Orkut Responds — Thoughts About Response Plans

| No Comments

Orkut finally posted a notice about the worm. I certainly appreciate that they worked quickly on fixing the problem. However, I still believe there should have been an ongoing dialog with their users. When you put together a security response plan, you need to include not only an engineering team, but also P.R. resources to handle communicating with the outside world. "Trust" is the most important commodity a social network has. The panic you feel when you think your accounts, and perhaps computer, are infected, is not going to be erased by an after-the-fact message two days later. All social networks should have a plan in place that includes (at a minimum) telling people that a solution is being developed, and ideally includes periodic updates on the progress. Providing additional information about the problem as it becomes available would also be great, but the primary goal is to show that users' concerns are being taken seriously, and that people are actively working to fix the problem. Responsiveness, concern, and information, will help ensure that people maintain their trust in your service.

Security Reminder Orkut Blog

Security Reminder



This week, the orkut team discovered that a user had exploited a bug in our scrapbook feature. As a result, many of you likely received scraps from friends of yours that they actually didn't send, and friends may have received scraps that appeared to come from you.

The orkut team responded quickly, and worked late into the night to fix the underlying issue and contain the spread of these scraps.

We believe that this action has been effectively stopped and you should no longerreceive any more of these unintended messages. We appreciate your understanding in this case and hope that this did not create too much of an inconvenience for you or your fellow orkut friends.

About this Entry

This page contains a single entry by Kee Hinckley published on December 24, 2007 1:22 PM.

Orkut Worm Code (and why was Google so slow to respond?) was the previous entry in this blog.

“Secret Crush” first malicious widget on Facebook | Threat Chaos is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.

Subscribe via Reader

Subscribe via Email

Enter your email address:

Delivered by FeedBurner

About Me

I'm the CEO/CTO of Somewhere, Inc., a company building a unified social networking layer that gives people the means to track their friends across multiple social networks.
Creative Commons License
This blog is licensed under a Creative Commons License.

Archives