Feeds

Security bugs floor Google's Friendster-clone

Orkut comes and goes

  • alert
  • submit to reddit

3 Big data security analytics techniques

The name means "to cum" in Finnish slang - literally, to orgasm - but the Orkut social networking service that Google launched on Friday was utterly spent by Sunday afternoon.

Members of the Friendster-clone were greeted with a message that faded (stylishly) into view - the stylish fade-in coming from some piece of fancy script that only a web designer would think was important.

"We've taken orkut.com offline as we implement some improvements and upgrades suggested by users. Since orkut is in the very early stages of development, it's likely to be up and down quite a bit during the coming months."

Ah, just like a Microsoft program, we thought.

"None of the information you've entered will be deleted, and none of the connections you've made will be lost. And, if all goes well, you should see some significant improvements when we come back online.

"We'll send an email once everything is ready and running again. Thanks for your feedback and for bearing with us as we work our way up the learning curve."

What did the Orkut team learn? Well, it wasn't to do with scalability, as many of the wildly erroneous rumors flying around the Net at the weekend suggested. The Orkut programmers can put away that copy of "In Search of Clusters". Scalability is the art of keeping going while millions of new users arrive, and it's not trivial to fix, and it's plagued social network companies who have to draw maps of these social relationships. Friendster itself, for example, has given up drawing these complex webs in real time, and instead caches them overnight.

No, the problem was security. Sources close to Google suggest widespread XSS (cross-site scripting) hacks forced the closure of the service. It isn't clear how much personal data or communication was disclosed.

The major problem facing social networks is that they scarf up personal information far more efficiently than a Carnivore system. People really aren't going to trust them if they view these start-ups as honeypots for future marketroids to reap everything we didn't want them to know. Let alone allow a passing hacker to scarf up this potential archive of great exploitable value.

And not to bore you, but you've got to love how that recursive Privacy Statement shimmers into view. How do they do that?

While the service will no doubt splutter back into life, it's left many wondering whether Google was entirely serious about the exercise. Maybe you can figure out what's wrong with this story...

Google allows staff to spend twenty per cent of their time on their own projects. Having failed to acquire Friendster last year, Google was under some media pressure to create its own offering in a space that "experts" were telling us was "hot". An area that marketing consultants would advise adds "stickiness" to the site - if it wanted to be one of those "sticky portals" we read about years ago, in the late 1990s.

But for some strange reason, Google entrusted the Friendster-buster to a junior programmer to implement on a Windows system. Why on earth the proven masters of open source scalability chose to allow this to happen, puzzles us all. Maybe Orkut will come again - as a full fledged Google offering. Or perhaps the name is a clue. Perhaps Google really doesn't take "social networking" as a business concept that deserves anything closer than arm's length circumspection, very seriously at all. And perhaps that's a very good call. ®

Related Stories

Google debuts Friendster-clone Orkut
Friendster bubble 'has peaked - will pop'

High performance access to file storage

More from The Register

next story
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Audio fans, prepare yourself for the Second Coming ... of Blu-ray
High Fidelity Pure Audio – is this what your ears have been waiting for?
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
Apple DOMINATES the Valley, rakes in more profit than Google, HP, Intel, Cisco COMBINED
Cook & Co. also pay more taxes than those four worthies PLUS eBay and Oracle
It may be ILLEGAL to run Heartbleed health checks – IT lawyer
Do the right thing, earn up to 10 years in clink
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.