November 23, 2024

Twitter and TV Get Close to Help Each Other Grow

By the next day, the surly producer Simon Cowell will have read them — the good, the bad and especially his specialty, the ugly. And by the next week, he will have made changes to his show accordingly.

“It’s like having millions of producers working with you,” said Mr. Cowell, who once dismissed Twitter as a lightweight list of strangers’ lunch plans but who is now a convert to the social networking Web site.

Next week, for the first time, the user-producers who speak up will have another way to be heard. As an alternative to calling or texting in a vote for a singer on “The X Factor,” Twitter will make it possible to vote with a message to the show’s account.

The voting option is the result of a new technological investment by Twitter and is a reflection of the company’s symbiotic relationship with the television industry. TV producers like Mr. Cowell, who crave the immediate feedback they can get from Twitter, have given the Web site free promotion, helping it to gain more users who will give even more feedback. Over time, the theory goes, having more users will help the five-year-old Twitter turn a steady profit.

“Benefits will accrue to us,” said Dick Costolo, the chief executive of Twitter, as a result of the service’s “engaging with these other media platforms and providing benefits to them.”

The company is privately held, and Mr. Costolo has declined to say whether it is profitable. In an interview on Tuesday, he said he did not seek a specific financial return for projects like the one with “The X Factor,” but he expressed confidence that projects like it “are going to result in financial benefits down the road.”

To that end, the proliferation of Twitter logos and language on news and talk shows and now “The X Factor” is not an accident; it is the product of a strategy that started nearly three years ago with the hiring of Chloe Sladden, a former vice president at Current TV, who put Twitter messages on screen during the 2008 presidential election.

“I was brought on board to be the bridge” between Twitter and TV, Ms. Sladden said in an interview this week. Now she oversees a team of seven in Twitter’s content and programming unit. Two started work this week, one to work with music labels and one to work with news organizations. She expects to hire four more in the next three months.

Evangelizing for the Web site, her unit proffers free advice and data to producers, politicians, celebrities, and other people who are effectively content creators for Twitter. “We work with them and think carefully about how to help them create the best possible content,” Ms. Sladden said.

The unit has worked closely with The New York Times, among other media companies; Ms. Sladden spent part of the 2010 midterm election night at a desk in the Times newsroom.

New media partnerships are announced with regularity these days; in August, for instance, Twitter announced a pact with The Weather Channel that adds weather-related tweets to TV segments and to Weather.com.

Twitter executives say they don’t pay for such placement. But for “The X Factor” voting, they spent an undisclosed amount to set up the voting infrastructure. For voting security, only votes that are sent via direct message to the show will be counted; public comments will not be.

Voting will start on “The X Factor” on Nov. 2. Along with votes via Twitter direct messages, the show will count votes via a Verizon mobile phone app.

The option to vote via Twitter, Ms. Sladden said, signifies her unit’s shift “from focusing just on engagement” — getting users to talk about TV — “to getting into the creative fabric of shows and letting the audience help change the outcomes.”

The combination of TV and social media, often labeled social TV, has steadily gained attention as the television industry seeks ways to retain viewers, particularly for live events that people can react to in real time. Facebook, too, is working hard to showcase conversations about TV and media, allowing for viewing of some shows directly from its Web site. For now, it seems, Twitter user names and hashtags are more visible on TV than Facebook names.

Mr. Cowell, formerly of “American Idol,” said he appreciated that social media sites made live TV feel even livelier. That is likely to be an important element for “The X Factor,” which has drawn an average of 12.5 million viewers for its taped audition episodes — higher than Fox’s previous average on Wednesdays and Thursdays but lower than Mr. Cowell’s expectations.

“When we go live,” he said, with performances and votes on Nov. 2, “I do think we’re going to see a real difference.”

Mr. Cowell said he did not post on Twitter — “I am the slowest typer in the world,” he claimed — but would post in the future.

“The only powerful people now on TV,” he declared, “are the people on Twitter and Facebook.”

Article source: http://feeds.nytimes.com/click.phdo?i=42717a8c7899fe3af1edbb7e5bbdb793

An Attack Sheds Light on Internet Security Holes

The Comodo Group, an Internet security company, has been attacked in the last month by a talkative and professed patriotic Iranian hacker who infiltrated several of the company’s partners and used them to threaten the security of myriad big-name Web sites.

But the case is not a problem for only Comodo, which initially believed the attack was the work of the Iranian government. It has also cast a spotlight on the global system that supposedly secures communications and commerce on the Web.

The encryption used by many Web sites to prevent eavesdropping on their interactions with visitors is not very secure. This technology is in use when Web addresses start with “https” (in which “s” stands for secure) and a closed lock icon appears on Web browsers. These sites rely on third-party organizations, like Comodo, to provide “certificates” that guarantee sites’ authenticity to Web browsers.

But many security experts say the problems start with the proliferation of organizations permitted to issue certificates. Browser makers like Microsoft, Mozilla, Google and Apple have authorized a large and growing number of entities around the world — both private companies and government bodies — to create them. Many private “certificate authorities” have, in turn, worked with resellers and deputized other unknown companies to issue certificates in a “chain of trust” that now involves many hundreds of players, any of which may in fact be a weak link.

The Electronic Frontier Foundation, an online civil liberties group, has explored the Internet in an attempt to map this nebulous system. As of December, 676 organizations were signing certificates, it found. Other security experts suspect that the scan missed many and that the number is much higher.

Making matters worse, entities that issue certificates, though required to seek authorization from site owners, can technically issue certificates for any Web site. This means that governments that control certificate authorities and hackers who break into their systems can issue certificates for any site at will.

Experts say that both the certificate system and the technology it employs have long been in need of an overhaul, but that the technology industry has not been able to muster the will to do it. “It hasn’t been perceived to be a big enough problem that needs to be fixed,” said Stephen Schultze, associate director of the Center for Information Technology Policy at Princeton. “This is a wake-up call. This is a small leak that is evidence of a much more fundamental structural problem.”

In the Comodo case, the hacker infiltrated an Italian computer reseller and used its access to Comodo’s systems to automatically create certificates for Web sites operated by Google, Yahoo, Microsoft, Skype and Mozilla. With the certificates, the hacker could set up servers that appear to work for those sites and try to view the unscrambled e-mail of millions of people, experts say. Comodo says it has suspended the Italian reseller and a second European reseller that the hacker also infiltrated.

In a series of online messages teeming with bravado, the hacker described himself as a software-engineering student and cryptography expert and said he worked alone. He suggested he was avenging the Stuxnet computer worm, which was directed at Iranian nuclear installations last year. And he indicated that he intended to use the certificates he created to snoop on opponents of the Iranian regime. “As I live, you don’t have privacy in Internet, you don’t have security in digital world,” he warned.

The certificate system was created at the dawn of e-commerce in the early 1990s before security was a major issue. Security experts say the system is not up to the challenge of today’s immense, commercial and much-attacked Internet. It was designed primarily to let businesses take credit card payments online, and less to confirm the authenticity of Web sites.

The crucial tool available to Comodo and the browser makers — revocation — is ineffective, security experts say. After the Comodo case, Google, Mozilla and Microsoft rushed out patches so their browsers would recognize and reject the bad certificates. But this solution requires many millions of Internet users to update their browser software, which many people never do.

Moreover, because certificate authorities’ servers are seen as unreliable, most browser makers allow users to proceed to an alternative site, and hackers can exploit this weakness, security experts say.

Browser makers have another problem: Faced with a suspicious certificate authority, there is little they can do shy of rescinding it. But if they did that, millions of Web users might encounter troubling error warnings when they visited sites with certificates from that company, causing a cascade of problems for users and site owners. Cutting out a large player like Comodo, which controls at least 95,100 active certificates, could effectively “break the Web,” said Dan Kaminsky, chief scientist at the security firm DKH.

They are effectively “too big to fail,” said Christopher Soghoian, a former Federal Trade Commission technologist who is now a graduate fellow at the Center for Applied Cybersecurity Research at Indiana University. “The problem is that the browser vendors don’t have a small stick, they only have a big stick.” He said he could not recall a single instance in which the browser vendors had rejected a certificate authority.

Microsoft and Mozilla said that they would consider removing certificate authority if it was in the best interest of Internet users, and that they remained in talks with Comodo about its security practices. “Participation in Mozilla’s root program is a privilege, not a right,” the company, the nonprofit maker of Firefox, said. Apple, maker of the Safari browser, declined to comment. (Google’s Chrome browser defers to the choices of operating system makers like Microsoft and Apple about which certificate authorities are accepted.)

Mozilla, Microsoft and Google said they would work together and with certificate authorities and the security community on improvements to the system. One approach proposed by Comodo and Google engineers in January would allow Web site owners to specify which certificate authorities may issue certificates for their sites.

An initiative preferred by security experts would overhaul the system more radically. It would give Web sites similar control while securing their certificates within a new encrypted version of the domain name system, the central directory of the Web, making it the de facto central certificate authority through which Web sites could generate their own certificates.

Article source: http://feeds.nytimes.com/click.phdo?i=81e1d2b19cb77f5dcfdff1695356f42a