get this!

Wednesday, February 20, 2008

Orkut Scraps - Security

Hi Everyone!! If you use Orkut, then this post is meant for you!!

The Situation:
If you are a regular Orkut user with a lot of friends, I am sure that you would received at least a dozen SCRAPS from your friends, asking you to, copy-paste some innocent looking javascript code into your browser's address bar to see something fancy, or, to click on a link that will take you to some funny website, or, to view some (embedded/linked)videos that they claim to be interesting... And many more variants of the above mentioned stuff.

Nowadays, while some of these things are really sent by your friends, most of these scraps are sent automatically without your friend's knowledge, because, they did some stupid act of meddling with some scripts that compromises their security...

This problem is causing a really big headache, not only to the person who risks themselves by falling for these tricks, but also to their FRIENDS, who believe that the automated scraps are really from their beloved friend and thus causing a chain reaction in some cases.

The Solution:
How to put a stop to this nonsense then? this is where my very simple idea comes into action.. be warned this is not an exhaustive security measure of any kind, but rather a very simple preventive measure and solely depends on the user co-operation to work efficiently..

"If you can determine whether the scrap you received is really sent by your 'trustworthy' friend, then you have no security risk at all.."
So all you have to do is attach a UNIQUE signature.. (it can be your name or a tagline or some random strings/numbers etc that is known to both parties...) and ask your friends to do the same, ONLY WHEN forwarding scraps with suspicious-links/scripts/videos among yourselves..

This way, you can be sure that the content is REALLY sent by your friend and not some automated system.. but of course, a very important point to be noted here is that, YOUR FRIEND MUST VERIFY THAT THE CONTENTS OF THEIR SCRAPS ARE SAFE (if they desperately want to forward something to you, then they won't mind doing this ;-)

Suggestions:
And just to make the signatures more standard yet unique, you can try combining the first two letters of both, your own profile name, and the friend to whom you are scrapping to..(it should be easy to just copy-paste it..)

So what do you think? Is this method worth trying?? will our orkut friends agree to follow it until Google steps in with some security measure?!?!?!?
Any sort of additions/corrections/suggestions/entirely different ideas of your own/queries or even flames claiming this is a stupid idea are welcome!!

Read more...

Copyright © 2007 AKMA Solutions
AKMA Solutions is powered by Blogger


Anti Spam can make a difference in the fight against spam!

  © Blogger templates The Professional Template by Ourblogtemplates.com 2008

Back to TOP