Finding a new daily commute

Before there was a pandemic, there was the idea out there to eliminate the dreaded commute. It felt that the time of dropping the kids at in traffic, and occasionally dealing with road rage was something un-useful in today’s high paced world. In 2019, an article from RMIT & The University of Melbourne argued that those with long commutes by car were less productive and took more sick days than someone with a short commute, or by one who commutes by bike or walking. When I started to write this article, things were starting to open up in NSW, but now we are a bit more cautious. Regardless, many of us are still working from home. And even if we can work in the office, there’s still the option to work from home. So still the dreaded commute still seems to be a distant memory for many.

Here’s another view about the commute. In Dr Adam Fraser’s book The Third Space, he talks about the spaces we attend, and the spaces between them; the third space. The spaces we might attend could be our homes, our schools and workplaces, a friend’s place, church, or a park. The third space between each of those spaces is our commute to them. What we do in the Third Space helps us be more at home in our other spaces. The commute, for example, helps us understand that we’re going somewhere for work, or meeting for a friend, and to be ready and prepared for what happens there. We can also do stuff in that time to help us change our mental gears. Many in our church have used the daily commute in a productive way, whether commuting by bike or using it as their bible study time, or even learning a new language.

But now with that commute gone it seems that we’re all finding different ways for us to build a third space. A space where we can be ready for the next space we will be in, whether at school or for work.

Finding new routines

Often our new commute can be found in the routines we do before and after school or work. The main two routines that people have found to be important has been exercise and finding a place to do mindfulness. Recently, I heard of some radio stations which during the lockdown had a short mindfulness program play a couple of times throughout the day.

Earlier on Thrive, The Moyes family put together some of the new routines they during the height of lockdown. In that article, they mentioned their walks and bike riding during their breaks during the day. They also mentioned that they have used this time to continue their walk with God by reading his word. They were reminded that God is in control, and that “God is our refuge and strength” (Psalm 46:1-2)

Christians practice a form of mindfulness every day. We just don’t call it mindfulness. We do this through our prayer, our personal bible reading, and with remembering parts of the bible such as memory verses. All these practices help rely on his power and work and not on our own plans and power. Many Christians at this time have turned to the Psalms, a series of songs and poems that have been used by Gods people to pray and praise God, in many different times and emotions.

Using the Psalms as a form of Prayer

Back in March, an email from a Christian newsletter came through about a free new book. Trevor Wax had compiled a personal Prayer Book, Psalms in 30 Days: A Prayer Guide through the Psalter. The idea was to intently pray to God three times a day (morning, midday and evening), using the Psalms as a guide. There are also other prayers from Christian authors throughout history, reformed prayers, and other songs from the Bible. As we’re going through the psalms throughout the year at church, it was a helpful way in keeping a prayer life in a difficult time.

Tim Adams, our family minister at Macquarie Anglican, and I have been using this prayer book during the first few months of the lockdown to encourage our bible reading and prayer. After a few false starts, we’ve gone through this prayer book, and we’ve found it immensely helpful in starting and ending our days well and making sure that my walk with God was overflowing to my colleagues and my friends and family.

A couple of Psalms stick out. Psalm 13 and 42 remind me that I can cry out to him even when he feels so distant. Psalm 67 and 100 asks God for the day when the promises he has made that the whole world will be full of praise to him will be fulfilled. And Psalm 80 reminds me of the how that will happen through a Son of Man – Jesus Christ.

Surrounding the Psalm readings, there are prayers of lament and praise from other parts of the bible which point to the work that God has done for his people, or to the work of Jesus Christ who saves us from our sins. There’s a canticle section (canticle means little song) which used the common 3 songs of praise in Luke, which also remind us of the fulfillment of God’s promises in Jesus.

I also liked the way in which I could also pray for those working in the front line during the pandemic through the personal requests section each day. They also help me to remind myself of the family of believers both locally and abroad in this time.

I wonder what you commute to during this time. We all have an alternative commute right now, but where does that lead us to? I reckon that your commute should lead you to God’s word, and the rest that can be found only in Jesus. That commute won’t be dreaded, but joyful instead.

Jesus offers a Better Punchline – Easter 2018

A brick wall lit with a microphone in front.

Here’s a ‘comedy’ blog for Easter Sunday 2018.

A man walks into a bar. It really hurt. He had a headache for hours.

A man in his 20’s walks into a pub. He asks the bartender if they have wifi, the bartender says they do. The millennial asks what the password is. Bartender: “You’ll have to buy a drink first.” Man: “Ok, how much for a coke?” Bartender: “Its $5.” Man: “$5!? Yeah all-right”. and hands the note. The bartender get’s him the drink. “OK. What’s the wifi password?” Bartender: “You’ll have to buy a drink first. No spaces, no punctuation, all lowercase.”

The thing about jokes is that the punchline is unexpected. There’s three parts to a joke; a premise, a setup and a punchline. The premise gives you the lay of the land, the setup which sets you up for a sense of expectations, while the punchline throws you with some completely unexpected.

Some of the best storywriters like to think of their stories as big jokes. There’s a premise, a setup and a punchline. Pixar likes to think about their stories like that. “A elderly man is forced to move to a retirement village, so he attaches a whole bunch of balloons to his house and floats away.” Actually the punchline to that story is that a couple planned an exotic holiday on the top of a secluded cliff their whole life, but when it finally is all pulled together, there’s an elderly man, with all his possessions, on top of that cliff, alone.

Some say that there’s two types of stories. There’s Comedies, which everything goes wrong with our characters until the last moment where’s there’s a great party. And there’s Tragedies, where every day is a party until the funeral comes. If you were to map how well the characters were going with a graph, Comedies look like a smile while Tragedies look like a frown.

So I wonder what your story looks like right now?

Date, Hyphen, Date

“It’s a short time on this planet, man. It’s a date, and then a hyphen, and then another date. And we’re the hyphen.” Craig Ferguson

The comedian Craig Ferguson put it best about the story (or the joke) of life itself. When he made that quote, he was thinking about his career and he felt there was more to life than speaking to celebrities all day. There was a sense of missing out so much more of his potential as a comedian & presenter.

We have a sense that we’re going to miss out on something, that we need to cram so much into our hyphen; get a degree/diploma, see the world, meet new people, make stuff, further your career, change your career, get married, raise a family, get that perfect selfie.

And there’s a sense that this is the what good life looks like. It can feel like the material, or the experiential life matters. One view of the world could be summarised as “Let us eat and drink, for tomorrow we die.” (1 Corinthians 15:32)

But there’s a problem. Death isn’t a great punchline. Death is expected in life’s story. Death has it’s sting, and those who see it up close knows how painful it can be. For one day you might be having a great drink with your mates, the next he’s gone. I’ve seen that happen up close. Life’s story can be such a tragedy.

But what if death wasn’t the end? Well, Jesus comes along and offers a better punchline.

Jesus has a great punchline

Jesus had died the most horrible death at the hands of people – People who saw him as a threat to their power, and from people who did not believe that he was their God. But even those who did believe he was God, they didn’t believe him when he said that he would rise again.

So Jesus is dead on Friday. (Not the most fertile ground for comedy, but stick with me.) There’s a day of rest. (I mean, everyone needed a day to recover.) So when Sunday rolled around, some of the women disciples go off a to complete the burial rites. They didn’t want to keep God himself decaying. They we’re expecting a dead man in that tomb.

And then, he’s not there. They see a stone rolled away. All they see is linen in the tomb. And the most appropriate response is to freak out.  It’s like a big prank has been pulled right here.

At least when Mary turns around, she bumps into Jesus. I’m not surprised that Mary thought that Jesus was the Gardener. Picture him; Mediterranean, did a lot of hard labor growing up, got along side a lot of people, probably had a beard. I could be describing the current presenter of Gardening Australia! At least when the veil is lifted, it’s a sweet moment when they embrace. But you know something’s changed.

Jesus has a delivered a great punchline to life’s story. Jesus’ life is different. It has a date, and then a hyphen, and then a blip. But in that blip, death has died its own death. It no longer has it sting, it no longer has victory over Jesus.

But not only that, The Apostle Paul argues that this is just the beginning. There’s now a new life for all of us to be part of. The tragic life has just turned into a comedy, because now it’s just the beginning of a new path, a new life, a new story. Death is no longer just a date; it does not have the pain and sorrow and sting as it once did, it no longer has a grip or victory. Death is just a blip now.

Many Christians will say this April 1 ‘Christ is risen!’ Guess what? Christ is Risen is just the punchline to life’s joke.

Readings: John 20:1-18, 1 Corinthians 15:20-32, 53-57.

Much of this article can be attributed to SpeakLife’s Easter videos released in 2018, and Glenn Scrivener’s book “Divine Comedy, Human Tragedy.” I can also recommend Rory Shiner’s book, “Raised Forever”, if you would like to explore about the impact of Jesus’ Resurrection. I post mostly on Church Website design over on Medium, & recently here.

Four Options for a Stand Alone 
Sermon Library

Bible with Microphone on top of it. Title says "4 options for a Stand Alone Sermon Library"
Image by Arthur Miranda

You might be in the lookout for a stand alone sermon library website. You might be on a Website builder like Squarespace or Wix, and you might not be happy with their Podcast browser & player.  Or, you might not have the space to host all your sermons. What I’ll be covering is some options for finding the right sermon library for your church.

I’m going to show you 4 options that you could use at your church as a Stand Alone Sermon Library. Later, I’ll look at Sermon Plug ins for WordPress sites.

Sermon Library Criteria

I will be comparing the 5 solutions on 4 criteria. (Mobile users, just scroll side to side)

Upload/Admin experience

In this section, I’m asking how would someone who is uploading the sermon would use the software. How easy is it to upload a sermon for the Sound guy at our services? This is important as we want to have a simple solution as this will be done by different people each week.

Visitor Experience

In this section, I’m considering how the visitor experience will be to look for sermons and our sermon library.

Integration to website

In this section, I’m considering how easy it would be to integrate this solution on to our new site. I am particularly taking note in the following areas around responsive design, integrating one sermon to a series. Widgets etc.


Here I will give my thoughts on cost. In this case, I will only consider this compared to other contenders.

Buzzsprout Website Screenshot

Option 1 – Buzz Sprout

Cost: Free for 2 Hours per month (but only recent sermons), $12 USD for 3 hrs a month (if over, $4 extra per hour), $16 USD for 6 hrs a month (if over, $3 extra per hour), or $24 USD for 12 hrs a month (if over, $2 extra per hour)
Description: Buzz Sprout is a podcasting platform for users to upload audio to in the form of a podcast feed. We can also get an analytical reports. Although a podcasting platform, it has been used by some churches and Christian organisations.
Live Example: ChurchMag –

Upload/Admin experience

The person uploading this will need to upload the file through the Buzz Sprout account, add the genre (Audio, Religion & Spirituality), then add tags and a description.

Integration to website

They make a point that it is easy to integrate and share your podcasts, and it appears that they have a WordPress plugin or at least some embed code.

Visitor Experience

The visitor experience is Good.  The embedded code is easy to use on mobile and on desktop, as it used HTML 5 integration. However, you loose searching on Books of the bible, and limited to the sermon series for that week. You can’t do advanced searches compared to other solutions.


$12USD per month for 3 hours is competitive, but it really depends on how many different sermons are being uploaded per week. For our church, we weren’t sure if it will be a good option, given that we upload an English & Korean service each week, which in a month, would be somewhere between 3-5 hours of sermons per month.

Resonate screenshot

Option 2 – Resonate

Cost: $15-35 AUD per month, pending on the size of your church.
Description: Resonate Australia is an online sermon library aimed at helping churches to get their sermons online and promote them. The website is a centralised library of Australian sermons drawn from many churches. One thing you may need to keep in mind is that joining this service, you’ll be also be signing up to the Resonate community of churches and would be agreeing to the Resonate statement of faith.
Live Example: St James’ Old Cathedral, Melbourne West & Docklands –

Upload/Admin experience

I haven’t seen this side of the site, so I can’t comment on this at this stage.

Integration to website

Integration can be done, and it looks to be just a WordPress (?) plugin to the site. It is limited to the way that it is presented itself on the website, and I’m not too sure how customisable it can be. It is responsive, and does use HTML 5 methods of delivering audio files.

Another thing is that Resonate have their own Mobile Apps on Google Play and the Apple App Store, so that is worth checking out.

Visitor Experience

The visitor experience is Good.  The site is well designed, and the integration is very seamless. You can do an advanced search of your library, and you can have different logos for your different services. However, when clicking on a tag, it send you to all the sermons in the Resonate network that have that tag. That being said, it does allow for a mobile app and podcasting functionalities.


It is on the expensive side at $35 AUD per month, but I think it is worth it if you have a wide library of sermons.

Option 3 –

Cost: based upon how many GBs you are hosting. Up to 2GB is free, then around $1USD per GB per month (min $15USD).
Description: is a non-profit organisation from the USA for churches to easily get their sermons online in Audio, Video and Text (PDF) formats. You can have sermons sitting on your site, and available on the App, as well as in podcasting formats. We are also joining in a worldwide community of churches, who…also use
Live Example: Oatley Anglican Church –

Upload/Admin experience

Uploading involves logging into the Admin page of,  uploading the file, adding details on the sermon, then saving it. This is very easy, but it appears that there is only 1 user on the environment.

Integration to website

Integration is easy, but very limited in its design. recommends a link to their Media Centre, which is the Visitor UI.  You can also embed the media centre as an iframe which can be made responsive. It also appears that you can embed certain sermons and playlists.

Visitor Experience

The Media Centre switches between a Flash and HTML 5 player, pending if you have Flash installed or not.  I’m not a fan of the full video player for all types of media, as I think it’s too big for mobile devices. On Desktop, you can search on different sermon series and the like.


The pricing is competitive, and worth the at least $15USD per month.  You will need to consider that as your sermon library increases however, the cost will go up over time.

Option 4 – Soundcloud

Cost: Pro Unlimited is $145 AUD per year, or $16 AUD/month.
Description: SoundCloud is a global online audio distribution platform based in Berlin, Germany that enables its users to upload, record, promote, and share their originally-created sounds. Although artists use Soundcloud to promote their tracks, podcasters and churches do use it to distribute podcasts and sermons. SoundCloud is currently going through a bit of a difficult time at the moment financially, so this is something that you’ll need to keep in mind.
Live Example: Hunter Bible Church, Newcastle –

Screenshot of Hunter Bible Church

Upload/Admin experience

The person uploading this will need to upload the file through the Soundcloud account, add the genre (Audio, Religion & Spirituality), then add tags and a description. They would then need to add this to a playlist, and make sure that a few options are selected, and upload an square image.

Integration to website

Integration is easy, as we only need to copy and paste the embed code. That being said, when a new sermon series starts, we would need to create a new playlist, and embed an new playlist on site. It is Mobile friendly.

Visitor Experience

The visitor experience is Good.  The embedded code is easy to use on mobile and on desktop, as it used HTML 5 integration. However, you loose searching on Books of the bible, and limited to the sermon series for that week. You can’t do advanced searches compared to other solutions.


$16 AUD per month is cheaper than some of the other solutions that have been looked at, but is more limited for what we are trying to do.

In Summary…

So here’s some options for you to check out as you decide what your Sermon Library will look like. We ultimatly decided to use a WordPress site with a sermon library plugin, and I’ll look at these plugins next time. But it was a good chance to look at these different options first.

Do you want to be notified of new posts! Subscribe to my New Newsletter!

Subcribe to my Newsletter to be notified of future posts!

The transformation of everything – how technology changes the way we think

“The absolute transformation of everything that we ever thought about music will take place within 10 years, and nothing is going to be able to stop it. … I’m fully confident that copyright…will no longer exist in 10 years, and authorship and intellectual property is in for such a bashing.”
David Bowie, 2002.

The effect of the information era in the way that it has on society has ever changed the way that we think of various facets of life, relationships, work and the law. When information is available freely available within society, such as on the internet, it can have effects on how we use other material, including illegal ways such as piracy, as well as using information against someone or an organisation. The effect of online piracy has allowed for society to rethink the way that we deal with intellectual property and copyright. Not only that the effect of the freedom if information has also effected how society has become more responsive to bullying. This essay looks at the implications of online piracy and cyber bullying and its recent effects on society.

The effect of piracy online has been perceived to be quite damaging to the industries that they effect, due to the fact that money that should be given to the developers or artists are instead given to the piracy business. Not only that it changes the perception of society that everything created should be free, in the public domain. In the field of software for example, the economic effect of software piracy can be damaging. (Huygen, A., Helberger, N., Poort, J., Rutten, P., Eijk, N.V., (2009) Ups and Downs; Economic and Cultural Effects of File Sharing on Music, Film and Games) However, the response from the software industry to piracy can be very helpful to understanding the role of Intellectual Property in during the information era.  Many software businesses have turned to creating a new business model and rejecting the old model. Valve, a gaming business, has been successful in the launch of their gaming store and social network, Steam. This has seen to be the one of the major forces within the gaming software industry, with Steam now taking 51% of the gaming market share alone. The reason why it is so successful is due to the fact that the way that market themselves to be pro gamer in the form of proving good quality games, but also providing a cheaper cost to their games (usually due to the fact that they have removed costs from the traditional model) and having sales to bring in more revenue. This also has the effect that software piracy for their games are significantly lower. In this case, software piracy has allowed for the software industry to build on a new business model.

Online Music Piracy, with an early example shown with Napster, has had a different effect on the music industry. The music industry has responded to piracy with using legal action to continue using their business model, instead of embracing a new business model, such as what Valve did. This is in spite that the data that is provided by the industry does not make economic sense, according to Rob Reid, creator of the music streaming service Rhapsody. In a speech given at the 2012 TED conference, Reid shows that the data provided by the music industry regarding the amount of lost revenue and jobs to piracy does not measure to the actual revenue and jobs lost by the music industry. In reality, we do not really know what the effect that online music piracy has had financially, but we can see that it has had a cultural impact on society. In the Netherlands for example, a survey found that file-sharers would pay for a CD at 40% of the average price of a CD. Unfortunately, the way that the internet has been designed, for a file to be infinitely copyable, it can be difficult to keep the current nature of intellectual property and copyright intact. The use of just using the legal system instead of engaging with society has created somewhat of a dissonance between the the internet community, and the music industry.

I believe a better solution to the issue of intellectual property and copyright is for the industries to do two things. The first is to create a new business model to allow for the changes that the information era has made to society. The second understand the reason why copyright and other intellectual property laws were created in the first place. Kirby Ferguson web series ‘Everything is a Remix’ explains in his final episode that the original copyright act was subtitled “An Act for the encouragement of Learning,” however, the role of copyright has not used in this way in society. I believe going back to the original version and meaning of copyright will help with creativity as well as helping with the economics of the music and software industry.

Although the effect of online piracy has been a major issue during the information era, cyber-bullying and gossiping has also been a major issue during the information era. Stories of bosses firing their staff over things said over social networks such as facebook and twitter are becoming more and more common in society. We can also see more damaging effects of cyber-bullying in the psychological abuse that Charlotte Dawson got from twitter ‘trolls’ in the past month, it is easy to see the effect of the problem and disadvantages of using social networking sites. The problem is that when we receive that type of abuse, our instinct is to attack the person hurling the abuse, instead of reporting it. Recent attacks at ‘trolls’ and cyber bullies by the media have been ineffective due to the nature of the attacks, as well as not using more common systems around, such as reporting the abuse. Until such responses, the form of this abuse will still be around in full force.

With recent reactions to the way that we live in todays society, it can be clear that we now living in the information era. This also means that we need to react to issues regarding the information era, such as piracy and cyber bullying. We need to rethink the way that we use intellectual property and copyright, as well as the way that we use online networks. The conclusions to how we deal with these issues will effect the way that we act in todays society.

This was the second of two essay for a University unit about the effect social networks have on society. This essay had us engage with various case studies which are not referenced here.

Being turned upside-down – how technology changes our identity

“The world turns upside-down in 10 years, but you turn with it.”
Spider Robinson, 1977.

The devices such as IT systems and social computing systems, that have been released during the Information Era has revolutionary transformed the way we process and consume information, the way that we trade and purchase, and the way that we connect to our fellow human beings. Professor Michael Weach from Kansas State University, says that these devices, or machines, has been transforming our culture, and causes us to reconsider our ideas of our facets of human culture. One of the facets that we need to reconsider is the way that we educate ourselves, and how we educate in the university. As students, the devices of the information era has had a positive and negative effect on the way that we study and relate to one another.

In the past year, my life has changed quite differently with the introduction of a smart phone for Christmas last year and a kindle e-reader for this semester. In fact, my normal routine for each day is now quite different. I will first be wakened up by my alarm on my phone which has also checked and downloaded a small collection of technology, news and religious podcasts for me to go through throughout the day. This allows me to be more aware about recent news developing in the fields that I am studying. While having breakfast, I’m either listening to one of those podcasts, or I am listening to an audiobook that I am going though, and I’ll continue listening to that show or book while commuting to university.
During the lecture and the tutorial, I may have both my computer out to take notes, and an e-reader with the textbook for the unit open. After Lunch, I would have a meeting with some of my university students over a unit project over Skype, instead of meeting in person. This is done due to the fact that we were all across Sydney at the time and that we cannot meet in person. I may send some files via a cloud storage drive, such as Dropbox or Google Drive, for everyone on to share and edit. After a day, I would drive home again listening to the podcasts or audiobooks.

Finally, for an essay, I may read up upon Academic papers via Google Scholar to understand the research done in these areas. Because of the availability of academic materials online, the quality of work done has allowed me to understand areas of, for example, the impact of recent cyber warfare attacks in a more comprehensive way than if I was to only to understand the issue from a selected group of papers.
A lot of these resources that I use to learn about my area of study are available to me for 24 hours a day, 7 days a week, and because of this I can study at any time of the day or night. Not only that, many of the resources are resources that I can use for further study after being a student at university. Albert Harris, from Appalachian State University and Alan Rea from Western Michigan University, also include other advantages in using these resources such as the fact that in a classroom environment, students are more likely to collaborate and compete with one another, and has been shown to increase learning. (Harris, A. L. & Rea, A Web 2.0 and virtual world technologies: A growing impact on IS education. Journal of Information Systems Education, Vol. 20(2), 137-144.) Not only that, but these classes can, and has allowed to be used for other classes across the world.

However, some of the disadvantages with using these resources in a much broader context have become the fact that these computing resources must be available, even to the few who do not have internet access at home. Not only that, but these resources must be secure enough that they cannot be vandalised or sabotaged which is easy to be done with these resources. Finally the temptation to plagiarise is also a disadvantage to this form of learning since it is easier to copy and paste paragraphs into essays and reports which then can degrade the quality of work that is being done within a student’s body of work.

These devices and IT systems has also transformed the way that we relate as human beings. Social Computing has allowed for interactions that would have not been able to have even a few years ago. YouTube, which is a video sharing site, has been also used as another Social Computing service in the form of video-blogging or vlogging. The trained video-blogger may feel more relaxed discussing issues in front of a camera, the vlogger may discuss sometimes the most private issues on a very public forum, online. Due to this, the discussions can get quite personal. There also seems to be longing for authenticity within this culture of vloggers. Jeff Jarvis believes that this is a good thing, as the awareness of the private issues being made public makes it easier for us to understand and, if it requires, do something with that information. (Harris, A. L. & Rea, A Web 2.0 and virtual world technologies: A growing impact on IS education. Journal of Information Systems Education, Vol. 20(2), 137-144.)

The effect of these devices of the Information Era has definitely transformed the way that we connect and understand the way that we connect to other as well as the way that students educate themselves. Overall, this seems to be a positive effect on the survival of humanity.

This was an essay for a uni unit about the effect social networks have on society. References are in the comments below.

Leaking your Information on the Internet?

Online Social Networks (OSN) which can be defined as a online network that its primary goal is to have people “stay in touch with contacts,” are currently growing and are on the rise. As is the nature of OSNs, Personal Identifiable Information (PII) needs to be available to the service. PII can be defined as,

“Information which can be used to distinguish or trace an individual’s identity either alone or when combined which other public information that is linkable to a specific individual.” (Krishnamurthy, B. Wills, C. 2010)

Examples of PII could be a users Full Name, Birth Date, Email Address, Location (city or town), Phone Numbers, Photos of themselves, their activities and their interests. This information could be used for illicit uses such as identity theft. Because of this, OSNs need to take a serious look into securing their databases to make sure PII is not leaked in anyway. Unfortunately, most OSNs take that seriously. They leave known vulnerabilities un-patched, and even the users can be tricked into giving their PII. This essay looks into the current Computer Security issues of OSNs and the leakage of PII.

It is often thought that crackers find a small vulnerability in a website to take control of that website. But sometimes all it can take is a feature to turn into a vulnerability for crackers to break the OSN. In late 2009, DeviantART, an OSN targeted to artists, decided to include a ‘de-activation’ feature onto their website. This would allow users to publicly remove their account from the site. This was done for many reasons, such as changing their account name, stop attention ‘whores’ (those users who would say that they were leaving to gain attention, and then to comeback to the OSN the next week) or even to allow for people to quickly remove themselves from the site. The feature worked fine; all you needed to do was to click a button, enter your password, and you’re account was then closed. However, in December 2010, Silverpop Systems Inc., an advertising company that was working closely with DeviantART who shared personal details such as email addresses, and possibly usernames and birth dates, had their database cracked into and collected this PII. Soon after this, some new users of the site actively complained that their old account had been not only compromised, but deactivated and had to start a new account. Some of these users pleaded for their original accounts back, however, due to technical reasons, DeviantART staff could not meet that expectation. On January 5, 2011, the DeviantART staff changed the deactivation feature so that Staff could retrieve the accounts in a certain period before that account was removed from the site. This happened on the same day when two high profile users were almost deactivated by crackers.

The ‘deactivation system’ in this example is considered to be a Featurebility; either a vulnerability that is documented in the official documentation, or a feature that could be treated as a vulnerability in an certain situation, and is usually put in on purpose by the developer. In the presentation, ‘Satan is on my Friends list: Attacking Social Networks,’ researchers Nathan Hamiel and Shawn Moyer showed examples of these Featurebilities such as allowing HTML to be entered into user generated content, which could be used to create a Cross-site Request Forgery; a vulnerability from the 1990’s that allows specific malicious actions to happen when they are requested via HTML and CSS code. They said on these vulnerabilities that if these vulnerabilities are in the documentation of the APIs, then it is the developers fault for them not patching their own work.

Not only is the problem of the Featurebilities that arise because of OSN developers programming, the other problem is the sharing of “Personally identifiable information” (PII) by users of OSNs.  According to Krishnamurthy, in the 12 OSN’s that they studied, most OSNs had some pieces of PII available for anyone to see. Table 1 shows their results to that analysis to show the various availabilities of pieces of PII on those OSN’s. It is quite clear that although those pieces of PII that are widely available are almost considered to be public domain, that information is still quite important. For the information that is considered to be private but given to the OSN could be leaked out via an external application (such as a game) on an OSN, which could then send that information to somewhere outside of that OSN ecosystem. While this is a great way to leak PII to outside the OSN, it might not be the easiest way to gather PII.

Although I have discussed obtaining PII via technical means via OSNs, not all ways of obtaining PII are technical. In fact, it is probably more likely that the use Social Engineering to obtain this private data. Again in the presentation “Satan is on my Friends List,” Hamiel and Moyer showed how (with permission) they had impersonated Marcus Ranum, a well-known security professional in IT who is actively against OSNs, on an OSN for professionals, LinkedIn. Using only information from press releases, biographies and articles by Ranum, they were able to quickly create a profile to impersonate with. After that, to legitimise the profile, they tried to find “link-whores,” those who would actively go out and friend as many people as possible. These people were found via a simple Google search. within 12 hours, this persona had received over 40 connections, including people who work in the IT security industry, and would have heard Ranum speak about his opinion about OSNs. Also they joined various LinkedIn groups. This gave the persona enough creditability to attract other professionals known by Ranum, CSOs, and people who work for ISSA, which they without prompt, gave important PII such as their Phone Number and private email address, and information about upcoming projects they were working on. They even made a connection with his sister. This sharing of PII can happen not only to professionals, it can happen everyday on other OSNs.

On a popular OSN, Facebook, people share their PII in the public domain without them even noticing it. If you are on Facebook, you may notice a event or group occasionally calling for Mobile Phone Numbers, usually by a friend who’s profile has not been cracked into and they are genuinely is asking for their friends phone numbers. The problem is that these events and groups are usually set to it’s most public setting, which could be collected for malicious use. Tom Scott, a software developer, spent a few hours on creating a website application using the Facebook API to collect names and their phone numbers from these groups and events, and displayed them (without the last 4 digits) on his website. It is quite clear that this PII could be easily obtained by the user without the user realising it.

That being said, some researchers and developers are currently working on making OSNs more secure. Diaspora promises to be an OSN that is rid of any Privacy or the leaking of PII on their part, however when it was launched in an Alpha phase in 2010, numorus critics said that it was filled with Security holes and privacy issues. It is currently getting better, however some are still calling out for changes in the OSN backbone, as some of these areas have not been addressed. Some researchers have, however, worked on better ways to make these systems better. Researchers from the University of Illinois have worked on an encryption application to work on Facebook, that will encrypt and decrypt messages over Facebook. This would be good for a OSN such as Diaspora or Facebook. So far, from what I have read, it is not clear if anything like this would be used in OSNs.

As OSNs become more and more mainstream, it is quite clear that a lot of work needs to be done in the area of Security and in making sure that PII does not get leaked. However, as seen in the examples and case studies shown in this essay, it can be concluded that developers of OSNs are not thinking of these issues. Although some researchers are spending time on making OSNs more secure, it needs to be implemented in large OSNs. In reality, OSNs need to be more secure than what they are.

This was written by joshlama.


Satan is on my Friends List (DefCon 16)
The Cross-Site Request Forgery (CSRF/XSRF) FAQ.
Facebook Users’ Phone Numbers Exposed by “Evil” App
Pondering Diaspora’s Security

Other references can be asked in the comments below

YouTube Symphony Orchestra – from an audience member/actor

Back on 20th March, I was able to go to the YouTube Symphony Orchestra 2011 Finale Concert, which you can see in average quality above. I really enjoyed my time there, and will remember it quite easily for future memories.

Movement 1: Thoughts before the week.

In Primary School, and in High School, I was a band geek. I liked playing in the concert band, and I loved the jazz band. I played trumpet. I loved playing trumpet, even though having the oral pain of braces. When I reached Uni, I stopped, because although I liked playing, I loved listening to the music.

When I’m on YouTube, I see people not understanding of the role of classical music. One of the reasons of why the YTSO exists is so that those who don’t have the experience of classical music can tune out for a moment from the world, or other genres of music to listen to the world of classical music.

I went to my first day in choir, and I sat down with the basses and sort of looked over my shoulder to see what they were doing. They opened their scores, the conductor gave the downbeat, and, boom, they launched into the Kyrie from the “Requiem” by Mozart. In my entire life I had seen in black and white, and suddenly everything was in shocking Technicolor. The most transformative experience I’ve ever had — in that single moment, hearing dissonance and harmony and people singing, people together, the shared vision. And I felt for the first time in my life that I was part of something bigger than myself.
Eric Whiticare

Movement 2: Tuesday

Movement 3: Sunday

When we talk about media on the internet, there is talk of the primary audience and the secondary audience. The primary audience should be those who originally see the content, and usually its the intended audience seeing it. The secondary audience is anyone else who sees it somewhere else; such as in a news show or something similar.

The problem was that I saw myself as not the primary audience, I saw myself as an actor in the work. The primary audience is the 30mil who were watching it online that night, and were watching the rebroadcast. I didn’t mind being the actor, but I also saw how they were doing things; so the audience could see us, there were lights pointed to the audience. when they were leading up to a segment or a cut, something gave way, such as the lighting or the screen getting ready, or even the cameras moving, or even the visuals that shone on the insides of the sails. It didn’t remove me from the entire experience, but I just noticed it.

Where I sat, you could not see me in the shots, because I was closer to the top than to the stage, but I forgot how every seat in the house is a good seat. As the music was playing, I could see the expressions of each of the players.

I would like to applause each of the people who made this possible; if I can, I would love to travel in time for the next YTSO.