Sophos Cloud Optix
Is this spam or not? I’m finding it hard to decide.
But there’s certainly something about it which makes me feel uncomfortable with my security hat on.
Al Gore’s Climate Reality Project is encouraging social networking users to “donate” their online accounts for what they call “24 hours of Reality”.
During that time, the organisation will be able access your Twitter and Facebook account and post information about climate change and a global awareness event they are holding on September 14th with the aim of focusing attention on the “full truth, scope, scale and impact of the climate crisis about climate change”.
All the Climate Reality Project needs you to do is authorise its application so it can post Facebook status messages and Tweets in your name.
You’ll still be able to use the social networks as normal – it’s just that a few times an hour you will find messages from the Climate Reality Project issued using your name, interspersed amongst your regular online activity.
Is it spam? I freely admit that I’m undecided.
I mean, there’s nothing to stop the Climate Reality Project’s supporters retweeting and sharing everything the campaign says anyway, and subjecting their Twitter followers and Facebook fans to all that messaging.
Instead, what it sounds like is just another example of an organisation trying to muscle their way into social media success – ironically, the diametric opposite of what actually works. Something that might actually be considered rude in whatever the Web 2.0 version of netiquette is.
Perhaps the Climate Reality Project would do better to just be interesting. That way, people would reshare their content or build upon it in an authentic way which would most likely be more appreciated by the supporters’ online followers.
After all, isn’t an argument put more convincingly if people can see that some effort and passion has been put into forming the case, rather than someone lazing about on their sofa and getting an app to tweet it out for them?
But more than that. Isn’t this bad security practice? Should people be encouraged to hand control of their Facebook or Twitter account to a third party for a day?
Isn’t it a bit like lending somebody your credit card for 48 hours? Haven’t we seen enough abusive third-party apps on Facebook and Twitter without users being encouraged to install more?
Or.. in your opinion, does none of this matter? Is it okay for the normal rules of netiquette and account safety to be waived for 24 hours, because the cause of climate change awareness is so important?
I’m not sure what to make of it all. Why not tell us your opinion in the quick poll below and leave a comment.
This gives him permission to post whatever he wants, in my name? Fat chance
I’m not a real fan of Al Gore and wouldn’t want him saying stuff in my name, but if you like Al Gore and believe in his message then “donating” a social status update or two to his cause is a very low cost method for him to help spread awareness about a cause you believe in. I think that there are a lot of companies that also help spread messages online without this minor security risk inherent with this idea, and this might be a better idea for organizations that don’t have a figurehead that people can trust. I’m not sure that this would work for most organizations, but I applaud Al Gore’s group for this innovative advertising idea. At the least, it’s gotten people talking, and that is definitely what you want with advertising.
More importantly, how do you know it's Al Gore asking?
What does it matter?
Given Al Gore's character and credibility (or complete lack thereof) whatever an impostor claiming to be him would post would surely be at least as truthful and relevant as anything that the genuine Mr. Gore would ever himself post.
This is the first I've heard of this (I blame it on my primitive Canadian roots). Personally, I don't think it's something I would want to do. I have far too much porn … I mean *private files* ⊙.⊙ … stored on some of my accounts that I wouldn't want anyone else accessing, but, I guess if you feel strongly enough about a cause, you'll be willing to waive your privacy to make a statement.
The only reality is Gore is a big time liar and loser.
It's a shame I can't vote for 3 of them. Mostly, I'm not comfortable with a 3d party app using my credentials. What if they get hacked?
I'm also not sure they'll post anything I agree with. Their 'facts' have been horribly flawed before, so I'll repost anything I feel strongly about – possibly to jeer at it, maybe not. It depends. Without my input, it is spam & will certainly irritate my friends.
The poll is multiple choice. You can choose more than one option. 🙂
You mean where it says to "tick" all that apply? 🙂
I'm thinking…this sounds like something LOLZ/Anonymous whatever would find to be a perfect target..
There is a reason I refuse many apps and games on Facebook. It only took one spam app to hitch a ride on my account..
Any of my friends who join this and start posting spam will be deleted.
Hey, down below this comment field is a "login" with twitter button. If I use that button, I've granted YOU the ability to tweet as me, change my profile, and see who I follow. I don't know what you're going to do with that permission, or why you could possible want it. So, I'm going to post "anonymously", but let you know that I am @ianeiloart
Anyway, my initial thought was that this is spam, but I've changed my mind and voted again (huh?!).
If I go for this, then tweets will go to people that have opted in to my stream, and they'll be tweets that I've opted to include in my stream. So, technically I think they don't contravene the UK's laws on unsolicited marketing messages.
However, I don't feel that I have enough information to participate. I'd want to know (a) that there won't be more than, say, one message per hour, and (b) that they'll be sent as retweets rather than tweets. That's so that my followers (and I) won't be bugged by multiple copies of the same message.
He can put his words on toilet paper, and I will see they will go where they are most needed
There's practically little difference between this and other 'apps' authorised to access online accounts, which is something I'm not comfortable with anyway. Be prepared to lose virtual 'friends' though.
Exactly. What's next, a security post about Farmville wanting to post to peoples' walls? Idiots.
It seems like a phishing scam to me! I am meant to volunteer my identity to them for a day. I think I can pick and choose what arguments I promulgate myself thanks and I like to keep editorial control over my stream….
Respectfully, Al Gore is a freakin idiot making money on false science and scaring those who fall for this crap. The debate never ended, and we are not "racist" for denying global warming, oops, or is it called "climate change" due to the record cold winters and mainly uneventful hurricane seasons the last 6 years. I'm all for not polluting, but China is the one who doesn't give a crap, while the U.S. has many strict regulations. It's all about the Solar cycle and Sun spots. The hot air coming out of Al Gore with his private jets and humongous house doesn't help. It's all a scam. Put that in your lock box former VP.
NO WAY! As much as I support environmentally conscious affairs, no one is going to make use of my social net.
If asked to add a widget to my websites, a post on Facebook, or tweets, that could be a different matter.
But making use of my accounts; NOT A CHANCE!
He has a nerve even asking. Just where do these politicians get the gall to even suggest such a thing.
No, No, No
This sounds about as bad an idea as turning your PC over to Anonymous to run a LOIC DDoS with. Except it may not be quite as illegal.
But, you authenticated with Twitter. That required granting exactly the same permissions to … who? Well, someone with something to do with WordPress. To do what? They don't say.
'BUT FINK OV THE CHILDREN!!!'
Sent by Al Gore App at 17:08
What you don't trust Al he invented the internet he would never misuse it for his own gain Man I can't even type that without laughing. get a life Al.
Yeah, I'd rather retweet. I have my own, slightly personalized beliefs on the environment and don't want a bunch of anti-nuclear power propaganda on my account.
Just another way for Al Gore to spread his "cause" and stash more money in his pockets.
I never use any 3rd party apps on FB or anywhere else!
And I would never allow anyone to post in my name, even if I support their cause. When something is posted in my name, it is always posted by me in my name, and almost always including a personal comment or at least a personally chosen quotation from whatever item I’m posting a link to.
Al Gore has lost all credibility and is beginning to show signs of cracking. He recently compared skeptics to racists. The fact that he resorts to this – having other accounts at his fingertips is further proof he cannot spread his propaganda himself.
Mr. Gore never had any credibility in the first place…at least not with people who are able to discern between fact and fiction, and can think for themselves,
If it looks like a duck, quacks like a duck. And waddles like a duck….
It also ducks like quack….
Donating your status is not new. The Human Rights Campaign did this for National Coming Out Day last year and I and a few friends opted in. It was a real fustercluck. Their software wasn't configured correctly, so my choice to have my status donated only for one day (two days in the future) wasn't respected and it outed me half an hour after I signed up. For one friend, the "post random messages at random times" option sent out repetitive updates all day, often fully duplicative less than an hour apart. By the time the end of the campaign rolled around, her friends list was mocking the statuses openly. The other friend had his set for once a day, which, amazingly, worked correctly. Based on that experience, I would NEVER donate my status/tweets/anything again.
I think this is a great idea and one that would only work for a very very few trusted organisations and probably only organisations like this who wants to do good.
For all others it would be spam.
I think this is a truly tailored approach that probably is so unique it will only work once like the million dollar website.
sorry sweetheart, spam is spam, even if the sender "wants to do good"
Using the term “raising awareness” is a way to dupe people into thinking that taking such security risks is acceptable because it is for the good of the wider community.
I don’t see that allowing an application access to my personal information on facebook to “raise awareness” about climate change is actually doing anything practical for climate change at all.
This is no different than any other third-party apps on FB/Twitter. You're explicitly authorizing the apps to have access to post on your wall, not providing your password. This is the same level of access people provide to many games, for instance. They're just being very explicit about what they're going to do with that access.
I wish some people would show enough maturity not to hijack every discussion to rant about what they do, or don’t, believe in.
The topic of discussion is clear: If you believe strongly in a cause, are you prepared to temporarily give direct access to your social media account to an organization promoting that cause?
This is a security-related discussion not a political or environmental one. If you don’t believe in a cause then it’s quite obvious that you wouldn’t donate your accounts to promote it! So, please refrain from ranting as it would be just hot air in the context of this discussion.
I believe if someone believes in, and care for, Climate Reality Project strongly enough to consider donating his account then he/she can also spare a little time to personally retweet/repost the messages. It’s never a good idea to put someone else, no matter how much you trust them, in control of your online accounts because trustworthiness does not always come with reliability.
Now that this is public knowledge within security circles what happens when someone (let’s say anonymous) decides to hack into this project and post things for themselves?
If someone hacks them and that app gets used for spam, then Facebook will pretty quickly lock down the app ID they are using and that’s it. Probably something similar for Twitter, too.
C’mon.
Look, Al Gore is a complete dork. He has exploited fears of GW for personal gain for better than a decade. Mainly, he has suckered in the gullible Left. But, he’s also fooled many who subscribe to the Original Sin Theory that infects so much of Western/Protestant thinking – people are just inherently bad and are the source of every wrong or fear, whether real or imagined. Gore deserves to be tried for Crimes Against Humanity at the Hague. Immediately.
Second, why would you give ANYONE access to your FB site to post anything in your name to your “friends”? You have to be completely stupid. Even if you do drink AlGore’s Kool-Ade. Well, in the latter case, that is a bit redundant.
he would be the LAST person I would want on my page telling me about something I seem to know more about than he does! And he makes a bundle off all this … where is the payback from HIM to Nature? Hes been wrong on SO MANY levels, and I dont want his mouth spewing his garbage on my nice 'clean' page in FB tyvm!
Who _isn't_ already "aware" of this issue? All these so-called "awareness" activities are just a way to try to strong-arm people into agreeing with your group's agenda on a given issue. With this one in particular, the problem isn't lack of awareness– it's a growingly-discredited group (yeah, I just made that up) trying to save their cause by getting more and more people to drown out opposing viewpoints.
Of course this is all a security issue, and will probably have the opposite effect from the desired one.
I signed up. Thanks for posting about this! Yeah, it's probably spam. And it's only for one day. And I, for one, am sick of feeling so powerless in the face of global warming deniers (aka mouthpieces for lazy corporations who won't take responsibility for their impact on the planet). So this is my humble contribution to the conversation. It won't kill me. And it's better than what Zuckerberg's doing to me, and all of us, with facebook, so what the hell? I just hope it doesn't mean I'll have my account hijacked to spread Democratic Party pablum in '12. I'm Green and disgusted.
This is very bad netiquette because it is giving your approval for messages that you have not approved. Al Gore should know better. He cannot be trusted, even if he did invent the internet ; )
This smacks of desperation. If he is resorting to such tactics then his campaign isn't going well. Time to ask why not!
Of course that it's spam that will be distributed by a network of zombie computers.
However, there's one technical difference from the usual attacks by networks of hackers: they usually distribute their malware through defects in the operating systems and software run by the future zombie computers.
Al Gore distributes his spam through defects in the brains of the owners of the computers because they have to click on a button on his website to convert their accounts to spam-spreading zombies. Antivirus companies should start to fight against the virus of being an online donor or fan of Al Gore because if this infection grew to more than the current 10,000 lunatics who approve of Al Gore, we could face quite some problems.
"Perhaps the Climate Reality Project would do better to just be interesting." How about being accurate and not lying. Research "Agenda 21" to find out the truth.
It actually goes right along with Gore's "nanny state" mentality: "We don't trust you to FB or retweet, so WE WILL DO IT FOR YOU".
Anyone giving their permission for others to use their Twitter account as a sock puppet should be required to tell their followers in advance.
I will then instantly unfollow.
I smell wood burning …. yep it's wood, anyone else?
He knows what he can do with his "request" – the second word is "off"!