new web technologies

Why Does Facebook Want You To Broadcast Your Location To Your Friends?


Facebook is trying to get you to share even more information, this time by beaming your location to your friends all the time.

The optional feature, called Nearby Friends, is built to help you find people around you. You can tailor the options to prevent specific friends from seeing your location. Nearby Friends alerts you to when friends are in your area, and allows you to share your precise location with them for a set period of time. On the upside, it might inspire some friends to meet up in the real world. 

The success (or lack thereof) of place-based social apps like Highlight show us that most people are perfectly happy keeping their location to themselves, unless they want to explicitly share it with friends. Running into someone on the street is just not the same when you know they’ve been following your location online in the hopes of a “surprise” connection.

A Nosey Friend Who’s Trying Too Hard

Facebook, like an overbearing acquaintance who keeps asking about your weekend plans, has made a habit of asking its users for their location—and doesn't seem to get the message when it’s snubbed.

In 2011, Facebook rolled out a Foursquare-like check-in feature called Facebook Places in its mobile app. Most users ignored it, and Facebook eventually killed it, opting instead to let users include location in photos and status updates.

A year later, the company attempted a similar feature that let anyone see your location, including complete strangers. Facebook quickly pulled the short-lived “Find Friends Nearby,” after many people raised privacy concerns.

The company is ready to try again, and this time is quick to point out the feature is optional and only shows your location to people you want to see it. 

But the question remains: Do we really want our Facebook friends to know where we are at all times? 

There are already numerous services that let people share their exact location with friends, and in more intimate settings. Apps like WhatsApp, GroupMe, and Path let you share your location on a map with individuals or small, defined groups. Foursquare check-ins can be broadcast to both Twitter and Facebook, or shared to the smaller set of friends you have on that service.

With all these services, users are actively sharing their location, with a fairly strong idea of who will receive the information and when they'll see it. But with Facebook’s new feature, users will be passively sharing their whereabouts, not knowing who is looking for them, or when they’ll be found. 

Our Facebook accounts are no longer just for friends—the average user has 338 “friends,” many of whom they’d rather not accidentally run into at the grocery store. Sure, you can create specific lists with whom you share your location, but it’s likely those same people would be the ones you want to spend time with, and are likely in contact with on other apps, or even—gasp—in real life.

A Battery Of Complaints

There’s one more downside that Facebook is likely loathe for users to think about.

The new feature will require users to turn on location services for the Facebook app, if they haven’t already done so. That will likely cause a huge drain on battery life. One former Apple Store Genius Bar employee recommends disabling Facebook location services as the best way to save your iPhone’s battery.

Until Facebook delivers proper value to its users in exchange for learning their location—information that’s obviously valuable to advertisers—it’s not clear why anyone should make this tradeoff.

There’s an obvious better way for Facebook to encourage users to share their location in a way that’s useful to them: Facebook Messenger. The current system has a very crude way to share one’s location, by clicking an arrow. All that does is inform the other user of your current city, which is useless if you’re trying to get together with a friend. Adding a way to share one’s specific location, down to a specific business, office, or other venue, with a specific group of people is an obvious move, and would keep Facebook Messenger competitive with other messaging apps. It would also put users in full control, since they would select exactly who to share location with and when.

One reason why Facebook might not be doing this is that its directory of places is not yet fast, accurate, or complete enough to be useful. WhatsApp, which Facebook recently purchased for $19 billion, uses Foursquare's database, not Facebook’s, and Instagram, the Facebook-owned photo-sharing service, is testing a switch from Foursquare to Facebook with apparently poor results.

Rather than alerting people to nearby friends and hoping for the best, Facebook ought to fix its own places directory and let users share their location in a way they’ve shown they want to. It seems so obvious—but for the world's largest social network, maybe locating a clue is harder than we think.

Update: A previous version of this article incorrectly stated Nearby Friends displays your precise location at all times. You don't see the exact location on a map unless your friend has chosen to share their location with you, you just see if they are nearby.

Images courtesy of Facebook


Date: Thu, 17 Apr 2014 15:35:00 -0700
Author: Selena Larson :: Category: Facebook



back to top

Taking My Diet To The Next Level


ReadWriteBody is an ongoing series where ReadWrite covers networked fitness and the quantified self.

Quantifying your activity and nutrition, as I’ve done for years, can only take you so far. Sometimes gathering the numbers just tells you the same bad news you can see in the mirror. Here it is: After dropping 12 pounds last year, I’ve been stuck around 195 pounds for months.

I'm still very active, going on runs with my dog around Telegraph Hill, spiking my heart rate with gym workouts, and trying different training techniques while I continue to test new fitness gadgets and apps. It's pretty clear what I need to tackle next: what I eat.

And I have a short-term motivator: I've signed up to take my colleagues through a boot-camp exercise program in a month. My co-instructor is a former MMA pro. I’m feeling the heat.

Beyond Food Logging

As much as I love MyFitnessPal, an app in which I log everything I eat, it doesn't feel like a good meal-planning tool. I use it for accountability, recording what I eat as I go. Rigorously admitting my food slip-ups keeps me aware of my food habits and where I can improve them. I don't want to tinker with that part of my routine.

What I need is an app that plans my meals, generates a shopping list, and helps keep me on track.

Ideally, it would look ahead at my calendar. For example, this week, I packed five days’ worth of morning meals, forgetting that I had two breakfast meetings planned. Push notifications to remind me to eat at the right time would help—especially since the timing of meals may be a factor in weight loss.

And there's always the unexpected, like the leftover Chinese food I'm having for lunch today. An ideal meal-planning app would adjust on the fly for the occasional overindulgence.

The Ultimate Food App Hasn’t Been Invented Yet

The last thing I want is connectedness: I want an app that automatically populates MyFitnessPal with my planned meals as I eat them, that consults RunKeeper or MapMyFitness to get an eye on my calories burned through exercise, that picks up my sleep habits from my activity tracker, that pulls menus from restaurants when I schedule a meeting, and that outputs a shopping list I can import into grocery-delivery services like AmazonFresh, Postmates, or Instacart.

From what I've seen, there are plenty of meal planners that focus on organizing recipes. What they lack is contextual awareness of the vast amounts of data I throw off in my quantified life. Somewhere out there, someone must be building the perfect next-generation food-planning app, one that factors in my schedule, exercise, sleep, and other measurable habits. If you are, let me know.

In the meantime, I’ve got some old-fashioned work to do, with a familiar set of tools to rely on. I’ll let you know how it goes.


Date: Thu, 17 Apr 2014 12:29:35 -0700
Author: Owen Thomas :: Category: Body



back to top

Dropbox Buys Loom For Photo Sharing, HackPad For Collaboration


Dropbox is having a busy Thursday.

The file sharing giant has acquired Loom, a photo sharing app that offered mobile users up to five gigabytes of free storage. Loom announced the deal on its company blog.

Dropbox recently announced an update to its photo sharing capabilities with its Carousel feature, and the Loom team will likely join Carousel as the home for syncing and sharing the ever increasing amounts of photos people take on their devices.

Unfortunately, the acquisition means Loom will be shutting down its own service within a month. Loom is not allowing any new signups, and the company informed customers that the service will officially shut down on May 16. Current customers can choose to export their photos to Dropbox, where they'll automatically receive the same amount of cloud storage they had with Loom, or they can opt for a .zip file that contains every image they've ever uploaded to Loom's servers.

Also joining Dropbox—by way of acquisition—is a company called HackPad, a wiki-style collaboration and note-taking tool that could also boost Dropbox's own recently launched internal collaboration tools.

Unlike the Loom acquisition, Hackpad will continue to remain open to existing and new customers, and the company said it will be working with Dropbox to "bring new offerings to the market."

Image of Gentry Underwood of Dropbox by Adrianna Lee for ReadWrite


Date: Thu, 17 Apr 2014 11:44:35 -0700
Author: Anthony Myers :: Category: now



back to top

Suddenly, Mobile App Install Ads Are Popping Up Everywhere


Developers love them, advertisers love them, and companies are raking in cash—all thanks to the little buttons in mobile advertisements that urge you to download an app.

Twitter is the latest company to introduce these new mobile advertisements. Today the company announced that developers and advertisers can urge mobile Twitter users to download applications through these so-called app install ads, and reach up to one billion mobile devices through the MoPub Marketplace, the advertising startup the company acquired last year

At first glance, this may look like Twitter’s latest copycat move on Facebook. But that doesn’t give app install ads enough credit. 

Mobile Is Eating The World

More than 85 percent of the time we spend on our mobile devices, we’re using one app or another. But finding good apps is still a problem for the majority of smartphone users, in part because app store search leaves something to be desired. So how do developers get people to notice their apps? Serve them up where people are spending all their time—in other apps. 

Facebook launched its own mobile app install ads in October 2012, and the product has been huge both for marketers and Facebook’s bottom line. Last year, the number of installs driven by Facebook’s ad program ballooned to 245 million, and accounted for hundreds of millions in revenue for the company, according to BuzzFeed.

Though Facebook remains mum on the exactly how lucrative the ad program is, CEO Mark Zuckerberg admits it’s been quite successful. “We’re finding that people also really want to buy a lot of app install ads, and that’s grown incredibly quickly and is one of the best parts of the ad work that we did over the last year,” he told the New York Times in January.

Yahoo is experimenting with similar ad products, too. In March, the company confirmed it was testing ads that sell users on apps in hopes of appealing to more developers and brands. So far the company hasn’t fully rolled out the ad program, but it’s likely we’ll see it in the coming months.

Some people might argue they have all the apps they need, but app install ads could drive even bigger traffic in markets that are just now buying smartphones—developing markets that tech giants are especially interested in. As more people get their hands on cheap smartphones, specifically in emerging economies, the business of pushing apps into consumer hands is only going to grow in importance.

Twitter is rolling out the new ad product today, and marketers can set up app install ad campaigns that target both mobile Twitter users and thousands of apps in the MoPub Marketplace on ads.twitter.com.

Image courtesy of Twitter


Date: Thu, 17 Apr 2014 11:28:22 -0700
Author: Selena Larson :: Category: App install ads



back to top

How To Ensure Your Homebrew OpenVPN Server Isn't Vulnerable To Heartbleed


The Heartbleed bug has made April into a difficult month for Internet users, as we scramble to change our passwords and protect ourselves from the most pervasive security threat in ages. 

But if you've set up your own virtual private network (VPN), which gives you a secure channel back to your home network even on insecure public networks, you don’t have to worry, right? Unfortunately, that’s not necessarily true. 

OpenVPN is an open source service that makes up the backbone of many independent VPN servers, including the one I built for a ReadWrite tutorial. Since OpenVPN uses OpenSSL as its default cryptography library, it can be vulnerable to the Heartbleed bug. That means a dedicated hacker could conceivably steal the master key that encrypts all connections to a particular OpenVPN server, essentially shredding its security (although doing so doesn't sound particularly easy).

Users that followed our ReadWrite tutorial probably aren't vulnerable to Heartbleed, and in fact, may be safer than the average user. That's because:

  • We published our tutorial published after the discovery of Heartbleed, so anyone who followed it should have installed the Heartbleed-patched version of OpenVPN.
  • We used a TLS-auth key, considered by some VPN builders to be an unnecessary security step. Generated in step eight of the tutorial, the pre-shared hash-based message authentication code (HMAC) key doesn’t just ward off DOS attacks, but also any bad actor who doesn’t know your private key. Even the OpenVPN wiki page on Heartbleed says the a TLS-auth key can make you less vulnerable.

Still, there are many reasons it’s a good idea to check your VPN for Heartbleed vulnerability, just in case. Fortunately, one programmer, Stefan Agner, has already developed an open source program that tests OpenVPN for you. You can access Agner's code on GitHub.  

Here’s how to download his program and test your OpenVPN-powered VPN for the bug: 

1) First, you need to access wherever your VPN lives, whether that's on your computer, a server, or a Raspberry Pi like in the tutorial. So in my case, I used SSH to access the Raspberry Pi where my VPN was built. 

2) Once you’re in, the first thing you need to do is make sure you’re using the right version of Python. This script requires Python 2. So type:

python -V

If it results in a version that starts with a 2, you are set. If not, you’ll need to install the latest version of Python 2 with:

sudo apt-get install python 2.7.3

3) Now you need to clone the Heartbleed test GitHub repository. Obviously, you need git installed. You can type “which git” to check if you have git already installed, and if so, which version. If it isn't already installed, you can type:

sudo apt-get install git

As long as it's the device on which your VPN is installed, any directory will do for this clone—I just used the default folder on Raspberry Pi. When you've picked one, type in the command:

git clone https://github.com/falstaff84/heartbleed_test_openvpn.git

4) Now it’s time to finally input the test command. Go into the folder you just installed:

cd heartbleed_test_openvpn

Then, run the command, calling your internal IP address—the same one you used to connect to on SSH. For me, that was 192.168.2.22, as shown in the example. Yours is probably different. 

./heartbleed_test_openvpn.py 192.168.2.22

5) If your VPN is not vulnerable and you have a TLS-auth key, nothing will show up at all. The program is attempting to take advantage of Heartbleed and if it can't, the program won't work. It's the one time you want your program to fail. 

If your VPN is vulnerable, a fake Heartbleed attack will pop up. If it turns out your VPN is vulnerable, the only thing to do is to install the latest version of OpenSSL (Or OpenVPN, if that’s the backbone you’re using). 

Let us know if this works for you, and we'll do our best to lurk in the comments section to see if we can help troubleshoot. Best of luck.


Date: Thu, 17 Apr 2014 11:22:27 -0700
Author: Lauren Orsini :: Category: Heartbleed



back to top