MySpace has all sorts of problems: a terrible user interface, poorly implemented HTML, notorious scalability problems, and a user base ranging from stay-at-home moms to porn stars, from preteens to the technically elite.
Yet for me, being a MySpace-r myself, there is an even larger issue: their insistence on perpetuating ignorance to avoid addressing not only the formerly mentioned issues, but also their own laziness and incompetence. I’ve had it. This blog is going out to all those people who have, at one point or another, had “weird things” happen on their account… let’s see if this will help.
The Shepherd Warns the Sheep…
Occasionally I’ll sign into MySpace and see some message from “Tom Anderson,” the “face of MySpace,” on my homepage. For example, this past week MySpace has been pitching a “download this Quicktime patch, quick” message… so there Tom is, asking me to take 30 seconds to install it.
I politely ignore him. I’ve heard about this patch, and I’ll wait for Apple to update me, not MySpace. Besides, I don’t surf aimlessly on the ‘space. I only visit my friends… I’m one of those guys who actually knows most people on his profile. But I digress…
On occasion, Tom has insisted the following, (which I now paraphrase):
“Hey everybody… If you see or hear people tell you that you’ve been posting weird bulletins that you obviously didn’t post, it’s because someone has gotten ahold of your password and hacked into your account to send SPAM! Change your password often and this should stop happening.”
Now, I realize that there is some truth to this… someone could indeed have brute-forced your password, or even phished it off a clone site. I acknowledge it’s possible… it’s just not likely.
… but the Shepherd is Really the Wolf.
First, it’s important for you to know that MySpace was allegedly founded by professional Internet spammers as a network by which to attract, maintain and eventually advertise to users across the US. Tom became the face of MySpace because he was the one employee, (then a copyeditor) who attracted the most people in the beginning. Read about it here and here.
MySpace was not designed for it’s eventual overwhelming popularity, and it’s frequent crashes are a clear indicator of this. It’s also clear from both the incredibly annoying ads, their lack of common security features and their ridiculous lies about how the Internet works that they really don’t care that much if your account is a haphazard source of spam.
Tom’s answer is not the real reason unauthorized bulletins are being sent from the profile; it’s because:
- The majority of it’s users don’t understand safe surfing techniques,
- MySpace lacks any form of (reliable) security, and
- Spammers are persistent creatures.
Let’s take each of these in turn, shall we? There’s something here for everyone.
Dear MySpace: You Know You Can Do Better Than This
I’m going to make this short and sweet, because everything else has already been said. Your lack of stability, your poor design, the code bloat, the haphazard patching… look, I can sympathize. Your popularity exploded, you had trouble keeping up with demand, your system load challenged even Microsoft’s software. The trouble is, by now, you should have overhauled the site three times over.
Dear Myspace: You know you can do better than this. Yeah, yeah, yeah, I know it’s free, but according to the CEO of News Corp, you guys are making a pretty penny of your users, too, so can it. Here’s a quick list of (rather obvious) steps you could take to make things more secure.
- Captcha on signups, bulletins and messages. I’m tired of the robots.
- Sitekeys on login pages. Bank of America did it, so can you. I know, I know, not foolproof, but it’s SOMETHING.
- Put the “Delete a Bulletin You’ve Posted” somewhere more conspicuous, for crying out loud. It seems like no one knows they can just delete the damn thing! It’s almost like you don’t want them deleting the spam… hey, wait a second…
- A redesign of your markup. I realize you’ll alienate all of those wonderfully designed MySpace customization sites, but honestly, they’re contributing to your problem. Phase this crappy design and code bloat out. You’ve gotta be dumping millions on the load you’re pushing down the pipe.
- Download the spam software, analyze it and defeat it! Are you telling me your staff, now bolstered by News Corp, is incapable of getting your hands on the robot software and stopping it?!?
Honestly, I can’t decide if you guys are inept or devious, ignorant or in collusion. Which is it? I’d love to know.
Dear MySpace Users: They Don’t Make a Condom for Your Keyboard
It’s not necessarily the users’ fault, I suppose. No one really talks about safe ways to surf… they’d rather sell a firewall, install a popup blocker or an anti-phishing filter and lull you into a sense of security. You’ll keep the tech support guy employed and the economy of the consumer IT world will keep on spinning. Yet a firewall won’t prevent you from typing your password into a field on “myyspace.com,” or perhaps into some DIV floating over a profile tricked out to look like a “log in to continue” page.
You liken email to postal mail, yet you don’t seem to grasp that, not unlike the postal mail, Bill Gates doesn’t know who forwards his email message on to their friends and certainly has no intention of paying you to do so. Similarly, Tom doesn’t need you to repost that bulletin; have you not seen his global messages when something breaks?
You have no idea how documents and pictures are hosted and served on the web, but you’ll blindly implement a profile style that uses someone else’s image. Later, you’ll think your profile was “hacked” when that image changes to some other colorful representation of the image owner’s disdain for you when they notice the bandwidth drain. You might, in the depths of your ignorance, even send a panicked email to the owner to let them know their site was “hacked.”
You don’t think before you click, you’ll blindly install that plugin to get Nelly Furtado’s latest single “for free,” you don’t inspect the authenticity of the page you’re on, you don’t right click and view source… you don’t want to get it.
And you’re driving those of us who do get it crazy.
So. Dear MySpace Users… there is an old saying that mirrors well in disciplines such as software engineering: Invent something idiot-proof and the world will invent a better idiot. Instead of focusing on delivering feature functionality, we’re having to spend time and money grappling with the endless struggle between the user and what they use. We can’t give you what you want if you don’t help us out.
Why not save that money and aggravation? You call the Geek Squad whenever your browser slows down from all the crap you’ve installed? You realize these guys are laughing at you as they count the cash back at the office… let them help people with hardware failures, like when your 4 year old dumps his orange juice in the exhaust vent.
Why not protect yourself? Hackers need your machine to attack popular websites. Even worse, they need your hard drive to store materials that would earn years in prison if merely discovered on their own, such as child pornography.
It’s easy to do: LEARN about the tools you use. Here, I’ll get you started:
- Wikipedia: The World Wide Web
- Don’t be scared… this page has terms like “Hypertext Transfer Protocol” and “Uniform Resource Identifier.” Guess what? You use these terms everyday without knowing it, (aren’t acronyms grand?) Take a second to read about what the hell you’re talking about.
- Wikipedia: HTML
- Little known fact: the Internet doesn’t function on CODE, but rather MARKUP. It’s a subtle difference that allows non-technical people to actually understand what they’re seeing, (or even writing). Your web browser can read it, so can you.
- The Anti-Phishing Working Group
- Committed to wiping out Internet scams and frauds.
- US-CERT for Non-technical Users
- Established in 2003 to protect the nation’s Internet infrastructure, US-CERT coordinates defense against and responses to cyber attacks across the nation.
- TRUSTe for Consumers
- TRUSTe® is an independent, nonprofit enabling trust based on privacy for personal information on the internet.
Dear Spammers: Get a Life and Get Out of Mine
Like it or not, spam is a business. I understand the math of it all. They send out a billion emails or MySpace messages… cost: $0, one person in 100,000 clicks: $$$$$$$$. I get it. Nigerian princes would be without their inheritances and Viagra would stay on pharmacists’ shelves if it didn’t work.
Dear Spammers: Honestly, I detest you. I think most people do. To quote the vernacular, die in a fire.
You insult my intelligence everytime some “innocent girl” who is just “looking for a nice guy” joins MySpace and asks me to “check out her webcam” on “this really cool site for FREE!” Even better are the bulletins about free gift cards or ringtones, comments on ghost sites about cheap Cialis, or messages about from someone who “really liked what I said on my profile” and yet they seem to know nothing about me.
To quote Saul Bloom in Ocean’s 11, “I saw you [coming]… I saw you before you even got up this morning.”
I know nothing will prevent this stuff from going on; it’s impossible to police or enforce. So, I’ll just repeat my internet curse under my breath (DIAF) on the occasions you pop in, mark your profile as spam and move on.
Thanks for reading this. It’s long, and I’ve edited it several times. It finally came to a point where I just had to post it. Most likely, I’ll edit it again, so feel free leave comments or suggestions…