networking site Twitter recently found out the hard way how easily their users desire to be social could be exploited through a well meant feature called "autofollow". By turning on autofollow, Twitter users could automatically follow anyone who followed them. It was an easy way to be nice and build the community but, as many users quickly found out, it was also heaven for spammers who would follow large amounts of users, triggering their autofollow, then unfollow almost all of them and begin pumping out spam. Twitter disabled the feature shortly after its inception after much network discussion about the privacy and exploitative implications.

Social networks are quickly becoming the new battleground for spammers and, unfortunately, there's not going to be much administrators can do to stop it. It's the ultimate opt-in game for commercial marketers and the only solution is for users not to friend people they don't know well. This, of course, defeats a large purpose of why people join social networks in the first place so the war will rage on for the foreseeable future.

Spammers are adapting their methods too, realizing they need to appear as normal as possible until they've amassed enough 'friends' to create a usable advertising network. I believe the new spammer tactic for social network will be a 'long term, high participation' one where the spammers will blend in as much as possible with ordinary users and slip ads in from time to time. Friend based advertising is very effective and spammers have long sought ways to accomplish this. Now, through the social sites, it's easier than ever to get a high response rate with very little effort.

Social networks and their users will have to find a way to deal with this new threat or it will slowly undermine the entire trust based system that these sites thrive on. Administrators will have to be more active in analyzing user trends to catch spammers before they've gotten deep into the system and users will need to be more aggressive about protecting their social systems and purging undesirables from their friends lists when they see behavior about which they're concerned. Social network spam will evolve, just like email spam has but, this time, we have adequate tools to effectively combat it.

Social network users, the bottom line is really true: the power is in your hands.

Friday, April 17, 2009

EMR, CCHIT, and the 2009 Economic Stimulus Act

Those of you who've been following the news surrounding the American Recovery and Reinvestment Act of 2009 (ARRA) are no doubt aware of the huge changes on the horizon for healthcare IT. Soon, the days of the cluttered office with wall to wall patient charts will be replaced with a single computer that has searchable access to years of patient data, charts, and medical history without the need to ever leave your desk through the implementation of electronic medical records (EMR).

While the federal government has, through ARRA, set aside $19 billion dollars to help doctors migrate to an EMR, the one disturbing provision that troubles many small EMR companies is the requirement that the software be certified. While the certification agency has yet to be specified, it is widely accepted that the CCHIT will be selected for that role and that concerns many small companies and physicians.

Join Kris Rebillor as she speaks with Dr. Mark Leavitt, chair of CCHIT, as their discuss ARRA and how it will impact American healthcare in this short, audio only interview.