Twitter Tutorial: What is OAuth And What It Means To You

by dez on August 23, 2010 · 3 comments

in Personal,Social

As of August 31, 2010 the way that applications access Twitter via your account will be restricted to only one way. Applications can currently access your account if you provide them with your username and password (also known as basic authentication) or if you give them permission to via OAuth. After August 31 the only way an application will be allowed access to your account will be via OAuth.

According to OAuth‘s website the protocol is like a valet key.

Many luxury cars today come with a valet key. It is a special key you give the parking attendant and unlike your regular key, will not allow the car to drive more than a mile or two. Some valet keys will not open the trunk, while others will block access to your onboard cell phone address book. Regardless of what restrictions the valet key imposes, the idea is very clever. You give someone limited access to your car with a special key, while using your regular key to unlock everything.

If you are a Twitter user and use applications to either check your tweet stream on your phone/desktop or on another place on the web (think Tweetdeck or Hootsuite) or any of the multitudes of analytics tools available for Twitter you’ve probably come across a screen that looks somewhat like this (click to see the bigger version):

If you’re already logged into Twitter when you get to this screen you won’t be given an option to login; instead your information will be displayed. For those of you more familiar with Facebook think Facebook Connect.

The short and simple portion of OAuth is that you are not giving your Twitter username and password over to an application developer. Instead you are giving that application permission to access your account through means of a shared key which Twitter identifies as your key for that application. The application is required to have an established relationship with Twitter by means of signing up for an application.

Also required during an application’s sign-up process is whether that application is read only or read & write. If the application is read only then they will only be able to read your information. Read & write means they can do both.

The benefits of OAuth are the security of knowing you don’t need to give someone else your password. Also, you can change your password at any time and you’ll still have access to your already authorized applications. Twitter can also easily revoke the application’s access key to better enable security if an application starts being acting like spam or not in the userbase’s best interest

In that same authorization window user’s are asked if they will allow an application to access or access and update their accounts.

In a lot of ways the advantages of OAuth stop there for applications that have been allowed to access and update accounts. A user still needs to be sure that they trust the app to update their account timely and correctly. An application that updates the account without the user’s express permission even though the user has allowed the application access to the account is still considered to be in violation of Twitter’s Application Developer Terms of Service.

Here is a list of things that an application cannot do and therefore you cannot accidentally do through an application using OAuth:

  • Change your username
  • Change your password
  • Change your email address
  • Change your mobile settings
    • Number attached to account
    • Settings for mobile send times
    • Settings for following a user’s updates via text message
    • Change direct message to mobile settings

This will keep your account generally secure from being changed, but you are still responsible for the content that is sent by the app. This can include:

  • Status updates
  • Direct messages
  • List creation
  • Following someone
  • Unfollowing someone
  • Blocking someone
  • Reporting someone as spam
  • List creation
  • List deletion
  • List following
  • Adding user’s to a list

There are more, but you get the idea. In short, the ability of an application approved through OAuth is restricted, but still has the potential to be dangerous. You should only use applications that you trust or that you understand. Look for an applications documentation section or if the app is a small one send an email or @reply to the developer and ask them about their application.

Keep your password secure after August 31st. You will not be required to give it to an application for purposes of accessing your account. HOWEVER there are applications that still require a login, but the use of the same password that you use for Twitter isn’t required.

{ 3 comments }

Preparing For Your and Your Kid’s Future Online

by dez on August 18, 2010 · 7 comments

in Social

Eric Schmidt, Google CEO, suggested during an interview with the Wall Street Journal:

“I don’t believe society understands what happens when everything is available, knowable and recorded by everyone all the time,” he says. He predicts, apparently seriously, that every young person one day will be entitled automatically to change his or her name on reaching adulthood in order to disown youthful hijinks stored on their friends’ social media sites.

The interview isn’t fully about online privacy, but it’s relevant to the future of the search engine and all of our online lives.

A few days later I saw a post from Jessica Gottlieb titled “The Problem With Mom Blogging When Your Kids Are Older.” In the post she gives a generalized example of what I imagine to be a pretty usual conversation that happens between mothers and their near-adolescent daughters. The gist of the post was regarding the need to let her children tell their own story and not do it for them. Even going as far as intentionally misspelling her kids’ names so that the mention of them growing up cannot be found easily with searches in the future. I’ll share a few quotes from her post:

“The stories don’t belong to me any more.”

“I can’t tell you everything, because this is her story, not mine.”

This brings up a very relevant topic in the increase of everyone’s activity on the social web. How do you use the web as a social activity, network, and professional tool and still maintain your reputation with your friends and employer?

There are a lot of complaints out there about people being someone completely different online than they are offline. Often the person projecting a different personality online is identifiable either through an avatar or their real name.

I’m not talking about gaming networks or forum trolls. I’m also not talking about information privacy. I’m talking about Twitter, Facebook, LinkedIn users and blog authors and the content they create and add to the web. I’m talking about preparing for your future of search.

What are future employers going to see about you or your kids when they go to Google and search for you or them? Let’s not get into the legality of any of this or the morality of it. That search is going to happen and it’s not restricted or controlled by you or who you allow to run it. What will it display?

Search Engine Optimization (SEO) isn’t just for companies anymore.

A lot of people whose lives often take place in the digital space already know that they need to keep an eye on the what/where/when/who of who mentions them online. Most of these people likely (or should) have Google Alerts setup for their full name, another for their online name. This is an important first step in monitoring your online presence. However, this only notifies you of anything new that matches what you’re searching for.

The Geek Girls have a great Five-Minute Guide to Google Alerts. If you haven’t setup alerts for yourself yet you should read their post.

Background Check?

While it’s a legal gray area to do a background check via social networks or Google it still happens. I’ve seen different percentages reported as far as how many HR managers are checking Google for background information. Which means that more than zero may be using information they find about you online. However, if they can find it online, so can you. You just need to know how and what to search.

Kate-Madonna Hindes is an expert in helping people not only make their resumes better but in helping them network themselves online, usually for the purposes of job seeking. I asked her about some of the biggest things online job seekers should watch out for.

As job seekers join social networks, it’s important to remember the mantra, “once on the web, always on the web.”  By acting as their own recruiter, candidates can source information about themselves and see what is showing up under their names or other identifiable information.  If information is private, it should not be disclosed to the web in any form.

Being Prepared

Having your alerts and watching what you post about yourself but still being active online can still lead to times when things are posted about you that you don’t necessarily like or that are even accurate. The other possible issue is that something you said is either wrong, strikes a bad nerve, or is taken out of context. If you have control of the content you could delete it, but that’s like trying to hide something. Also, since it was already out there and you already feel the reason to remove it there is reason to believe that someone else saved it as a screenshot or the file.

I asked Jennifer Kane of Kane Consulting how she helps her clients and herself deal with fallouts like this.

The most important thing that we tell our clients, and ourselves, is to be transparent…

Yes, there is a permanence to what you say on the social web and those words and images can come back to haunt you. Increasingly, though they’re coming back to haunt everyone.

When words you say, the things you do and the ideas you think are immediately captured, syndicated and analyzed, lying and reinvention become vastly more difficult. Your best option then is to choose to reveal less, be more transparent and honest about the things you do reveal, apologize immediately if your words come back to haunt you and keep moving forward.

The present is becoming the past so quickly that humility and time will be your best assets for managing your reputation in the future.

Rinse, wash, try not to repeat.

This is all great if you’re working with yourself. The same self that didn’t grow up with Google as a verb or www always around. Today’s kids are always connected and they are going to be the ones creating the awesome stuff in the future when Facebook and Twitter are “that thing my mom uses”. The lessons you teach them now with their life in general could very well help them deal with their own privacy. Jessica had this to add when I asked her how she’s teaching her kids about online safety, decency, and respect for themselves.

When you teach your kids manners it’s simple to incorporate online manners as well. At every age there are different lessons. We teach them privacy fairly early on, as that is a safety issue. Moving forward we teach them the intricacies of privacy, like setting up a fake birthday on your fake email with your fake name that you use for things like online gaming or shopping with gift cards.

The nightmare AND the glory of that web is that we are losing our privacy. My kids love to text, they are far more likely to text than they are to talk, and every parent should embrace this. We gave our daughter a cell phone and explained to her that (like her email) we would very likely read every message going in and out. It is important for every child (and for every adult) to understand that once you have written something down, in any forum, you are responsible for those words. Our children need to know that their words have the ability to elevate or to destroy.

As our children move to more public social networking, our rules, and our guidance will necessarily change and grow with them.

How do you handle your online reputation? What Google Alerts do you have setup for yourself? Have you ever had to deal with fallout from a bad experience online?

What we do online stays online. As we grow into the social web we need to find ways to maintain our reputation online.

I look forward to your feedback.

{ 7 comments }

Twitter Tutorial: @Replies and @Mentions

August 18, 2010

I recently contacted a good friend of mine about the way she was promoting posts from other people (sometimes even mine). Here’s the structure of the tweet she would send out: “@name has a great new post about purple elephants <link here>”. Without knowing it she was restricting the number of people that saw the [...]

[Click to read more...]

Twifficiency

August 17, 2010
Thumbnail image for Twifficiency

A 17-year old from Scotland has created a tool called “Twifficiency“. James Cunningham (@jamescun) most likely didn’t expect his application to hit the worldwide trending topics, but it did. The tool gives you a % of efficiency based off of the number of people you follow, your follower number, how often you tweet, and how [...]

[Click to read more...]

30, 4th decade, 29.365

August 10, 2010

Whatever you call it, it’s my birthday today. That’s all. I’ll leave you with two images of what Megan got me for my birthday:

[Click to read more...]

Need Blogs to Subscribe To: Make It Yours

August 9, 2010

Since I’ve been reformatting my subscriptions to be of a more personal nature I have started finding other blogs based off blogroll links from the sites that I’m already subscribed to.  But I want more. Now that I’m caught up on my reading and have been all weekend I want some more. I want to [...]

[Click to read more...]

CoaFG: 11lb Swing and the Risks of Daily Monitoring

August 9, 2010

From Friday, 8/6, to Sunday, 8/8, I gained 11 pounds… As of this morning I was back to 338.8 but still 6.1 higher than I weighed in on Friday. I was still watching what I ate all weekend, but the biggest difference is that instead of staying indoors during the extremely hot and humid weekend [...]

[Click to read more...]

CoaFG: Walking in Hot Weather

August 8, 2010
Thumbnail image for CoaFG: Walking in Hot Weather

What’s it like to have almost 30 less pounds and walk around in 90 degree weather? It still sucks, just not as much. A comparative for you. Before I lost weight I could walk around in hot weather but my clothing would be soaked after only an hour. Now I can go 2 hours and my shirt [...]

[Click to read more...]

Social Sharing FTW!

August 5, 2010
Thumbnail image for Social Sharing FTW!

I used to be a bit obsessed over being the first of my online social graph to discover and share a video. I’m not sure how I got sucked in on it, but maybe it was the recognition or getting the RT’s or the comments on my Facebook post. I’ve become rather bored lately with [...]

[Click to read more...]

Writing On My Own Blog

August 4, 2010
Thumbnail image for Writing On My Own Blog

I’m going to start taking John Gruber’s approach to commenting on blogs. He’s semi-famous for turning off comments on his blog and taking the approach of “write on your own blog”. It’s not a bad idea. This is why trackbacks exist. Don’t worry, I won’t be tweeting everything I comment on, but it’s easier for [...]

[Click to read more...]

← Previous Entries