Wow. that's intense.<br><br>For what it's worth, I don't think having a fan box is a great use of facebook on the website. It would add faces and names in a way which is actually quite alien to the network, and I think it wouldn't go down very well. The network does include people you act in the tradition of bearing witness and total accountability in their actions - but there are plenty you act in an autonomist tradition who wouldn't want us to be seen as putting names and faces to our activists on our website. Plus, the way JimDog puts it, it would be a bad idea for security as well.<br>
<br>I'm in favour of using Fbook and Youtube to help us where we can - while also educating people about the issues surrounding these companies. But I don't think the fan box would be an appropriate or particularly advantageous use.<br>
<br>r.<br><br><div class="gmail_quote">On Mon, Nov 16, 2009 at 7:54 PM, Jim Dog <span dir="ltr"><<a href="mailto:theinnercityhippy@riseup.net">theinnercityhippy@riseup.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Hi<br>
<br>
at work so can't write a detailed thing at the mo, but can ring you tomorrow and explain better if you like?<br>
<br>
The basic problem with this isn't that it's facebook (i do have a problem with that but concede that people want to do it which is different to this objection- i'll bring that up with some proposals for solutions at a later date).<br>
<br>
The problem with an embedded box relates to the way the users web browser handles that information. Here's a really brief summary-<br>
<br>
a user types <a href="http://www.climatecamp.org.uk" target="_blank">www.climatecamp.org.uk</a> into their browser. This sends a request for the front page to our server, which then sends the html code for our front page back to the browser, which translates it into words and pictures for it to display on the users screen.<br>
<br>
In this instance, that html code includes the code you posted to the list for the facebook embed box. Since the information that it requires is not hosted on our server, the users browser then automatically sends a separate request to the facebook server for the information it requires in order to display the missing information. This then gets sent back and put in the correct place by the users computer so it all looks like it is part of the same page, despite coming from two separate places.<br>
<br>
The request that is sent to the facebook server contains a lot of personal information about the user, including their ip address which is uniquely identifying to them (same as a home address), time, date and referring url (in this case <a href="http://climatecamp.org.uk" target="_blank">climatecamp.org.uk</a>). This makes it very simple for anyone to see every single visitor that our site has had, despite the fact that we keep no access logs for our server so that people can visit us anonymously if they wish without fear of the authorities seizing our server and getting details of anyone sympathetic to what we do (we are a direct action movement remember).<br>
<br>
This is all done invisibly, without the possible consent of the visitor and there will be no way to visit our site without giving away our personal details to the largest corporation on earth, and one in particular known to have close links to the us security services (so by default ours too). In short we are forcing that upon people and not allowing them to opt in or out. This is a pretty outrageous abuse of trust if we go ahead with this which is why i say that if we do i'll have no more part of it (though i know it's pretty minor part anyhow), and to be honest the right thing to do in that situation would be to let people know not to visit or use the site if they care at all for remaining anonymous or not generating revenue for microsoft. This should be made very clear in a pop up warning of some kind before the front page loads if you go ahead with this anyway.<br>
<br>
As i said, ringing me tomorrows probably a good idea, but i prefer the conversation to be open and transparent.<br>
<br>
In solidarity<br>
<br>
jimdog<br>
<div><div></div><div class="h5"><br>
<br>
<br>
<br>
-original message-<br>
Subject: Re: [Cc-webedit] facebook fan box widget<br>
From: Jonathan Stevenson <<a href="mailto:jjjstevenson@fastmail.fm">jjjstevenson@fastmail.fm</a>><br>
Date: 16/11/2009 5:07 PM<br>
<br>
To be honest I'm not aware of the security implications as I'm involved<br>
in this group from the persective of communicating what we're doing to<br>
the world not as a techie - could you elaborate?<br>
<br>
Also I definitely don't want to make you leave the group. But also I<br>
think Neil has a point. We use Facebook and Twitter at the moment and<br>
until a non-corporate application does what they do I think we're stuck<br>
with them. Should we ask to be removed from all the major search engines<br>
on the same basis? I'd prefer to support the development of<br>
non-corporate alternatives while making use of things that generate web<br>
traffic at the moment. I think that's the common ground we've found<br>
across the set of people who've been involved so far, though I realise<br>
that's not the result of a long and proper discussion in person, so<br>
maybe we should work out when we can have that about this.<br>
<br>
Anyway, the main thing that looks good about the facebook box thing is<br>
that it shows you some people who are involved in what we're doing,<br>
which at the moment the blog doesn't as it's usually an anonymised<br>
person with no picture etc. If Crabgrass or whatever did this kind of<br>
thing that humanises being involved in Climate Camp then I'd be in<br>
favour of embedding that instead. And a randomly generated list of six<br>
'fans' of the Facebook groups is quite a good way to address security<br>
concerns I'd say. So I'm approaching it from that perspective not from<br>
wanting to help Facebook sell my data to the CIA.<br>
<br>
J<br>
<br>
<br>
Jim Dog wrote:<br>
> Hi<br>
><br>
> i've refined the code a little to make it more suitable:<br>
><br>
> <script type="text/javascript"<br>
> src="<a href="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php/en_GB" target="_blank">http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php/en_GB</a>"></script><script<br>
> type="text/javascript">FB.init("2d8b4fab7bd2a9baf4f71f558e317eea");</script><fb:fan<br>
> profile_id="13788209740" stream="1" connections="10"<br>
> width="300"></fb:fan><div style="font-size:8px; padding-left:10px"><a<br>
> href="<a href="http://www.facebook.com/climatecamp" target="_blank">http://www.facebook.com/climatecamp</a>">Generate advertising revenue for one of the worlds biggest polluters and least ethical companies in the name of climate camp - click here</a> </div><br>
><br>
> in all seriousness, are people aware of the security implications of embedding a link like this in the site. Pulling out a feed is one thing but this is way way too far, to the point where i'd be prepared to block it (as in my admittedly minor involvement would come to an amicable end if this goes ahead). Remember the anti capitalist remit agreed by concensus at blackheath? We can do better than this ;-)<br>
><br>
> in solidarity<br>
><br>
> an insanely busy jimdog<br>
> _______________________________________________<br>
> Cc-webedit mailing list<br>
> <a href="mailto:Cc-webedit@lists.aktivix.org">Cc-webedit@lists.aktivix.org</a><br>
> <a href="https://lists.aktivix.org/mailman/listinfo/cc-webedit" target="_blank">https://lists.aktivix.org/mailman/listinfo/cc-webedit</a><br>
><br>
><br>
> _______________________________________________<br>
> Cc-webedit mailing list<br>
> <a href="mailto:Cc-webedit@lists.aktivix.org">Cc-webedit@lists.aktivix.org</a><br>
> <a href="https://lists.aktivix.org/mailman/listinfo/cc-webedit" target="_blank">https://lists.aktivix.org/mailman/listinfo/cc-webedit</a><br>
><br>
<br>
<br>
_______________________________________________<br>
Cc-webedit mailing list<br>
<a href="mailto:Cc-webedit@lists.aktivix.org">Cc-webedit@lists.aktivix.org</a><br>
<a href="https://lists.aktivix.org/mailman/listinfo/cc-webedit" target="_blank">https://lists.aktivix.org/mailman/listinfo/cc-webedit</a><br>
<br>
<br>
_______________________________________________<br>
Cc-webedit mailing list<br>
<a href="mailto:Cc-webedit@lists.aktivix.org">Cc-webedit@lists.aktivix.org</a><br>
<a href="https://lists.aktivix.org/mailman/listinfo/cc-webedit" target="_blank">https://lists.aktivix.org/mailman/listinfo/cc-webedit</a><br>
</div></div></blockquote></div><br>