InternetNeverSleeps
Los Angeles, CA
Female, 38
I oversaw all on site safety and security concerns for one of the largest social networks in the world. In the wild west of the internet, I had to develop policies and guidelines on how to deal with even the weirdest issues, work with law enforcement, meet with our government and address all the urgent issues that can pop up. My teams were the 911 of the internet, if you will, responding to the craziest of issues.
Yes, at just about every company I work at there seems to always be foosball tables. I wish there was a ball pit at my current or any previous employers, that would be rad. I can't work at any big, corporate stuffy company. I worked for Siebel for a few months over a decade ago and found that out the hard way. :)
Hey Zucktown, Good question. Generally spammers are automated systems that are coming in from a certain IP address/block of IP addresses (*cough* China *cough*) or mass posting very similar types of content. Based on various factors, you can either prevent account creation and/or certain types of content being posted. If an individual hacker is targeting a very specific individual, that is a bit tougher. We try to educate users on account security - so be wary of phishing, don't have a password of 'Password' (this happens more than you know) or name your password after your cat (a friend of mine got his account 'hacked' by his ex-girlfriend. Turns out his password was his cat's name. #fail).
Cross site scripting hacks were always a problem for us, because in the early days, a user's profile could get "infected" by just LOOKING at another user's profile that was already infected. And then BOOM! You get hundreds of thousands of profiles getting "infected" within minutes. So then you have to figure out how to plug the hole, launch that code asap, and then clean up the prior mess. Ironically, our site did get shut down once, as well as Yahoo's and some other huge websites. An electric company employee accidentally triggered a power outage in the Los Angeles Data Center hub (if I recall) and led to major outages for major websites!!!
Yes to both! I've been a very active user of the interw3b since about 1995 and there are pre-cursor 'social network' sites that still have a strong fan base (such as Livejournal) (OK I admit, I still love Livejournal) and have easily lasted over a decade. Will Facebook still have the strong following it does now? Only time will tell, but it's hard to stay on top forever!
Personal Injury Lawyer
Private Detective
Meter Maid
Not really - using your example, I will explain why. First, we can't really determine (nor should we) if that is real cocaine (or say, pixie stick sugar). Second, the profile might claim the user lives in Miami, but we can't verify that (even if IP logs show a Miami-ish location, they could be using a proxy). Also, even if we reached out to local law enforcement with this information, we would still require a subpoena to release anything that would help law enforcement actually locate this person (such as their IP logs or email address). Law enforcement is already incredibly swamped with all the real-life crime/issues going on to deal with all the online activity going on, so no way are they going to take on this case knowing they have to do all this extra work for a potential, non confirmed, or as you said, suggested, crime. A major exception to this rule is child pornography. As our site proactively reviewed image content being uploaded to the site, we would come across questionable images. It is the law that we immediately report any child pornography to the National Center for Missing & Exploited Children (NCMEC), who has their own law enforcement agents assigned to them (I.C.E.). Even if we are not 100% sure that it is an underage person, it doesn't matter - if it raises a red flag, we don't take chances and report it.
The biggest security issue I see that is still plaguing social network sites (and many other types of sites) are phishing attempts. I've seen very successful phishing schemes that result in thousands of user account login information, which then results in a bot automatically logging into that user's account and sending out spam. Cross site scripting (xss) hacks are also annoying and have, in the past, run rampant (in one instance, about 1 Million profiles were affected in a short period of time). They are more annoying than malicious - I consider phishing worse in terms of what we experienced.
For the first question, it depends on the image rights. For example, if the image is Public Domain, then you should be OK. If you are ever unsure, probably best not to upload the picture. YES I can tell you right now that any website that allows users to post content MUST comply with takedown notices, in accordance with the Digital Millenium Copyright Act (DMCA). Fortunately for website operators, the DMCA is fairly clear about the process. More fun reading about the DMCA can be had here: http://www.copyright.gov/legislation/dmca.pdf Please note my response here is very generalized and should not be used as legal advice!! :)
-OR-
(max 20 characters - letters, numbers, and underscores only. Note that your username is private, and you have the option to choose an alias when asking questions or hosting a Q&A.)
(A valid e-mail address is required. Your e-mail will not be shared with anyone.)
(min 5 characters)
By checking this box, you acknowledge that you have read and agree to Jobstr.com’s Terms and Privacy Policy.
-OR-
(Don't worry: you'll be able to choose an alias when asking questions or hosting a Q&A.)