Social

Skype And Dropbox Fix Redirect Security Hole That Could’ve Hacked Your Facebook

Hacker Illustration

Nir Goldshlager just saved your identity. One of the world’s top white hat security researchers, Goldshlager this week helped Skype and Dropbox fix a critical security flaw that could have let hackers take control of their users’ Facebook accounts. Tomorrow Goldshlager will detail how he found the exploit, but he gave TechCrunch the early heads up. Here’s how hackers exploit the hole.

First the good news. Since it was reported responsibly, it appears that no one fell victim to this flaw, known as an “open redirect vulnerability.” The issue essentially occurs when a website doesn’t validate the URL where it sends a user and their access tokens. Normally sites verify that the URLs they send you to are either owned by them or one of their trusted partners. But if they don’t, a hacker who knows someone’s user ID and that they’ve granted permissions to a vulnerable site could visit http://www.MySiteIsVulnerable.com?UserID55555redirect=www.MaliciousSite.com and steal that person’s access tokens, allowing them to take actions as if they were the hacked user. Naughty identity thieves.

In this case, both metrics.skype.com and Dropbox.com were failing to validate redirects, leaving them vulnerable. To be exploited, a hacker would first need to know someone who had connected their Facebook accounts to one of these sites, say metrics.skype.com. Then they could find that person’s Facebook User ID through the Graph API explorer. If the hacker then punched in the right metrics.skype.com… URL with the user ID attached, followed by a redirect to a malicious site they control, Skype would deliver the victim’s Facebook access token. This would let the hacker do anything the user had granted Skype the ability to do, such as post to their wall, pull their personal information, and more. There is no faster way to get unfriended than by spewing spam.

Goldshlager discovered this flaw, but rather than exploit it himself or publish it for other hackers to use, he responsibly reported it to Skype, Dropbox and Facebook, who’ve all confirmed it’s now fixed. In Skype’s case, the issue was actually with one of its partners that builds software for the app, which they fixed together. Though the bug wasn’t Facebook’s fault, the company tells me:

We applaud the security researcher who brought this issue to the attention of the affected organizations and for responsibly reporting the bug to our White Hat Program. These bugs were triggered from open redirect vulnerabilities in domains that were authorized for OAuth. While not a Facebook bug, we have and will continue to work with our OAuth partners to prevent this exploit. Due to the responsible reporting of this issue to Facebook and the affected companies, we have no evidence that users were impacted by this issue.

The whole situation is nothing new for the Israeli security researcher. Goldshlager has been on the top of Facebook’s White Hat ‘Thank You” list for the last two years because he’s reported more bugs than anyone else. He also just started a White Hat security company called Breaksec that helps clients find bugs before crooks do.

Oh, and the guy keeping you safe on the web also has an awesome name. So this drink of spicy cinnamon Schnapps is on us, Mr. Goldshlager. Keep hacking for good.

[Image Credit: elhombredenegro / Flickr]


76 days ago Google Reader • Tags: , , , , ,

Twitter Now Lets You Know When You’ve Typed Something Clickable Or Went Over The Character Limit

4187460211_0ba6dc1a6c_z

Here’s a nifty little addition to Twitter’s website.

When you start composing your tweet, the text will change colors when you’ve added something clickable, like a username or URL. The text changes to blue, and this is to let you know that you’ve done something “different.” It’s nice onboarding for new users, or when you’re quickly typing out your latest amazing thought.

Similarly, the text will change color if you’ve gone over 140 characters, in red, showing you exactly which ones have to go:

Right now, this feature is only available on Twitter.com.

Features like this make Twitter’s site more accessible for everyone, giving you a bit of a tangible feedback as you type. Nobody likes to type out a bunch of characters, only to find out that you’ve run out of room. Until now, you’ve only been shown how many characters you’ve typed over 140. With the addition of the red highlighting, you can start shaving off those extra letters and numbers right away.

This will also help people who want to tweet using the “@” sign for other purposes, letting them know that they’re about to mention someone unknowingly.

If you think about all of the things that Twitter could add in real-time as you type, it’s pretty infinite. As you link a picture, it could show up in the payload as a preview. Same thing with a video. Come to think of it, I wouldn’t mind seeing a preview of the web page I’m about to tweet.

Just in case you were wondering what was happening as you tweeted your heart out, this is why things look a bit different. And hey, it’s a time saver.

[Photo credit: Flickr]


154 days ago Google Reader • Tags: , , , , , ,

With 1B Pageviews Under Its Belt, UGC Giant Wikia Raises $10.8M From IVP, Bessemer & Amazon

Screen Shot 2012-11-30 at 11.48.32 AM

User generated content company Wikia is breaking the news of its raise of over $10.8 million in Series C funding today, in a press release soon to be sent out to tech media. The financing was led by Institutional Venture Partners with a follow on from existing investors Bessemer Ventures Partners and Amazon.com. [SEC filing here.]

The company, which is already profitable and will remain “profitable for years,” according to its CEO, will use the cash to bolster its mobile and video efforts. With the added financing, Wikia’s total funding is now $25 million.

Founded by Jimmy Wales and Angela Beesley, Wikia is a web-hosting service for vertical related wikis. Usage of Wikia is free for readers and editors, but, unlike Wikipedia, it actually makes money through advertising against its scale. Dwarfed in mindshare by its big brother Wikipedia, the collaborative media company now boasts one of the largest networks of user-generated gaming content on the planet. It supports over 250K communities and 20 million pages of user-generated content, 100,000 videos, 14 million photos, etc.

In fact, for the first time this month, Wikia’s global traffic hit 70 million unique visitors and 1 billion page views, namely from gamers who are obsessed with the minute details of their favorite titles.

Back in April, the organization pushed out a big redesign, attempting to bring together the worlds of professional content creation and the craziness of user-generated content, as well as bring a more user-friendly and professional feel to its experience.

Before, it was a loose confederation of gaming communities, articles and wikis, but it’s recently been moving to put all of these pieces under one unified umbrella, launching hub pages and opening the site up to further advertising. No longer does it look like Wikipedia’s forgotten younger sibling; it has the feel of a professional entertainment site. It’s also made it a lot easier to find great content and discover the real gems (and most reliable voices) in the sea of UGC.

With its new funding under its belt, Wikia will look to move more aggressively down this road — into what CEO Craig Palmer calls the “post-editorial world.” That means continuing to provide users with a platform they have some ownership over, where fans can make their voices heard, but also one that is a conduit through which brands and advertisers can connect with these fans and engaged users. The matter, of course, is finding the right balance between niche and mainstream — and balanced and objective content with advertiser influence. It’s a hard one to strike, but this is where things are moving.


200 days ago Google Reader • Tags: , , , , , , , , ,

Facebook Could Slow Down A Tiny Bit As It Starts Switching All Users To Secure HTTPS Connections

Facebook Security HTTPS

When you’re dealing with 1 billion people’s personal info, security is critical. But Facebook didn’t want to sacrifice speed. That’s why it spent the last two years making infrastructure improvements so that its transition of all its users to HTTPS which starts this week will “slow down connections only slightly.” People will be able to opt-out of HTTPS for maximum speed if that’s how they roll.

Facebook has long employed HTTPS (Hypertext Transfer Protocol Secure) to protect users when they submit their username and password to login. HTTPS prevents man-in-the-middle attacks and eavesdropping.

In January 2011, though, it started allowing people to opt in to have all their Facebook browsing encrypted in HTTPS. At the time it warned “Encrypted pages take longer to load, so you may notice that Facebook is slower using HTTPS.”

Still, Facebook said that “We hope to offer HTTPS as a default whenever you are using Facebook sometime in the future.” Flash forward nearly two years to today, and its ready to fulfill that burning desire for security. A Facebook Developer Blog post from a few days ago announced “this week, we’re starting to roll out HTTPS for all North America users and will be soon rolling out to the rest of the world.”

I immediately wondered if that would make loading the news feed or peeping photos more sluggish. So I spoke with Facebook’s security policy manager Frederic Wolens to see what would happen to site speed, and here’s what he told me:

“It is far from a simple task to build out this capability for the more than a billion people that use the site and retain the stability & speed we expect, but we are making progress daily towards this end. This may slow down connections only slightly, but we have deployed significant performance enhancements to our load balancing infrastructure to mitigate most of the impact of moving to HTTPS, and will be continuing this work as we deploy this feature.”

So yes, there will be a slight slow down. Facebook’s HTTPS is going to be a lot faster than it could have been thanks to engineers who rolled up their sleeves, but we’ll be monitoring for complaints just to make sure this is the case. For reference, Google moved Gmail to HTTPS in January 2010.

People who aren’t too concerned with their security might not be too excited about getting switched to HTTPS. And if they insist their connection is secure and wants to browse Facebook as fast as possible, the company confirmed to me that they’ll have the option to opt out of HTTPS through their Account Security settings.

But protecting people who use the default settings is why this is an admirable decision by Facebook. It’s priority is security. It might not be as sexy as blazing speed, but a hacked user is an unhappy user. Lots of people access Facebook from public wi-fi and public computers. Persistent HTTPS makes sure they’re not getting snooped on.

Facebook could have kept HTTPS as opt in. Faster browsing leads to less frustration, longer session lengths, and more ad views. Unfortunately, the people who are the least security savvy and therefore most vulnerable are probably the least likely to voluntarily enable HTTPS.

Personal info-driven business models like Facebook’s are built on trust. It needs users to feel secure enough to keep donating their data, and that’s why this little green lock could turn into greenbacks over time.


212 days ago Google Reader • Tags: , , ,

This Facebook “All” Link Let You See An Almost Unfiltered News Feed, Until Facebook Shut It Down

RIP New Feed All Done

Facebook filters the news feed so you only see the 15% or so of stories it thinks you’ll find most interesting. But a newly discovered “All” link would show you almost everything posted by your friends and Pages you Like, Twitter style. Update: That is, until Facebook shut it down around 5:30pm today.

Facebook confirmed to me this morning that http://www.facebook.com/?sk=nf_all ”is an old link that allows you to access your news feed operating on an earlier version of our ranking algorithm.”

First spotted by Tom Waddington, the All feed could have made sure Facebook addicts never miss a photo or funny status update, and get marketers more eye balls. However, Facebook stressed that “This feed does not show all posts”, and since it was an “old link”, there was a good chance it could get shut down soon. And now it has been. If you visit the link, you’ll just see the normal, filtered version of your news feed.

Years ago, Facebook offered a near-firehose real-time stream you could toggle to from the home page called “Most Recent”. Based on Facebook’s statement, that might be what this link used to bring up. But since it didn’t deliver as compelling stories to the average user, Facebook ditched it in favor of a heavily filtered feed. That’s great for making sure you see the most Liked updates by friends since you last logged on. However, it can show the same updates over and over again to people who visit Facebook all the time.

Facebook tried to appease power users by returning the “Most Recent” toggle switch, but it actually still filters out a lot. So if you couldn’t get enough of what your friends and favorite brands were doing, you could check out ” https://www.facebook.com/?sk=nf_all “.  But since this seems to have been something Facebook used internally and that wasn’t meant for public consumption, it shut it down.

Here’s how it worked. Though it didn’t automatically refresh with updates, it would show you a reverse chronological stream of almost every news feed post by friends and Pages starting with a few seconds ago. Judging by my initial scans of the All feed, you’d also see plenty of wall posts, new friendships, Page Likes by friends, Event RSVPs, “Trending Articles” boxes, and more.

You’dsee some stories from apps, such as a friend Liking photos on Instagram, or two friends listening to the same artist on Spotify. However, the All feed wouldn’t show you every song every friend listened to, and you won’t see every time a friend Liked or commented on someone’s status. Otherwise it’d be so cluttered that real posts to the feed would get drowned out.

There’s been a ton of controversy about Facebook Pages not being able to reach their fans with every update they post. Brands might not dig it, but that filtering makes the feed better. If people want to see more of the posts by Pages they Like, they can still try the separate Pages feed which shows the best ones but not every single update. That option could excite marketers who get big traffic and awareness boosts when people see their news feed posts.

Most important, though, was the potential for the All feed to draw even more time-on-site/app from hardcore Facebook users. It meant you didn’t have to worry about browsing a feed of reruns. Some people might have used it as a dashboard to keep up with everything going on in the lives of friends, while others could have used it as a real-time news source that could even compete with Twitter.

Why wouldn’t Facebook just make this easily accessible? Because each story in the unfiltered feed was less likely to seem interesting to the average person. It could also have confused Facebook novices. I think hiding it in the drop-down news feed sorting button on the web and the gear icon on mobile would have been a nice hat tip to Facebook’s hungriest users, but alas, it is no more.

The All feed may have been quite taxing on Facebook’s servers, and not what Facebook wanted people to see, so like a broken fire hydrant sprinkling water in the street, it wasn’t long after the fun started that it got shut off.

Have you heard this myth? We busted it. Killing Rumors With Facts: No, Facebook Didn’t Decrease Page Feed Reach To Sell More Promoted Posts


218 days ago Google Reader • Tags: , ,

Twitter’s Response To Compromised Account Situation: Accounts Were Compromised, But We Reset Too Many Passwords

3854330282_56605f6956_z

Twitter has responded to us with a statement regarding the password reset situation.

For those of you just waking up or catching wind of this, a lot of folks have been reporting that their account password has been reset because it was compromised.

As the Twitter team woke up here in the U.S., they were indeed quick to respond.

Here is their statement in full:

We’re committed to keeping Twitter a safe and open community. As part of that commitment, in instances when we believe an account may have been compromised, we reset the password and send an email letting the account owner know this has happened along with information about creating a new password. This is a routine part of our processes to protect our users.

In this case, we unintentionally reset passwords of a larger number of accounts, beyond those that we believed to have been compromised. We apologize for any inconvenience or confusion this may have caused.

As always, we recommend that people review these tips on how to keep their Twitter accounts secure:
https://support.twitter.com/articles/76036-keeping-your-account-secure#

Check out their status blog for more details.

Twitter really needs to get two-factor authentication quickly, here’s what the company had to say about that.

Were accounts compromised? Yes, absolutely. Ours was. Was everyone’s compromised? Twitter says no right now. This is once again a very complex and confusing situation for users. Don’t risk it, change your password. If you use your Twitter password for anything else on the web, it would be wise to change those today as well. Let your bosses know that you need an hour break for security purposes and try to remember where all of your footprints are on the web.

How did this all happen? Does Twitter not store passwords securely and hashed? We don’t know this yet but are investigating the matter. Stay tuned please.

This is developing.


223 days ago Google Reader • Tags: , , , , ,

Telefonica Digital Buys Video Chat Platform TokBox, An Airtime For The Rest Of Us

tokbox screenshot

Telefonica Digital, the new media arm of the giant Spanish carrier Telefonica, has made another big investment in its bid to become an international communications platform extending beyond basic voice and data services. Today, it announced that it would buy TokBox, a video calling platform that works across websites and mobile apps through a series of APIs that is currently used by 50,000 developers. Financial terms of the deal were not disclosed, but both sides are apparently pleased enough with the deal. To date, Tokbox has raised $26 million from investors such as Sequoia, Bain and DAG.

The deal adds another arrow to Telefonica Digital’s quiver of services that it can offer out to developers through its BlueVia API platform: these already include voice, messaging and billing APIs. Earlier this month, Telefonica added Telenor as the first non-Telefonica carrier on to the platform to also benefit from those APIs, starting with carrier billing. This means that developers who use these APIs can then offer the services in apps across Telefonica’s 311-million subscriber footprint, and potentially to 460 million customers, with Telenor added into the mix. (And that number is set to grow: Telefonica tells me there are more carriers being coming to the BlueVia platform soon.)

Telefonica Digital is also looking at better ways of leveraging all the data is is amassing about its users, with the launch of its big data product, Dynamic Insights.

TokBox is based in San Francisco, where it, its 35 employees and CEO Ian Small will remain — meaning that, in addition to giving Telefonica another video component in its portfolio of services, the acquisition gives Telefonica a further foothold in the all-important region of Silicon Valley, an essential place for Telefonica to be as it tries to reposition itself as more of a “tech” company and less of a big, boring, old, European telco.

TokBox itself has had a rollercoaster past: starting out in 2008, it was arguably ahead of its time in pushing video chat services — although products like Skype, Google Talk, Airtime, FaceTime and more have definitely taken the baton and run with it (some not so successfully, it seems). In 2009, it laid off 30% of its staff, and in 2011 it shuttered its consumer-facing service, which had 2 million users, to focus on API development. It had actually launched the APIs back in 2010 and it already counts several recognizable brands among those that have used them, American Idol, Ford and Diet Coke among them.

Now, Telefonica Digital will try to upsell TokBox existing 50,000 users to its other services, get users of its existing BlueVia APIs to incorporate video chat, and potentially attract new developers into the mix at the same time.

I was once told by Mikkel Svane, the CEO of Zendesk, that a tech company today without a set of APIs, or a roadmap to offering them, is a company dead in the water, so this is definitely the right move for Telefonica. The jury is still out, however, on whether the big fish that is the wider tech industry will bite.

Release below.

Telefónica Digital Acquires Video Platform LeaderTokBox

Extends digital communications suite with face-to-face online and mobile video capabilities

25 October 2012 - Telefónica Digital today announced its acquisition of TokBox, the leading video communications platform.  The acquisition of TokBox, based in San Francisco, builds on Telefónica Digital’s strategy of driving innovation in its core business of communications, with capabilities that will now extend beyond voice and messaging to live video.

TokBox’s OpenTok Video Platform enables the rapid development of live video-based communications services through the simple addition of video calling into websites and mobile applications.

Telefónica will leverage TokBox’s Platform to enhance the communication services it offers business and consumer customers, adding cross-platform Web-based video communications to its existing voice and messaging capabilities. This will be offered both directly via tailored solutions and through the provision of APIs and applications so businesses and developers can produce their own services. Telefónica and TokBox will work to incorporate video APIs into the BlueVia platform, creating a unified video, voice and text API service with global reach.

Matthew Key, CEO of Telefónica Digital said,“Telefónica is all about empowering our customers through new and innovative digital services. By adding TokBox’s unique capabilities to our communications portfolio, we will allow our customers to leverage the full potential of web-based video communications in their own business models.”

TokBox launched the OpenTok Video Platform in November 2010 with companies such as American Idol, Ford and Diet Coke having used its technology. It has also delivered significant technology innovation, being the first to add video chat to any iOS application and pioneering WebRTC-based video solutions. WebRTC is critical to the future growth of web-based video communications, allowing for video calling to simply and easily be conducted via a web browser without the need to install plug-ins.

“Despite all our progress to date we are still in the early stages of the industry and this is a very exciting opportunity to accelerate the development of the OpenTok platform and rapidly expand its global reach and presence,” said Ian Small, CEO of TokBox. “Integrating our video capabilities with Telefónica existing voice and text offering creates an advanced real time communications suite for Telefónica’s hundreds of millions of customers around the world.”

“Congratulations to Ian and his team for building a platform that captured the hearts of customers and the minds of developers.” said Roelof Botha, Partner at Sequoia Capital and TokBox Board Director. “This is a strong fit for Telefónica’scommunications suite and will make it even easier for hundreds of millions of people to connect and collaborate.”

Ian Small will remain as CEO of TokBox and Carlos Domingo, Director of Product Development & Innovation at Telefónica Digital,will join the TokBox Board of Directors and become Chairman of the company. The acquisition was led by Telefónica Digital’s Silicon Valley-based venture investment team.



237 days ago Google Reader • Tags: , , , , , , ,

Sharing But With Privacy In Mind: Mozilla Launches Social API For Firefox, Facebook Messenger First Service To Integrate For Beta Testing

Image (1) firefoxlogo.png for post 60735

Interesting development today in the browser wars, with the latest battlefield being who is best positioned to guard users’ privacy. Mozilla today announced that it has started to test new social functionality inside its Firefox internet browser — a foray into sharing and social activity, it says, with user privacy in mind. The first service to join the Social API platform for testing is Facebook Messenger, although Mozilla says that more services are expected to be added soon in a service that it says will be “a big part of Firefox for years to come.”

Users who are interested in trying out the service need to upgrade to the latest Firefox Beta, and then visit Facebook “like you normally would.” There, Facebook will detect your browser and automatically offer you Messenger integration.

The main thing here is that Mozilla wants to let users control how they share information with others and on other services — but it also realizes that social media is an essential backbone to how people are using the internet today.

“Rather than being focused on a particular task, we use social sites throughout our day: we check back for updates, we chat with friends, we share. When we started to talk about integrating social into Firefox, that was our guiding principle: make it easy to stay connected; stop treating social like ‘just another tab,’” Johnathan Nightingale, senior director of engineering at Firefox, writes in a blog post.

Its Social API is a step to bridging those two areas together.

“User privacy is fundamental to Mozilla’s DNA; it’s not something we can sacrifice,” Tom Lowenthal, privacy and public policy for Mozilla, writes in a separate blog post. “Given that, we’ve set out to find a way to combine these two aspects and enable an experience that users can enjoy, safely.” It also follows on from Mozilla’s work on the “Do not track” option users have for browsing the wider internet.

The Social API, now in beta, will essentially integrate social features directly into the Firefox browser. It will appear as “a sidebar of social news and chat which stays put as you browse around the Web – no need to switch between or open a new tab.” Essentially, this is a development of the search window that Firefox puts into its browser that lets users opt for a number of different search engines to find things. (That’s in contrast to Chrome’s default to Google in its combined URL/search window.)

In the case of Facebook Messenger, users will be able to access Facebook’s chat service via the browser regardless of what site they are visiting. It looks like it will also mean that developers who create apps for Firefox should also be able to integrate this functionality. This is all the more important as a route to better competing against Chrome from Google.

This is the first time that a Facebook feature has been integrated with Mozilla’s Firefox.

Mozilla says that the new social features will be “completely opt-in” and disabled “until you visit a social network site and decide to turn things on.” Then, once you do turn on social services, they will work over secure connections that will use cookies, but get no “special treatment or additional data from Firefox.” Similarly Mozilla will also not get any information about a person’s social activities. In the case of Facebook, for example, using Messenger on Firefox will look just as if you are using it on Facebook itself. The idea here being that Mozilla is creating a service to keep you using Firefox, but not one that it will directly profit from through the use of your data or anything else.

What it will mean is that social networks like Facebook (and others who eventually sign on to the Social API) will be able to push notifications to users even when they are not on the social networks themselves. This universal access should make integrating into the Social API more attractive to those social networks as a way of encouraging more engagement, crucially at a time when they are not even on those networks.

And here’s an interesting twist: the Social API will also feature a “recommend” button that will disable tracking when you choose to recommend a site to your friends. This means that the social networks cannot track what web pages you have visited, and it also means that you can share pages even if sites do not have social sharing widgets installed. These are services that developers have been working on as plug-ins for Firefox and Chrome in the past (Facebook Disconnect being perhaps the most famous, with another called Open Graph Redirect, which disables required app installs to consume certain content.)

It is early days for the service, though, and it looks like the building blocks for more functionality: the “recommend” button currently only shares URLs, but in future it might also let users share pictures, titles, and Open Graph tags.

 



240 days ago Google Reader • Tags: , , , , , ,

Facebook Officially Begins Shutting Down “Questions” Product, May Refocus On Search

Facebook Questions Middle Done

It was no Quora. Today Facebook finally confirmed it is retiring Questions, which originally launched in July 2010. The Questions Dashboard and option to share a poll to the news feed are being removed. Questions will still be available in Groups and Pages, plus you can look at your old ones but it seems Facebook’s resources are better spent building something else, like, oh I don’t know, search.

Back in mid 2010, there was a lot of talk that Facebook had to launch a Q&A product. People thought Quora was going to explode with popularity and Facebook would miss out on valuable data about the opinions of its users.

When Questions launched it was immediately deemed a Quora-killer. But the topics interface was buggy and confusing. More importantly, the community wasn’t right. Quora grew in a controlled manner, actively trying to attract smart readers and experts in different fields. There was an air of seriousness and attention to quality on Quora that made it a consistently satisfying read.

Facebook users didn’t have the same patience. The quality of answers varied widely. It could have been a great utility for polling friends about subjective questions like what’s their favorite local sushi restaurant or if they wanted to go see a new movie in theaters. But it wasn’t destined to become an evergreen knowledge base.

It wasn’t ever designed to be. Facebook tried to make it lightweight, more about asking friends to answer fun quiz questions or opinion polls by voting on a pre-made set of answers. It’s strength was never getting people to fill in their own long-form responses that others could learn from.

In the end, Questions never seemed to gain traction, or at least I’ve rarely seen a question asked in the last year. Marketing Land has a great discussion of how Facebook has been quietly minimizing the feature over the past few months, including stripping it out of the sidebar bookmarks on the home page

Questions will live on to facilitate decision making in Facebook Groups. “What day should we meet? Vote for the most convenient time.” And Pages will still be able to ask their fans to select their favorite item in their new fashion line. If you go to your profile’s Activity Feed and select Questions in the post type drop-down, you can access your old Questions.

But Facebook confirmed to me that over the next few days it’s pulling the Questions option out of the composer you use to post to the news feed. It will also eliminate the Questions Dashboard where you could browse topics. Facebook says it wants to focus efforts on other things now.

You know where I think that focus is going? Facebook search.

Zuckerberg himself said Facebook was uniquely positioned to answer questions through search. So instead of polling friends about what the best nearby Italian restaurant is, you could just search “best Italian restaurant” on Facebook. By looking at your location plus the Likes and check-ins of your friends and the whole Facebook user base, it could answer your question without ever asking someone directly. And you know sponsored results and other search ads wouldn’t be far behind.


242 days ago Google Reader • Tags: ,

1 2 3 4 5