ALERT: Twitter makes it easy to impersonate

Impersonation has a long tradition - just look at comedians, actors, crooks and intelligence workers. Impersonation used to require special skills, sometimes even special looks, and the risk could be very high. Well, maybe not for the comedian, as he/she would most likely only risk not getting the laughs, and some embarrassment.

Imagine a crook impersonating you. He enters the bank and tries to lift some cash off of your account. If he is not convincing, with the right looks, and saying the right things, he would not succeed. What is more, he would risk not be allowed to leave the bank, and be jailed.

Today things are different. New technologies always create new opportunities. Not only for you, but also for the opportunist. You can see that in the social media today, as you could see it in every technology in the past. Consider these examples:

• Using car to run from a heist (robbery to the rest of us) – imagine the opportunity the cars made for crooks when the police only had horses. On the downside, only few people had cars then, and you did need fuel and other supplies.
• Phone line hacking (Phreaking): Using blue boxes to avoid getting a phone bill. With the growth of the electronic switchboards came the tools to exploit them. Very low risk, easy to use (if you knew your way around electronics) and free.
• Weapons technologies – just consider what happened when gunpowder where developed. It turned the world up-side down.

Today (2008), the social media is under attack. And Twitter is one of many tools used. Why? It requires very little skills – if you can turn on a computer and surf on the net, you have the skills necessary to exploit the social media.

Take this example with Sarah Silverman. Anyone could do that. All you need is an email to sign up with, and as we know, emails are freely available. 

And as before, we need to understand the technology from all sides in order to protect and manage it.

Take the cars above. When the police did not have cars, the crooks had a better position. Then the police started to use cars, and the crooks added stronger engines and better drivers. The police had to do the same. At some point, they reach the maturity point, and the technology acts as an equalizer instead of being the differentiator it was initially.

The same is with the phreaking example above. The phone companies needed to replace the expensive and slow service that the manual switchboards where (I know, the employees usually where extremely quick…but they still where not able to compete with automatic switchboards). In came the automatic switchboards, using electronic switches. Surely, smart engineer understood the technology, and where able to exploit it simply by building a device that sends the right kind of signals to the switchboard, thus tricking the switchboard into setting up phone calls without charging the exploiter.

As the exploits grew in popularity, the phone companies engaged in a battle that is still taking place. And in parallel, the commercialization of Internet began. And Internet created new possibilities to exploit.

Let’s get back to 2008.

I continue to see people advice others to take control of their internet presence by registering to this site and that site. I do not think that is the right strategy for protecting your online (and to some extent offline) ID and credibility.

If I where to register my name on every tool, website, social media site on the Internet, I would spend all my time doing so. That is just not feasible. And it would be plain stupid. Because by spending all my time registering and monitoring these options, I would not have time to do my job, and live my life. And if I cannot live my life, why should I protect it?

Another point is that by registering on every site available – or even just a selected few – I would make my self so much more available to be exploited. Imagine this scenario: you get an invitation by someone you know, to join a network/site/tool you never heard about. You join, and by doing so, you give away personal information to someone you do not yet know if you can trust. And believe me, these invitations have been around for a while, and more will turn up.

Personally, I have selected a few sites I have registered to. And yes, I do consider a few others from time to time. I am considering Twitter for one atm. But one thing that has changed since I first experienced Internet commercially in 1994, is that I no longer thrive to be a first mover.

With the increased risk of getting harvested, I am now very careful with the tools and sites I adopt and use. Not only because I am worried about someone stealing my info, but also because I now maintain a profile that people trust in. I do not want to ruin that if I can help it.

Thus, today I follow these rules:

• Never be the first to register (unless it is for testing purposes to help a few, selected contacts)
• Never invite others to join (unlike a few years ago, where I helped spread the word about Plaxo, LinkedIn, Xing and others).
• Never accept the first invitation (if one or only a few of my contacts use it, it is unlikely to add value to me. When momentum is created – i.e. when more than only a few contacts use the tool, I will take a look and consider it for adoption. But not before).
• Make up your own mind. (as in not letting everyone else telling you where you need to have a profile, what you should do, and how you should do it)
• Be responsible (as in accept the risk, and take your precautions).

What are your rules of using the Social Media? Do you have any? Do you care? What are the sites you consider a must? Which sites do you avoid? Why?