In the latter parts of the study, the company looked specifically at social network membership data for users of the AOL, Gmail, Hotmail and Yahoo webmail services. Not surprisingly, the study found that Facebook was the most popular network across the board. What's more interesting is how well MySpace fared in some cases. On both the Hotmail and Yahoo webmail services, Facebook only had a small lead. Here, around 20% of all Hotmail and Yahoo webmail users were found to be on Facebook and MySpace. What does this reveal about the Hotmail and Yahoo user base? That they're a little more behind the times? Or that they've been around on the net longer and at one time had created (and possibly now abandoned) their MySpace pages? Unfortunately, the study can't provide us with these sorts of answers.

The study also showed that Twitter is far more popular among Gmail users than anyone else. In fact, on the other services, it's 4-5 times less popular than Facebook. We would like to think that's because Gmail users are just more web-savvy and cool, but it's possible that it's because they're just younger than everyone else.

Not surprisingly, LinkedIn is the least popular social network, but as Rapleaf points out, many LinkedIn users may have registered with their business email instead.

Participation Levels - Hotmail Users have Most Profiles, Gmail Users Better-Connected

When it comes to how the webmail users participate on social networks, Rapleaf found that the majority of the users have only one social media profile. But the service where the average number of profiles is the highest might surprise you - it's Hotmail. There the average is 2.5 profiles per user. Hotmail is followed by Yahoo, then AOL, and it's Gmail users who have the least number of social media profiles. That finding seems odd considering that Gmail users are younger and more likely to use Twitter in addition to Facebook. In fact, it almost seems like this data doesn't even fit with the rest of the study.

However, the discovery that Gmail users are better-connected than the other users makes more sense. On average, Gmail users have the most friends on social networks with 46.2 friends while Yahoo users have the least with 40.0.

Since again, Gmail users tend to be younger than the rest, it goes to reason that they would be in a demographic where their peers are more likely to have social membership profiles. Older webmail users, meanwhile, are still signing up for these sites. Although baby boomers and other middle-aged folks are joining sites like Facebook in droves these days, social networks are still dominated by the young.

Methodology

For the Rapleaf study, the company sampled 120,000 webmail accounts from users with @aol.com, @gmail.com, @hotmail.com and @yahoo.com email addresses. They then looked into the users' age, gender and social networking data by collecting information from public social media profiles. Obviously, in doing so, they've skewed their findings a bit, as the company notes in their original blog post. However, the sample size is large enough to form some conclusions about the members of these services, even if it relied on a particular subset of users.

When thinking as to how the new uploader should function, Facebook had a few goals, most of them technical in nature. They wanted the new tool to no longer depend on Java, be compatible with future versions of Facebook's chrome, be easy to update and more. However, to the end user, the best part about the new uploader is that it allows you to start a photo upload and then leave the page to browse around elsewhere on Facebook (or even the web!) while the upload is underway.

To meet their goals, Facebook went with a browser plug-in that uses JavaScript APIs and a front-end created with HTML and CSS. The end result is a much improved experience. But like the Facebook blog post says, "while it looks like magic, it's really just a bunch of cool hacks." Hacks or not, regular Facebook users will greatly appreciate the upgrade.

Install the New Photo Uploader Tool

To install the new uploader, you must first visit the Prototypes page for the tool and activate it for your profile. Then, the next time you go to create a new album, you'll be prompted to install the Facebook plug-in. Once complete, you'll be presented with the new user interface which lets you browse through your computer's photo library and select the images you want to upload. This new interface is much easier to navigate - and more attractive, too - than the old Facebook uploader from days past.

Facebook says the new tool has several additional security mechanisms built in as well, one of the more interesting being a "kill switch" that can remotely deactivate the tool in the event that a security hole is discovered. While confident that the new uploader is already securely designed and architected from the start, the company has released it as a prototype first so people can report any security issues they may find.

Less technically-minded folks can simply activate the tool and use it, reporting any problems they find as well as far as user experience issues, crashes or other bugs. Depending on the results of the tests, Facebook will be able to correct any problems prior to rolling it out to all users. If you want to give the new uploader a shot yourself, you can do so by visiting its page here.

With adequate user information, Facebook hoped to become better stewards of "the unnaturally uncontrollable nature of communication," as we called their general user-data privacy dilemma in June. And this revision also makes a nod to Canadian objections to Facebook's policies. What's in store for users, and how did the thousands of units of user data impact Facebook's governance and privacy policy? Read on to get the full story.

According to the site's governance, fewer than seven thousand user comments, the revised policy will be shortly enacted and will be official. "While a lot of people participated," wrote IP counsel Michael Richter, "the total number of people commenting did not reach the threshold of 7,000 that makes a vote necessary according to our Statement of Rights and Responsibilities. Because of this - and the fact that many of the comments were positive - we've decided to adopt the revised policy."

The new method of determining policies based on user feedback stems from the site's desire to foster a culture of transparency and engagement.

Here are the old policy and revised policy changes, which, again, will be enacted shortly:

Old:

When you update information, we usually keep a backup copy of the prior version for a reasonable period of time to enable reversion to the prior version of that information... Even after removal, copies of User Content may remain viewable in cached and archived pages or if other Users have copied or stored your User Content... Access and control over most personal information on Facebook is readily available through the profile editing tools. Facebook users may modify or delete any of their profile information at any time by logging into their account. Information will be updated immediately. Individuals who wish to deactivate their Facebook account may do so on the My Account page. Removed information may persist in backup copies for a reasonable period of time but will not be generally available to members of Facebook.

New:

Viewing and editing your profile. You may change or delete your profile information at any time by going to your profile page and clicking "Edit My Profile." Information will be updated immediately. While you cannot delete your date of birth, you can use the setting on the info tab of your profile information page to hide all or part of it from other users...

Deactivating or deleting your account. If you want to stop using your account you may deactivate it or delete it. When you deactivate an account, no user will be able to see it, but it will not be deleted. We save your profile information (friends, photos, interests, etc.) in case you later decide to reactivate your account. Many users deactivate their accounts for temporary reasons and in doing so are asking us to maintain their information until they return to Facebook. You will still have the ability to reactivate your account and restore your profile in its entirety. When you delete an account, it is permanently deleted. You should only delete your account if you are certain you never want to reactivate it. You may deactivate your account on your account settings page or delete your account on this help page.

Limitations on removal. Even after you remove information from your profile or delete your account, copies of that information may remain viewable elsewhere to the extent it has been shared with others, it was otherwise distributed pursuant to your privacy settings, or it was copied or stored by other users. However, your name will no longer be associated with that information on Facebook. (For example, if you post something to another user's profile, and then you delete your account, that post may remain, but be attributed to an "Anonymous Facebook User.") Additionally, we may retain certain information to prevent identity theft and other misconduct even if deletion has been requested.

Future updates will be announced via the site's governance page.

Has Oxford Dictionary made the right selection? ReadWriteWeb's Founder Richard MacManus thinks not. I disagree with him; I think this is a very valid Word of the Year. We make our cases below and invite you to cast your vote in a poll.

"I think that's an odd choice for word of the year, as all the trends indicate there has been more social networking activity this past year - not less, as 'unfriend' implies. Facebook and Twitter have both rocketed in popularity in 2009. I'd suggest that more people have left MySpace and migrated to Facebook, than unfriended people on Facebook.

"I also think that 'unfriend' is an ugly word, so for that reason it shouldn't be Word of the Year. What's more, I don't think my Mum or Dad would be familiar with the term 'unfriend.' Perhaps my father will pop into the comments and tell us for certain. But I look forward to the results of the poll!"

I think "unfriend" is a very appropriate word for the year as it fits with the way people are becoming more sophisticated in their social networking. People are deciding to do some editing of the friends lists they rushed naively into.

7 out of the top 10 searches performed on the Facebook Help Center page are about getting rid of your own social network profiles or your friends. Admittedly "unfriend" isn't one of those words, but you get the idea.

It's easy in this new web to sign up for things, getting overwhelmed and ignoring streams of information is par for the course. But choosing to cancel receipt of a person's updates? That's a meaningful move.

People fall for those "see who's searching for you" ads on social networks all the time. You'd better believe they appreciate the control that unfriending gives them. I'll bet that just about anyone online, no matter their level of technical knowledge, could tell you these days what it means to "unfriend someone."

What do you think?

Got that? The President went to China, was asked about Twitter and it was streamed live on his Facebook page. How the world has changed.

He's never used Twitter! Shocking, given that his account with 2.6 million followers has even been "verified" by Twitter headquarters! (Update: As a reader points out in comments below, the Twitter website says that verification is given to accounts representing organizations and public figures, but doesn't verify who's actually Tweeting the Twittle.)

Twitter is Important

Meanwhile, is this not a changed international communication landscape? In these frictionless self-publishing tools, with real-time worldwide message delivery and network effects in listening, distribution and learning - there is something so powerful that it's a matter of international diplomacy.

Whitehouse Press Secretary Robert Gibbs scoffed at Twitter this summer and told CNN the site was blocked on Whitehouse computers, something that subsequent reports apparently disproved but interesting none the less.

It's no laughing matter, though. The impact of Twitter-like services really is like, in type if clearly not intensity, the changes the world saw with the advent of the telephone and the railroad. CNN and live cable coverage of Tiananmen square, Twittering (or not) from China: these fit into the same category of disruptive tools for international communication.

Maybe you should try it sometime, Mr. Obama. And while you're at it, you should ask someone to brief you on the movement for distributed social networking standards. A speaking gig in China would have been a great opportunity to sing the praises of decentralized, standards-based, interoperable, free-market competition in communication technologies. That's the next part of the Twitter story.

If you'd like to join the ReadWriteWeb team in discussing matters of global importance (or not) on Twitter, you can find us here.

"Time for me to try something new. I've handed the Facebook iPhone app off to another engineer, and I'm onto a new project."

The Problem

Apple's App Store is a mess for small and independent developers. Very few developers are making even a livable wage, and the approval process is a black box.

Let's start with making money. Pinch Media reports that the average iPhone application has netted (for the developer) a grand total of $8,500, and 80% of developers have made less than that. That's not per month - which would be a starting point for a two-person team - but rather total revenue earned.

And as reported a few thousand times, the approval process is a black box. For the most part, developers don't know whether their app will be approved or in what timeframe, making the entire experience a nail-biter.

Should Apple Care?

Well, of course, Apple should care. Apple should be inclusive of its community and encourage small developers to grow and make a living from developing for the iPhone. Apple rightly views the App Store as a competitive advantage and should continue striving to keep its developers in-house.

On the other hand, Apple is not responsible for marketing and selling for its developers. The App Store is a distribution medium, not a marketing and sales platform. Apple has a system in place for enabling customers to quickly and easily purchase and download software for their devices. And it has been a massive success, with over two billion downloads.

The difference, though, is that the apps that Apple needs in the App Store most - gaming and entertainment titles - are getting in. And they are being developed by some of the biggest brands in the world. After all, the iPhone and iPod Touch are, first and foremost, entertainment devices.

Note that these big brands do not face the same problems as the rest of the developer community. Many have contacts deep in Apple, are magically ushered through the review process in a few days and get great placement on Apple's virtual store shelves. Electronic Arts, for example, has no public rejection stories and currently has titles throughout the list of top grossing apps, suggesting that it is in the top 10% for App Store revenue generation.

And so, Joe Hewitt has quit the App Store. It's a great show of unity for small developers, but Apple has clearly linked successful applications to big brands, and those brands continue to clamor for iPhone presence.

Guest author: Elia Freedman is the CEO of Infinity Softworks, the leading provider of software calculators with over 15 million distributed. In its 13-year history, Infinity Softworks has developed applications for iPhone, BlackBerry, Windows, Palm OS and Windows Mobile. Elia writes about tech, mobile and running a business on his blog, eliainsider.com and at Twitter as eliajf.

This tool is called FBFriendFinder. It comes from the Dutch web dev shop Open & Sociaal, and it works like a charm by using OAuth, Facebook Connect and contact export functions to gather enough data to organize a user's social graph. The most interesting part, however, isn't the technology but the business model. You have to read it to believe it.

FBFriendFinder has take the much maligned approach of actually requiring users to pay for the service. Users are charged around one American penny per friend found, give or take. The site integrates with PayPal, so the process is quick and painless.

After we paid our fee, we were able to scroll through a slideshow of our social graph (albeit with a lot of same-name duplicate accounts) to find and add those friends to our Facebook network. This process was a tiny bit buggy and required some back-and-forth navigation (it seems our friends at The Next Web had the same problem), but overall, the experience was well worth the five bucks it took to find these friends without having to manually hunt them down ourselves or rely on Facebook suggestions.

Also, we appreciate the app's acknowledgement of our "crazy lifestyle." And now, we're off to ditch these pajama pants we've been sporting since the weekend and just go bananas. It's our crazy lifestyle calling to us - the crazy lifestyle we never knew we had.

A sincere congratulations to the FBFriendFinder dude for creating a handy and monetizable application.

Of those who follow a brand on Twitter, nearly 44% reported that access to exclusive deals is the main reason. On Facebook or MySpace, 37% said that access to exclusive deals or offers was their main reason for friending brands.

43.5% reported following a brand to get "exclusive deals or offerings," which again is a statistic that companies should take note of.

An even higher percentage of respondents have "friended" a brand on Facebook - a whopping 40%. Considering that Facebook is a social network that started out as a way for college kids to network, this is a statistic that will make companies and organizations take note. If you want brand recognition on the Web, according to these statistics there's a very good chance that Facebook is a place you want to be.

A smaller percentage follow a brand on Facebook for exclusive deals or offers (36.9%) - but still a majority.

Is this "connected consumer" crowd mainstream? Well, about 62% of the respondents still use Internet Explorer as their browser, with 30% on Firefox. So yes, they are.

It's interesting then to look at what are the homepages of these people.

While Google is unsurprisingly number 1 with 32.6%, Yahoo is close behind at 29.7%. MSN is still well used at 11.9%. We were most surprised that AOL is now only 7.9%. These statistics show that Yahoo remains a force among mainstream consumers, whereas AOL is slipping further behind.

We reported last week that smartphones have almost overtaken 'feature phones' as the cellphones of choice for consumers. Razorfish's survey shows that 56% of connected consumers now use a smartphone - i.e. one that has email and web capabilities.

As with the ChangeWave Research survey recently, Razorfish puts Blackberry (29.5%) ahead of Apple's iPhone (20.1%).

Another illuminating statistic is the number of people who now get their news from Twitter and Facebook. While nearly 80% of respondents still access "traditional news web sites," 33% get news from Facebook and 19.5% from Twitter. Only 27.3% get news from "alternative news web sites" - by which we presume they mean blogs.

Overall, these figures from Razorfish show that Facebook and Twitter are now major places for brands to be; as well as online sites where consumers get at least some of their news.

I've always been a big believer in learning from history as we look to the future. So let's re-visit this interview from five years ago and see how prescient the father of Web 2.0 was.

In 2004 the leading Web 2.0 companies were Google, Yahoo! and Amazon. But what of the dominant software company of the previous generation, Microsoft? I asked Tim O'Reilly back in November 2004 whether Microsoft's core strategy of software lock-in would survive in web 2.0?

O'Reilly argued that Microsoft would have to change: "I think that the business of Microsoft, the company of Microsoft, is going to continue to succeed. But I think the business model of Microsoft is going to have to change."

This has turned out to be the case. Over the past 5 years, Microsoft has slowly rolled out a "software plus services" strategy under the catch-all phrase 'Live.' While the Windows OS and desktop software such as Office continue to be Microsoft's mainstay products, some of the functionality gradually moved into the cloud - e.g. syncing over devices. Vista, the current generation of Windows, began that transition. In 2009, Microsoft is even taking steps to put Office online.

With the benefit of hindsight, I think O'Reilly nailed it in 2004 with this statement: "Microsoft will continue to dominate on the PC, but the PC is going to be a smaller and smaller part of the entire business."

The Mobile Web, for one, has taken attention away from Microsoft. Which is where Apple comes in...

Apple and Web 2.0

At the inaugural 2004 Web 2.0 Conference, Apple was a no-show. In talking about Apple's position in the Web industry back then, O'Reilly said that "Apple is in a position they've been in a lot of times before. They're like Moses showing the way to the promised land, but they don't actually go there."

Although Apple never did open up, as O'Reilly foresaw, nevertheless they went on to create the most successful new gadget of the past decade: the iPhone. Apple also created a thriving iPhone app ecosystem.

So in the case of the Mobile Web, Moses (a.k.a. Steve Jobs) actually did lead us to the promised land!

Facebook and Data Lock-in

In 2004 I noted that "a lot of what Web 2.0 is about is users producing content and not just consuming it." I pointed to O'Reilly's own example at the time: Amazon compared to the Barnes & Noble website. However, I said that "the other side of that coin [...] is the 'data lock-in' of users, where users may not necessarily have control over their content." I asked O'Reilly if that was something for users to be concerned about?

O'Reilly replied, in November 2004, that "there are companies that are trying to use data lock-in as a competitive tool - and there will eventually be a recognition that this is a problem."

This has indeed happened - and data lock-in is nowhere more of a problem than on the world's most popular social network circa 2009, Facebook. Over the past few years we at ReadWriteWeb have written many articles about Facebook's 'walled garden' approach to user data. Users can't take their personal data elsewhere. What's more, there have been bungled attempts to use that data for commercial means.

Remember that Facebook had just launched in February 2004 and was confined to some selected American Universities (Harvard, Stanford, Columbia and Yale). It had yet to reach the 1 million users mark. While O'Reilly couldn't have known that Facebook would turn into the juggernaut it now is, he did accurately predict that data lock-in would become a major issue:

"I believe that data lock-in of various kinds is going to be one of the key tools of business advantage in the internet era. I think that as companies realize this, they will figure out how to be evil - so to speak (to use Google's terminology) - and I predict that we will in fact have some major battles in that area."

Conclusion

It is remarkable how much can change in the Web industry in five years. Back in 2004, Facebook was a baby and Twitter wasn't even a glint in the milkman's eye. Among the big companies of that time, Apple hadn't yet given birth to the revolutionary iPhone and Microsoft was entering its mid-life crisis.

On reflection, Tim O'Reilly did extremely well in his 2004 predictions - considering how fast the Internet evolves. And I'm still grateful to him for giving an interview to an unknown New Zealand blogger. How times change...

Image credits: Niall Kennedy; Shht!; Alex Eckford

You can subscribe to the Weekly Wrapup by RSS or by email (form below).

RWW Weekly Wrap-up Email Subscription form:

Web Trends

Google's Eric Schmidt on What the Web Will Look Like in 5 Years

Google CEO Eric Schmidt envisions a radically changed internet five years from now: dominated by Chinese-language and social media content, delivered over super-fast bandwidth in real time. Figuring out how to rank real-time social content is "the great challenge of the age," Schmidt said in an interview in front of thousands of CIOs and IT Directors at last week's Gartner Symposium/ITxpo Orlando 2009.

Mobile Web's Explosive Growth

Mobile ad firm AdMob has revealed the dramatic changes the mobile industry has seen in their latest Mobile Metrics Report. It was only a year ago that the Motorola RAZR scored as the number one phone in America. One year later and half of the top ten are touchscreen devices, six include Wi-Fi capabilities, and six have mobile application stores. And as you would expect, this new crop of super-powered phones are making heavy use of the mobile web.

Why Aren't VCs Backing Augmented Reality?

Some people believe that Augmented Reality (AR), the class of technologies that place images or data on top of other views of the physical world, could be the web browser of the future. AR has rocketed out of the research labs and is catching mass market interest fast - e.g. mobile phones displaying restaurant reviews when you look through your phone's camera. Why then are VCs not investing more in Augmented Reality? Here are three reasons why we think investment in this sector has been slow so far.

Facebook Announces Roadmap for Developers

This week Facebook published a developer roadmap outlining upcoming relevant changes and a rough timeline for each. Changes include developer access to user emails, more prominent app displays on user profiles, all-new homepage dashboards for apps and games, and improvements to Open Graph and Analytics APIs. Read on for details and screenshots of the new faces of Facebook apps.

SEE MORE WEB TRENDS COVERAGE IN OUR TRENDS CATEGORY

ReadWriteEnterprise

Our channel ReadWriteEnterprise, devoted to 'enterprise 2.0' and using social software inside organizations.

Calendaring, Scheduling Meetings: Timebridge CEO Interview Reveals Strategic Importance of This Space

We have looked at Calendaring many times (such as in our round-up of 10 players). In our own work, we have started working with both Tungle and Doodle. To understand more about why this market is strategically interesting, we recently spoke with Yori Nelken, CEO of Timebridge (see our previous coverage here).

ReadWriteStart

Our channel ReadWriteStart, sponsored by Microsoft BizSpark, is dedicated to profiling startups and entrepreneurs.

Paul Graham: Priority Access to Twitter Is Practical Necessity

If hardcore hackers had any doubts whether the real-time web was a legitimate development environment, Y Combinator co-founder Paul Graham is dispelling them. In an interview with Graham, ReadWriteWeb learned that the entrepreneur-turned-investor issued a "Request for Startups" (RFS) asking for ideas from companies utilizing Twitter and Justin.tv's live video API. Groups who are accepted to Y-Combinator and fall under these categories will be given "priority access" to Twitter and Justin.tv.

SEE MORE STARTUPS COVERAGE IN OUR READWRITESTART CHANNEL

Web Products

Google Wave Use Cases: Education

Google Wave is a much hyped new Internet-based communications and collaboration platform. It was announced at the end of May, released as a 'Preview' product shortly after and 100,000 more invites were made available at the end of September. Early users reported mixed feelings. But one month after Google Wave was opened to tens of thousands of people, how are people using it now? What use cases are being discovered? We started this series by looking at the education sector.

What are Hulu's Mysterious Plans?

Everyone is looking to Hulu as the future of Internet TV. A joint venture between several major networks, Hulu delivers free, ad-supported programming via online streams - an untested model for long-term profitability, at least when it comes to television. While consumers have been enjoying the service since its launch in 2007, recent statements by a News Corp exec have people wondering: can Hulu make the ad-supported model work? Or does the company have other plans?

Google Launches Music Search: Partners with MySpace, Lala, Gracenote and Others

This week Google announced the launch of Google Music. This new service is powered by Lala and MySpace's iLike. Other partners include Gracenote, iMeem, Pandora and Rhapsody. Google has also partnered with the major music labels: EMI, Sony Music, Universal Music Group and Warner Music. Through Lala and iLike, Google will also be able to feature music from a large number of independent labels.

Google Search Gets Personal: Social Search Launches in Google Labs

Social Search went live in Google Labs this week. Google announced that it was working on this Social Search feature at the Web 2.0 Summit last week. Social Search taps into a user's social network profiles and displays relevant links and status updates that members of a user's own social network have shared at the bottom of the default search results page. According to Google, Social Search will enhance the search experience on Google by providing users with more personally relevant search results.

Brizzly Adds Facebook - Aims to be The Blogger.com of Social Media

Brizzly wants to be to microblogging what Blogger.com was to blogging five years ago. Currently, Brizzly offers a user-friendly browser-based interface for Twitter and Facebook. The Facebook integration went live this weekand more social media applications will be added as the product evolves. Brizzly shares much of the same philosophy as Blogger. It's simple to use and aims to make microblogging easy to understand and use by a mainstream audience.

Currently Brizzly is in private beta, but ReadWriteWeb has scored 2000 invites for our readers to test it out! (see the post for the code).

SEE MORE WEB PRODUCTS COVERAGE IN OUR PRODUCTS CATEGORY

That's a wrap for another week! Enjoy your weekend everyone.

Without sufficient anti-virus and malware protection programs installed, social networking users can easily become victims to these ever-evolving attacks. However, the best way to avoid becoming a victim yourself is to be aware of what's out there and what sorts of things you should avoid. Below are the best practices which you should use on Facebook and Twitter in order to keep yourself safe.

The Problem with Malicious Links

One of the most common vectors for attacks are malicious links posted either to Twitter or to your Facebook wall. In the past, such as with the malware known as Kooface, the troublesome links could be easily identified because they would often use a consistent phrase followed by a URL. For example, in August, Koobface was posting links that read "my home video :)" which was followed by a URL and then a random component on the end such as "HA-HA-HA!!", "W.O.W.", "WOW", "L.O.L.", "LOL", ";)" or "OMFG!!!"

Although the end piece changed from tweet to tweet, the message itself remained the same. However, security researcher Costin Raiu of Kaspersky Lab tells us that easy-to-identify messages are not as common anymore. Today, it's much harder to identify malicious links thanks to two newer techniques being used by hackers. Below those two newer methods are described in more detail as is the tried-and-true method of spreading malware via email.

Method 1: Hijacking Twitter's Trending Topics

The first technique, which really became popular in August of this year, involves hackers creating Twitter new accounts and then posting messages related to whatever trending, or "hot," topic was being heavily discussed on Twitter at that time. This would allow the post to be aggregated in Twitter search results where unsuspecting users would click on the included link. The text accompanying the link would be intriguing to those interested in the subject, enticing them to click through.

Method 2: Hijacking Legitimate Accounts

The second technique involves infiltrating legitimate accounts through phishing attempts and other methods so that the hacker essentially has control over a "real" account. After control has been established, if on Twitter, the hacker will then tweet out links that redirect users to malware-infected sites. Because the tweets come from an account that already has an established set of followers, those reading the tweets assume it's safe and don't hesitate to click the links.

After infecting the account of a Facebook user, malware often uses that particular person's account to spread, too. As with the malicious links on Twitter, because it appears that the links posted are from a trusted friend, other users don't realize that the posted link is harmful.

On Facebook, one of the most problematic malware programs is Koobface, a particular type of malicious software that sees 20 to 30 new variations per day. Despite the number of variants out there, Koobface's M.O. is relatively consistent: it tricks people into clicking links. These links appear on social networks like Facebook and Twitter, but also on MySpace, hi5, Bebo, Friendster, and others.

Method 3: Dangerous Email

A third method to encourage social networking users to click on infected links is the old but still effective technique of sending out spoofed email. Hackers can create email messages that appear to be sent from a social networking site. The messages prompt you to "update your account" or open an attachment containing your new password among other things.

Image Credit: Last Watchdog

Image Credit: Last Watchdog

Although many users are now wary of email, these techniques are still being seen in the wild, so it's clear that to some extent they still work.

How To Stay Safe

There are a number of best practices that you should follow in order to stay safe and avoid infection. They are as follows:

1. Don't assume a link is "safe" because it's from a friend: As noted above, your friend's account may be infected. You should never assume that a link is safe just because a friend tweeted it or posted it to your wall. Use your common sense. If it doesn't sound like something they would say, be wary, don't click. If you're unsure, try to contact them through another channel and see if the link is legit.
2. Don't assume Twitter links are safe because Twitter is now scanning for malware: In August, Twitter partnered with Google to use Google's Safe Browsing API, a technology that checks URLs against Google's blacklist. This prevents spammers from posting malicious URLs to Twitter, but it does NOT prevent them from posting shortened URLs which direct users to those same malicious sites. It's better than no protection at all, but it's not going to keep you entirely safe.
3. Don't Assume Bit.ly Links are Safe: Earlier this year, Twitter's default URL-shortening service Bit.ly, began warning users of malware. Bit.ly also uses Google's Safe Browsing API along with two other blacklists to identify malicious links. Although the service doesn't prevent users from posting these links, it will warn upon clicking that the site being linked to is infected. However, as Raiu tells us, this is not 100% effective either. Kaspersky has identified a number of malicious links which Bit.ly did not block. However, you can assume that Bit.ly is generally safer than the other URL-shortening services because it uses this technology and because the hackers are generally avoiding this service at the moment because of its built-in protection. But it is not completely safe - nothing ever is.
4. Use an up-to-date web browser: Kaspersky recommends using the latest version of your web browser and keeping it up-to-date with the necessary patches. That means Internet Explorer users should be on IE8 - and since this browser is attacked the most, it's critical that you make sure it stays updated as needed. Firefox is the second most attacked browser, but fortunately, it has a self-updating feature built in. Google Chrome is also good because it has a self-updating feature as well as another security feature that runs plugins in "sandboxes," or restricted environments. If an attacker was able to exploit the browser and run malicious code, it would be isolated to this sandbox and would not able to effect the entire machine. Opera and Safari are also good browsers and should be kept current, too.
5. Keep Windows up-to-date: As always, Windows users should make sure their systems are current with the latest patches from Microsoft. Automatic updates should be turned on.
6. Keep Adobe Reader and Adobe Flash up-to-date: At the moment, Adobe Reader and Flash are the two most targeted programs by hackers. A lot of malware specifically goes after known vulnerabilities within Adobe's software. In addition, a common method of attack, such as that used by Koobface, is to redirect a victim to a malware-infested site where the user is prompted to update their Flash player or Adobe Reader in order to see the website content. NEVER do this. Always go to Adobe's site on your own to download the latest version or update the software on your computer using its own built-in update mechanisms.
7. Don't assume you're safe because you use a Mac: While it's true that Mac users are less targeted than Windows users, they are not immune to malware, despite what those commercials may say. Although Apple did include some malware protection in their latest operating system, it only protects users from two trojans; you cannot count on it alone to protect you. There are a couple of hundred of trojans currently in the wild that specifically target Mac machines, according to Kaspersky. In fact, there may even be as many as a thousand, but researchers are unable to identify all of them because Mac users don't typically run anti-virus software which is how much of the data is collected. These days, when a user clicks an infected link, the malicious web page will now sometimes identify whether that user is coming from a Windows or Mac machine and then display the appropriate version of the trojan accordingly. A particular family of trojans known as "DNS Changer" trojans are the most common ones used to attack Mac machines. The only way to really be sure that you're protected against these malicious programs is to run anti-malware software on your Mac, but most Mac users won't do so, preferring to take their chances since their risk is lower.
8. Be wary of email messages from social networks: Because email addresses can be "spoofed" by hackers, you can't assume that an email from Facebook or Twitter is really from those the site it claims to be from. As always, you should never open attachments you were not expecting to receive and you should be wary of clicking on links - especially if you're being told to "update your account." If you do click on a link and are taken to a web page that asks you to log into the site, DON'T DO IT. It would be handing over your password to the hackers. Instead, you should always access the sites directly by typing in their URL in your browser or clicking a saved link in your Favorites.

It's Not Just a Matter of Common Sense Anymore

As the above best practices show, a lot of the things you can do to protect yourself from malware are the same as they have been in the past - keep your computer and browser up-to-date, don't open attachments, etc. However, malware is trickier to identify these days thanks to social networking sites. It now uses the trusted identities of your friends in order to lull its victims into a false sense of safety. You can no longer simply assume that because someone you know posted a link, it's automatically safe. You can't even assume that the networks themselves are safe, either. They're not always scanned for malware-laden links, and when they are, such as is the case with Twitter, it's not a 100% effective method.

Security researchers are actively working on better ways to fight this problem - for example, Kaspersky just announced their "Krab Krawler" project which will help keep their blacklists current by scanning for malicious links on Twitter, but it's not a tool that end-users can download to protect themselves; it's only one of many methods that security firms use to collect data about the malware on the internet. The best way to stay safe is to follow through with all the best practices - not just one or two. Malware isn't ever going away, so everyone must do their own part in order to stay safe on the web.

Traffic to Twitter is declining, Hitwise General Manager of Global Research Bill Tancer writes, while Facebook's growth continues to go through the roof. Facebook is approaching ubiquity, while Twitter's appeal is narrow and its average registered user is totally unengaged. "That being said," Tancer writes, "I still plan to tweet this entry."

Facebook feels more secure though, it's got clearer social hooks and it's easier to start using. As a result, Facebook is probably ten or more times the size of Twitter. As Twitter user Justin Houk put it today, "Twitter is a cult classic in the making - not a blockbuster."

The Hitwise data doesn't take into account the use of 3rd party Twitter clients, but the Twitter website is a more common way to interact with the service and its traffic is a good proxy for overall Twitter use.

What are the relative business prospects for both, long term? It's hard to say, but charts like these from Hitwise have got to make Twitter HQ feel uneasy.

See also: Facebook Has Twitter Envy - But Why? and Twitter and Facebook Investment Terms and Game Plans

Changes include developer access to user emails, more prominent app displays on user profiles, all-new homepage dashboards for apps and games, and improvements to Open Graph and Analytics APIs. Facebook Connect libraries will be "smaller, clearer, and faster," and app policies and principles will be streamlined and uniformly enforced. Read on for details and screenshots of the new faces of Facebook apps.

"Through these new APIs and tools, we are giving all developers building with Facebook and those in our largest application category - gaming - new ways to attract and engage users."

Look & Feel Changes

Indeed, Facebook seems to regard gaming as its own monster - something that has taken off to the extent of taking over the platform, and not something that was necessarily anticipated. For that reason, we see of the most interesting changes as drawing a line in the sand between social games and "real" apps.

In this bit of new hotness, you can see Apps displayed on the homepage left-hand menu for easier user discovery that will likely be less dependent on recommendations or invitations from one's Facebook friends. And Games are now just games, no longer grouped under the general apps umbrella.

The Games Dashboard will also give developers a new communication channel, called "News", for sending personalized text updates to their users.

One of the more interesting changes that will drive adoption and interaction virally is letting usersfeature their favorite apps on their home pages with bookmarks and new dashboards. "In addition, users will be able to better represent applications on their profile following short-term changes that include focusing profile integration on application tabs, as well as removing profile boxes, the info section of boxes, and the Boxes tab," writes Beard. Also, the apps that are bookmarked into a user's homepage menu will have counters, just like Facebook's own features, to prompt user actions.

Apps are also getting a new canvas layout, "a format that increases brand association with users," writes Beard.

Communication Changes

App-user communication is rather busted in its current state. Beard acknowledges this fact and presents a preliminary solution. "Application communication in channels like notifications and requests aren't effectively serving their original purpose. There is a significant opportunity to improve the user experience and reduce spam by replacing them with better features."

Moving forward, Facebook developers will also be able to interact with users in several different ways. First of all, user-user communication via the platform will be consolidated into streams and inboxes and will have new features to help users remain engaged with apps. User-to-user communications commonly in the notifications and requests channels will be moved to the inbox, as well.

Also, developers will have access to user email addresses. Using the domain @facebookappmail.com, devs will be able to contact users via email through what Beard says will be a safe, secure channel for users.

Developer Product Changes

Beard also highlighted two APIs set to change. The Open Graph API will allow any page on any website to integrate Facebook Page features. This means that users can become Facebook fans of any site or page on the Internet; that page would then appear on the user's profile and in Facebook search results; and the page will be able to publish stories to the user's stream. Although this change in itself doesn't open any Facebook data to the rest of the world, it does significantly increase the boundaries of the walled garden.

Beard also writes that an improved Application Insights Page and new Analytics API are on the way. He promises improved tools, more robust data, and better management capabilities for apps and Facebook Connect-enabled websites.

And speaking of Facebook Connect, those libraries are set to become smaller and faster. Other boons to devs include the public roadmap, a new website for developers, and Platform Live Status, "a central dashboard to view the health of various integration points, bugs, and Platform uptime as well as detail about upcoming changes and improvements to Platform." The developer blog and status feed will also be available via email subscriptions.

Finally, Facebook's Developer Principles and Policies have been streamlined and will now be applied across the platform. "In addition," Beard notes, "we're retiring the formerly optional Application Verification brand, submission process, fees and badge; the program's higher standards will be required and applications will be subject to review at any time."

In terms of reducing the platform's complexity and increasing its power and speed, Beard concludes, "We are focused on designing Platform in a way that we can run core Facebook applications on the same set of APIs you're building on. If our technologies aren't fast, robust, and simple, we will feel the same pains that you do."

What do our developer friends have to say about Facebook's proposed changes and attempts at communicating them? Is it helpful to have some idea of what will be happening to the platform, when changes will occur, and why Facebook is making those adjustments?

Another question that interests us is that of cross-platform development: From what other companies would you also like to see developer roadmaps?

Let us know your thoughts in the comments.

According to Experian, nearly 59% of all the social networking visits were visits to Facebook while only 30% were to MySpace - a 55% decrease in market share over the past year in terms of visits for the one-time king of social networks.

Looking at just the year-over-year percent change may give you the impression that Twitter's popularity is through the roof. After all, they posted an increase of over 1000 percentage points. But the truth is, their percentage of visits still remains relatively low. Only 1.84% of visits to social networking sites in September were to Twitter, bringing them in at #4 on the chart.

What? Tagged Beats Twitter?

Facebook and MySpace beat Twitter out for the top two spots, but you may be surprised to see who came in at #3: Tagged. Yes, Tagged, the social networking site that's best known for getting busted in an email invite scam is beating out Twitter.

Although we like to think that spammy marketing tactics don't pay off, it seems that for Tagged they have. Their aggressive methods in the past involved having new registrants add their contact lists to the service which Tagged then used to send out "invites" to everyone in the user's address book. The worst part is that the invites looked as if they came from the individual users when really, most were completely unaware anything had been sent out. Tagged has also been known to send out emails that force users to sign up for accounts in order to see shared photos from other users, even going so far as to guilt-trip recipients into signing up with messages that read: "If you don't click, [the person] may think you said no :(".

As despicable as these tactics are, they've helped Tagged grow and remain profitable. ComScore reported the site had 32 million visitors in April of this year, up from 14 million the prior year. And once there, the visitors are staying engaged, generating over 5 billion pageviews during that month.

Believe it or not, the company is still growing according to the Hitwise data, albeit at a slower rate than it did a couple of years ago when it was adding more users per day than MySpace. In September of 2008, the site received 1.62% of social networking visits and this September, they received 2.38%. Although those numbers are small, they're still larger than Twitter's who came in at 0.15% last year and 1.84% this past month.

Even worse, when calculating the time spent on the social networking sites, Tagged has shown an increase there as well. They're up from 23 minutes in September of 2008 to 25 minutes in September 2009. Meanwhile, Twitter is showing a decrease from 36 minutes to just under 16 minutes year-over-year, a loss of 56%.

Although Hitwise focuses on U.S. traffic only, these findings go against everything we've heard about Twitter and its popularity - in fact, they seem to confirm that there may be more media hype surrounding the microblogging network than there is actual engagement among its users.

It would be interesting to compare the number of users each network has with the visits, but that would be hard to do since Twitter refuses to release those sorts of statistics. Meanwhile, we're left wondering if Hitwise has had some sort of massive system glitch in their system or if we've just seen proof of how Twitter's supposed popularity is just all talk.