the obama campaign website was hacked on tuesday and invited supporters to two fake anti-government events hosted by an unnamed "commy obama."

  the campaign's application for mobile devices, such as iphones and ipads, directed users to two events titled "rules of politics" scheduled for noon on tuesday in washington.

  "1. politicians and other public servants lie," read the event description provided on the obama campaign website. (full screenshot here.) "2. politicians tell you what you want to hear and offer to provide things for 'free' to get votes. 3. when government buys, the people pay."

  the 430-word message lists 21 total anti-government criticisms, none of which target obama, another politician or a particular political party by name.

  the twenty-first note quotes the late adrian pierce rogers, a southern baptist preacher who served two terms as president of the southern baptist convention from 1979 to 1988.

  "'you cannot legislate the poor into freedom by legislating the wealthy out of freedom,'" the author writes, quoting one of rogers' more famous sermons. "'when half of the people get an idea that they do not have to work because the other half is going to take care of them, and when the other half gets the idea that it does no good to work because somebody else is going to get what they work for, that my dear friend, is about the end of any nation. you cannot multiply wealth by dividing it.'”

  the obama website was hacked one day after fox news' twitter account was hijacked and spread false information saying obama had been assassinated.

  update: obama campaign adviser ben labolt sent an e-mail to the washington examiner tuesday afternoon saying the events calendar is user-generated, so the security of the website has not been compromised. the campaign removed the event from its calendar following the examiner's report.


  we are the connected generation. thanks to our ever-present mobile devices we are always ‘on’ and connected. this allows us to capture a record of all the great things we do, and share our experiences, our recommendations and our memorable moments with friends, colleagues and the world at large, through the medium of popular social networks like facebook, twitter, and yelp. we broadcast these moments out to the rest of the world. we let others share in our passions and see the details of our daily lives. we have become the lifeblood of information for our friends and followers, and they have taken on the role of gatekeepers as we filter and pump information from network to network.

  as the opportunities to share information have become more ubiquitous, there has been an increasingly hyped-up debate and concern around the topic of privacy. but is privacy really the issue? as jeff jarvis rightly points out, the reason for using social services is for sharing, not hiding. twitter and instagram are prime examples of this, where the user is forced to choose between sharing everything or limiting their sharing to a personally selected group who apply for the privilege. nonetheless, the fact is that although many of us want to share, we want to be able to fine-tune our audience. this challenges services like facebook where you determine sharing settings in advance of your broadcast.

  has the notion of a ‘friend’ become too diluted by the many different definitions of ‘contact’ across social media networks? path is trying to redefine this by limiting the number of friends you can add to 50, encouraging you to only share with your “real friends.” but then the question is whether this really solves the issue? do we only want to share with our close social circle, or do we (as i would argue) have things we want to share with other groups of contacts we would not classify as “friends”?

  the problem is that there is currently no universal standard for privacy settings. each social network has implemented their own interpretation as it applies to types of content shared on their platform. as social networks open up their apis, allowing users to give third parties access to their content, their social media content can become spread across multiple services. every network defines their privacy and sharing settings differently, so there is significant ambiguity around how these settings translate when transferring content among services. if you try to inherit privacy settings from multiple services the level of complexity that results is enormously challenging both from a development and a user perspective.

  no one has solved this problem yet, and it is a highly relevant and important issue that needs to be addressed. we need a platform where you can manage and arrange all your connections into one simple structure, allowing you to easily define the privacy layers for how, and with whom, you share your content online. and this platform needs to integrate all the social networks.

  facebook connect was a good first attempt at this, but sadly they quickly closed down their api that allowed you to invite your facebook friends to join third-party services. now you can only view and add friends who are already signed up to that service. the continuation of facebook connect in its original form would have made facebook the major organ of social media sharing, pumping content between networks and controlling the flow to new arteries of social circulation. for users, this would have allowed them greater control and continuity of how their content was shared beyond the confines of facebook’s network.

  until we create a unified theory of sharing across social networks, there will continue to be great concern around the conflicting definitions of individual privacy. regulators, in their efforts to protect internet users, are already discussing how to create barriers to protect the individual and simultaneously stifle social sharing. what we need is not greater personal protection through legal limitations, but consistency and standards that are recognized across social networks.

  this past week the google+ platform was revealed, ushering in a promising new chapter in the movement towards a universal standard of privacy. google+’s ‘circles’ interface allows users to easily organize their network of contacts into spheres of association. their organizational model for privacy takes what facebook has developed one step further by allowing the user to easily visualize their different spheres of contacts, and determine which group they want to share updates with as the final step in broadcasting content. wouldn’t it be great if i could link that structure to all of my other social networks? let’s hope that google+ hurdles past the point where facebook connect retreated from and becomes the new heart of social network sharing.


  san francisco — google said wednesday that hundreds of users of gmail, its e-mail service, had been the targets of clandestine attacks apparently originating in china that were aimed at stealing their passwords and monitoring their e-mail.

  in a blog post, the company said the victims included senior government officials in the united states, chinese political activists, officials in several asian countries, military personnel and journalists.

  it is the second time google has pointed to an area of china as the source of an internet intrusion. its latest announcement is likely to further ratchet up the tension between the company and chinese authorities.

  on thursday, the chinese government rejected suggestions that it was linked to the attack.

  last year, google said it had traced a sophisticated invasion of its computer systems to people based in china. the accusation led to a rupture of the company’s relationship with china and a decision by google not to cooperate with china’s censorship demands. as a result, google decided to base its chinese search engine in hong kong.

  the more recent attacks were not as technically advanced, relying on a common technique known as phishing to trick users into handing over their passwords. but google’s announcement was unusual in that it put a spotlight on the scale, apparent origins and carefully selected targets of a coordinated campaign to hijack e-mail accounts.

  google said that once the intruders had logged into the accounts, they could change settings for mail forwarding so that copies of messages would be sent to another address. the company said it had “disrupted” the campaign and had notified the victims as well as government agencies. executives at google declined to comment beyond the blog post. the company recommended that gmail users take additional security steps, like using a google service known as two-step verification, to make it more difficult to compromise their e-mail accounts. but it emphasized that the password thefts were not the result of a general security problem with gmail.

  the chinese foreign ministry said thursday that the government had no involvement in any such attacks, declaring that it “consistently opposes any criminal activities that damage the internet and computer networks including hacking and cracks down these activities according to law.”

  “hacking is an international issue, and china is also a victim of hacking,” according to an official transcript of a foreign ministry spokesman’s remarks. “the claim that china supports hacking is completely created out of nothing, and is out of ulterior motives.”

  separately, the official chinese news agency, xinhua, issued a report on the episode that repeatedly cast doubt on google’s own credibility and past practices, saying that it “arbitrarily pointed its finger at china” with “baseless complaints.”

  google acknowledged that it had been alerted to the problem in part by mila parkour, a security researcher in washington who posted evidence of a type of phishing attack on her blog in february. she documented examples of what has recently been described as a “man-in-the-mailbox” attack, in which the intruder uses the account of one victim and his e-mail contacts to gain the trust of a new victim.

  ms. parkour wrote that the method used in this attack “is far from being new or sophisticated,” but that she was posting information about it because of “the particularly invasive approach of the attack.”

  she highlighted a fake document titled “draft us-china joint statement” that was circulated among people with e-mail accounts at the state department, the defense department, the defense intelligence agency and gmail. clicking to download the document directed users instead to a fake gmail log-in page that captured their passwords.

  caitlin hayden, a spokeswoman for the national security council, said the white house was looking into the matter.

  “we have no reason to believe that any official u.s. government e-mail accounts were accessed,” ms. hayden said in an e-mail.

  google said the attacks apparently originated in jinan, a provincial capital in eastern china. the city is a regional command center for the chinese military, one of seven in the country. it is also home to the lanxiang vocational school, which was founded with military support. last year, investigators looking into the attack on google’s systems said they had traced some of the hacking activity back to the school.

  at the time, government and school officials strongly denied any connection with the attack, and china’s foreign ministry said linking the chinese authorities to such attacks was “baseless, highly irresponsible and hype with ulterior motives.”

  that earlier attack appeared to be aimed at gathering information on human rights activists who were involved in political campaigns aimed at china. it was part of a wave of attacks that hit a range of american companies beginning in mid-2009 and that was first publicly disclosed by google in january 2010.

  chinese government media officials were not immediately available to comment on google’s latest announcement.

  rafal rohozinski, a network security specialist at the secdev group in ottawa, said it was impossible to lay blame for the campaign on the chinese government with any certainty. because of the borderless nature of the internet, it is easy for intruders to connect through a series of countries to mask their identities. “the fact that someone is harvesting gmail credentials is not surprising,” mr. rohozinski said.

  this year, the chinese government has stepped up its controls over the internet within the country, with increased scrutiny of news and blog sites, particularly in the wake of political upheaval in north africa and the middle east.

  the government has also apparently crippled some virtual private network services, or s, which have been used by chinese and expatriates to gain access to corporate e-mail or get around controls that block many web sites from being entered in china, like youtube, facebook and twitter.

  security specialists said the google warning to users was an indication that efforts to place the responsibility for internet security on individuals was failing.

  “i think this is impossible to solve by going to one user at a time and trying to teach them how to behave on the internet,” said nir zuk, founder and chief technology officer of palo alto networks. “it doesn’t matter how much education you put into it — you will always have end users that will make a mistake.”