Lawsuit Alleges School Used Webcams to Lurk in Students' Homes

By Katherine Noyes

TechNewsWorld

02/19/10 9:00 AM PT

The school accused of remotely activating computer webcams to spy on students in their homes has denied the charges, although it acknowledged that the functionality was available for the purpose of recovering stolen computers. If the school actually engaged in spying, even with the aim of protecting students, "the administrators themselves became the predators," said tech attorney Ray Van Dyke.

A Pennsylvania couple has filed a lawsuit against their local school district for allegedly using the webcam in a school-issued laptop to spy on their son at home.

The suit -- which was filed last week in U.S. District Court by Michael Robbins and Holly Robbins on behalf of their son, Blake Robbins -- alleges that the Lower Merion School District of Ardmore, Pa., invaded students' privacy and stole private information, violating numerous laws.

The family seeks unspecified compensatory and punitive damages as well as class action status for the suit, which would allow other students to take part as well. Some 1,800 students within the Lower Merion School District have been issued laptop computers, the filing notes.

'Engaging in Improper Behavior'

What sparked the discovery was Assistant Principal Lindy Matsko's assertion in early November that Harriton High School student Blake Robbins had been "engaging in improper behavior in his home," the filing explains. Matsko allegedly used as evidence of that behavior a photograph taken by the webcam in Robbins' computer.

Robbins' father then confirmed with the school that the district had the ability to remotely activate the webcams in the laptops it gives its students. Documentation accompanying the laptops, the family charged, made no reference to that ability.

"As the laptops at issue were routinely used by students and family members while at home, it is believed and therefore averred that many of the images captured and intercepted may consist of images of minors and their parents or friends in compromising or embarrassing positions, including, but not limited to, in various stages of dress or undress," the filing states.

Feature Now Deactivated

The district maintains that the remote activation ability is strictly for the purposes of security.
"The security feature was installed to help locate a laptop in the event it was reported lost, missing or stolen so that the laptop could be returned to the student," wrote Superintendent Christopher McGinley in a statement issued late Thursday. "This feature has only been used for the limited purpose of locating a lost, stolen or missing laptop. The District has not used the tracking feature or web cam for any other purpose or in any other manner whatsoever."

The district has now deactivated the feature, however, and has no plans to reactivate it "without express written notification to all students and families," McGinley noted.

"We regret if this situation has caused any concern or inconvenience among our students and families," he added.

'Very Serious Ramifications'

I have seen Trojan horses used by stalkers so they could turn on webcams remotely, but this is the first time I've ever heard of a school with the audacity to do something like this," Parry Aftab, privacy lawyer and executive director of WiredSafety, told TechNewsWorld. "There are criminal trespassing laws possibly at work here, and maybe wiretapping as well."

In addition, for the school to take action about what students do at home "violates the Constitution across the board," Aftab added. "They have no authority over what students do in their own homes. This is not Nazi Germany or Cold War Russia."

Whether it violates wiretapping laws or not, "if the school knew about this, it is reprehensible," Aftab opined. "There should be very serious ramifications."

'Administrators Became the Predators'

In general, "privacy is under siege in all aspects of life," Raymond Van Dyke, a partner with Merchant & Gould, told TechNewsWorld. "Although the Supreme Court has said that students in school have reduced rights, people in their own home have considerable constitutional rights regarding privacy."

The school's actions "constitute Big Brother in the school and home, an egregious infringement of privacy as well as the parents' rights to govern their own children and impose limits," Van Dyke added. "Even though the school administrators' presumed intent was to monitor and protect -- e.g., against porn, drugs and online predators -- they clearly crossed the line of propriety. Indeed, the administrators themselves became the predators."

With so many laptops issued by the district, the class action will likely proceed, Van Dyke concluded.

Information from : technewsworld.com

Roxxxy Sexbot: It's Not Her Looks, It's Her Personalities

This summary is not available. Please click here to view the post.

Opera Hits Some Unexpected High Notes With New Beta

By Scott M. Fulton,
IIIBetanews
02/20/10 5:00 AM PT





A handful of elements of Opera's latest 10.5 beta still feel a little alpha -- an oddly behaving button here, a small JavaScript control problem there. What's really impressive, though, is Opera's performance: Its graphics rendering is unbelievable. Chrome 4 had us already whistling on the Canvas geography map rendering test, with a 31.75 score. Opera 10.5 Beta 1 scores a 63.50 on that same test.


Recently we saw yet another daily build of what Opera Software was calling its "pre-alpha" of the Opera 10.5 Web browser, a product that the company certainly wanted folks to test, even though they were warned it wasn't even ready for daily use. With various software publishers' development schedules being organized so differently from one another, it's difficult enough distinguishing "previews" from "alpha previews" from "preview alphas" -- just yesterday, for example, Mozilla finalized a public "developer preview" of Firefox 3.7 Alpha 1, closing off its "Alpha 1 preview" track before starting, on the same day, its "Alpha 2 preview" track.


But Opera, perhaps breaching etiquette altogether and going for the sinister "Triple Dog Dare," has skipped right over Alpha 1 -- which we were all expecting -- and officially dubbed the latest build of 10.5 "Beta 1." In so doing, Opera also removed what it had been calling "10.2 Alpha 1" off of its list of test builds and replaced it with 10.5 Beta 1 on its "browser/next" page.
There are a few elements of this new beta that still have a certain "alpha" flavor to them: for example, a button on the search bar that doesn't search for the contents already in the text box, but only after you type new text into the box, and a JavaScript control problem on a very simple conditional loop still forces an error condition on one of our basic JavaScript tests -- an error that one can excuse in a "pre-alpha."

That said, Opera is now officially back in the hunt for Web browser performance supremacy, warts and all. Last week, after a huge set of Patch Tuesday updates forced a slowdown of our index browser (Internet Explorer 7 in Windows Vista), and even a slight speed gain in IE8 on Windows 7, triggered a reset of all our Windows 7 browser test scores slightly higher, Opera 10.5 held on to the lead over the latest development build of Google (Nasdaq: GOOG) Chrome 5.
However, the lead is much narrower than it was previously, by almost 44 percent. With the wind in Chrome 5's sails now, Opera has to paddle as fast as it can to maintain its distance from what has become the fastest-evolving browser chassis in history.


Tweaks Here and There




We'll get back to performance in a bit; first, a look at some of the other new Opera 10.5 features we're noticing. Last December, we showed you the completely revised Opera front-end, which made us wonder why this wasn't being called "Opera 11." For Beta 1, we've noticed a few tweaks: First, there are fewer buttons in the Address bar than in the first "pre-alpha." Back and Forward are now paired, and a new "fast-forward" button (there's no textual name for it that we can see) is capable of paging ahead, within sequences of pages that haven't been loaded yet. We tried it with Betanews articles, and it works quite well -- you can get to Page 2 from Page 1 even if you can't find our page button.


The Search bar has been tweaked and now bears the logo of the search engine you're using (Google remains the default). The search button has been moved to the right, but as we mentioned, there's times when it didn't function for us in the first beta build.




The Side panel is back in 10.5 (it wasn't working for us in the pre-alpha), and it remains the most convenient way for us to pull up bookmarks. One of our favorite Firefox add-ons is the All-in-One Sidebar, but as we've been reminded any number of times, its design inspiration comes from Opera.




The tab bar can still be slid open to reveal thumbnail previews, though in the beta, Web pages' icons ("favicons") have returned to accompany their title bars. When you hover over a tab or a little thumbnail, Opera 10.5 pulls up a big thumbnail, along with more space for the page's title and URL. The tab button with the picture of a tab in it, that didn't convey its meaning very well, has been replaced with a "recycle bin" button that makes more sense. From here, you can re-open closed tabs.




Controls along the bottom of the new Opera window are now rendered in their own tabs; and this is smart, because the tabs themselves are opaque. Opera has been joining the trend toward embracing the translucent window frame in Vista and Windows 7; in the pre-alpha, you could only see the charcoal-grey feature icons when the window was in front of something white or chalky-colored.




Video Viewing




Version 10.5 is Opera's first to follow Firefox's lead in supporting the HTML5 tag -- the ability (theoretically) to show streaming videos from the Web using a codec built into the browser. Unfortunately (and this isn't Opera's fault by any means), the biggest open test of the functionality of the HTML5 tag comes from YouTube, where the test uses the proprietary H.264 codec. While both Firefox and Opera can try to run these tests, they're geared (for now) for Google Chrome 5 and Apple (Nasdaq: AAPL) Safari 4.
With pages using the Ogg Theora codec for the tag -- the one Web standards architects intended -- Opera's built-in player performance appeared stable in early tests. Streaming movies did appear a little "mosaic-ed" for the first few seconds, almost like a JPEG image that's half-loaded. We did notice problems with 10.5 Beta 1 and the Flash codec, especially in YouTube. When a new video player is repeatedly loaded into the same space as the one that initially inhabits a page, Opera has a tendency to blank out the reloaded viewer. You can hear sound, but you see nothing but the page background.




We're impressed by an Opera 10.5 feature that's out of the ordinary for any other browser, and potentially less of a security risk for users: Pop-up windows, including message boxes, are rendered by the JavaScript interpreter as part of the active page, not as separate Opera windows. That means you can't drag a pop-up window outside the page area, which might possibly become an inconvenience in some situations. However, it reduces the opportunity for the type of cross-window spoofing that has characterized exploits of Internet Explorer and Firefox, because pop-ups are run in the context of the active page -- a much tighter sandbox.
We're not impressed with the first beta's upload ability: In fact, the browser does tend to crash following an upload. The built-in session manager (one less add-on you need to attach) does pick up where you left off when you reload the browser.




The Chase Is On




With a few builds under its belt now, it's clear that the development builds of Google Chrome 5 are resuming that browser's course of performance improvement at a rate, on our index, of about half a point per month. Our recent round of Windows 7-based browser tests show higher numbers across the board for another reason: Patch Tuesday has slowed down IE7 in Vista, our index browser, while giving a slight boost to IE8 in Win7.




So the fact that the latest stable build of Google Chrome 4 surged from under 20 to well over 21 on our index is only partly due to a speed improvement. What's important with regard to these index figures is relative performance, and the bar graph will help you better visualize how well one browser compares with another.




The Opera 10.2 alpha track is no longer on our graph, because it's no longer on Opera Software's roadmap. That's probably a good thing, because 10.2 was the slowest browser in the lineup after IE8. The gulf between the current stable Opera 10.1 and the new 10.5 beta is unprecedented: a 370 percent performance improvement, mostly reflecting massively improved computational performance, and somewhat improved rendering performance.


In our tests, the 10.5 pre-alpha suffered from unexplained poor performance in rendering conventional HTML tables -- those tools that old Web pages used to divide and conquer pages, prior to the advent of CSS. That problem completely not only disappeared in the 10.5 beta, it blows away every other browser in the field in this department. On Win7, 10.5 scores a 9.19 -- 919 percent the performance of IE7 in Vista -- followed closely behind by an 8.80 score from the latest stable Safari 4, and 8.10 from Opera 10.1 (the opera brand has typically performed well on this test).

Relative performance of Windows-based

Web browsers in Windows 7, Feb. 11, 2010.

Relative SunSpider (general JavaScript computation) and SlickSpeed (CSS selector) test performance slid a bit from the pre-alpha to the first beta, but we expected that from the first official public build, with all the corrections developers needed to make. Table performance helped Opera 10.5 make up for that, and the new beta still holds the overall lead on the SunSpider: 69.57 versus 68.69 for Chrome 5, and 57.17 for the latest daily WebKit build of Safari.

Graphics Power

Opera's graphics rendering importance is unbelievable: Chrome 4 had us already whistling on the Canvas geography map rendering test, with a 31.75 score. Opera 10.5 Beta 1 scores a 63.50 on that same test.
Where Chrome 5 still holds an edge, including at times over its stable predecessor, is in ordinary page rendering. Chrome 5 scores an 11.49 in the Nontroppo CSS rendering battery, while Chrome 4 surpasses that with 12.05; Opera 10.5 Beta 1 scores 7.44 there. In the standard page load test from Nontroppo, Chrome 5 posts a staggering 16.27. Opera 10.5 is in second place on that scale, but still way behind at 9.99. That Chrome 5 score was so staggering, we tested several times to confirm it.
If Chrome 5 were to improve its handling of plotting graphics to the Canvas element of modern HTML, before Opera 10.5 improves its handling of everyday rendering, Opera could be in trouble. It's a tenuous situation at present for Opera, but let's face facts: It's the nicest tenuous situation that anyone at Opera Software last year could have asked for.
If you're one of those long-time Betanews commenters who has spent the last two years saying, look out guys, Opera is on a comeback ... you have to be smiling now.

© 2009 Betanews. All rights reserved.

© 2009 ECT News Network. All rights reserved.

Information from : technewsworld.com

Before Making the Leap, Check Cloud Security - and Check Your Own

By Ed Moyle

TechNewsWorld

02/16/10 5:00 AM PT

Just because using a cloud service means your important enterprise data will reside on an off-premise site does not make the system in inherently less secure than keeping it in-house. Before making the jump to the cloud, though, some research should be done in terms of security -- both the service provider's and your own.

Most of us are probably familiar with safe deposit boxes -- you know, the secure storage areas that banks and post offices provide to keep things like jewelry and important documents secure. Even if you've never rented one yourself, chances are you're probably familiar with the concept: a safe place where you can put important and one-of-a-kind items so that they'll be protected should the unexpected occur in your home (like a fire, theft or flood).

Ask yourself this: Is a safe deposit box insecure because it's located and accessed from outside your home? In other words, in thinking about the security of the safe deposit box, would you conclude, "I don't trust the bank vault because I don't manage and control it myself?" Probably not, right? In fact, most likely we would conclude the opposite -- that the box is more secure because it's outside the home. Bank vaults are harder to steal from than our homes.

When it comes to everyday life, we realize intuitively that a location is not de facto more secure just by virtue of the fact that we're the one making decisions about how to secure it. It would be ridiculous, for example, if a friend told us that they prefer to keep important papers in a disorganized pile on their bedroom floor because it's inside their home -- and therefore more secure.

So what's my point? A lot of us in the security industry have been getting a bit nervous about decisions that our organizations are making in and around cloud computing. The cloud is a juggernaut in IT right now, and it's buzzing throughout all our organizations. Because it's such a hot topic, a lot of information security and compliance professionals are justifiably concerned about the security impacts of storing critical data in the cloud. Think about it: We're relocating large portions of our critical data to locations outside the firm's technical boundaries -- what does that mean from a security perspective?

There's a lot of concern, and rightly so, because storing or accessing data inappropriately can have a legal, financial or other catastrophic impact. Our first reaction is to cling to old ways of doing things and resist the move to the cloud, because that's what we know and are familiar with. However, it's important for us to remember during all this that just because we control something ourselves, that doesn't always mean it's better.

What Do You Have Today?

Now don't get me wrong -- I'm absolutely not saying that every service provider is the digital equivalent of a safe deposit box. Some are, some aren't. In point of fact, some service providers are much worse from a security perspective than what we can do ourselves (and some are much better.) However, the point is that the security decisions we make aren't (or shouldn't be) just based on where the data is stored; it's much more complicated than that.

If we have the metaphorical equivalent of the disorganized pile of papers internally (i.e., a mishmash of insecure storage, broken access controls, and lax/unmonitored processes for data handling), we may actually be better off from a security perspective making a transition to something hosted externally (depending, of course, on what the vendor provides). On the other hand, if we run a pretty tight ship, we might put ourselves in a worse position by making a change.

Many of our organizations are like our friend with the disorganized pile; some other lucky few have the digital equivalent of a fire box or safe internally. However, most of us are the opposite, with very little idea where our data goes, where critical data is stored, who accesses it, why it's accessed or from where.

In order to make an informed decision, we have to know two things: the security profile of what we're doing today and the profile of what the vendor in question does. If we're in a "papers on the floor" kind of organization and we're looking at a "safe deposit box" cloud service provider, we might choose to do one thing. If we're a shop with robust security controls and we're considering a "fly by night" vendor, maybe we might make a different decision. The point is, knowing those two data points, we can methodically and systematically compare in-sourced to outsourced and make a decision based on facts rather than based on speculation or (worse yet) industry hype.

So how do we get to that? First, start by mapping out what data you currently have, what processes govern how it's accessed, and the controls that you have in place to protect that data. Leverage any formal risk assessment that you may have done in the past (for example, to meet regulatory mandates like HIPAA, PCI or FISMA). If you haven't done a formal risk assessment of your environment, now's the time to do one. It's not as difficult as it used to be with new standard approaches and automated tools. On the standards side, leverage methodologies like ISO 31000:2009 or OCTAVE; on the tools side, look to automated risk-assessment products like White Cyber Knight's WCK-Lancelot or Modulo Risk Manager to automate the process.
You don't want to go to tremendous levels of detail here -- the point is just to get to enough of an understanding of the risk in our environment to be able to make a comparison against the vendor(s) in question. Also, make sure you map out in detail potential threat scenarios (for example, a threat matrix) that includes potential threats like inappropriate access, vectors

(pathways) for access, accessibility issues (e.g., disasters), and so forth.

What Does the Vendor Have?

Next, we have to figure out what the vendor does or doesn't do to protect the data entrusted to them. Ideally, we want to be get enough detail about a vendor to be able to directly compare the risk assessment we have of our environment to the vendor. The challenge, however, is that the vendor may not be able (or willing) to share with us the details of the security controls that they have in place. For example, a vendor may not have confidence enough in their security controls to tell us candidly what they are; they may have a "security through obscurity" belief that not telling us how they protect data provides security value. Whatever the case may be, expect there to be a threshold -- a level of detail that you can't get beyond because of resistance from vendor personnel.

So if we can't get to a complete level of detail for a particular (or any) vendor, what then are we to do? First, put together a mirror of the threat matrix that you did for your own environment -- this lets you understand what potential exposure scenarios there are depending on the decision you make. Second, gather what data you can from the vendor about controls and risks; if there's been an industry-accepted evaluation done (such as a BITS shared assessment or ISO 27001 certification), these can be a good baseline since they both outline minimum baseline controls. If there is no accepted certification, consider vetting the vendor yourself -- either by going there and evaluating their security in person or a paper-based exercise such as a questionnaire. Remember, you don't need to go to a tremendous level of detail -- you only need to get enough that you can make an informed decision based on the facts.

With a level of detail about both your own internal environment as well as a fairly thorough understanding of the vendor environment, you should have enough data to do a methodical, repeatable and objective analysis of both environments. Sometimes going with the vendor is a better security decision, sometimes keeping it in house is. Sometimes your business partners will elect to trump security and go with the less-secure option for reasons not involving protection of the data. However, when based on solid analysis, at least the decision is an informed one.

Information from: technewsworld.com

For Privacy Advocates, Facebook's 'Next Best Thing' Doesn't Cut It

By Scott M. Fulton, III

Betanews

02/06/10 5:00 AM PT

The dust kicked up by the Facebook Beacon debacle is still settling, and the latest development involves a "cy pres," or "next best thing," settlement proposal that would call for Facebook to establish a foundation to help make Web users more aware of their privacy rights. Critics needled that offer last week, noting that the world already has lots of foundations for that -- and none are controlled by Facebook.

Just over two years ago now, Facebook began deploying a behavioral tracking service it called "Beacon," which automatically enabled the tracking of Facebook users' behavior but shared that data with advertising partners. It wasn't an "opt-in" service by anyone's definition, and after Facebook took down most of the service, customers filed a class-action suit against the social network.
In a proposed settlement last September, Facebook is opting to use its own money -- some US$9.5 million -- to establish a fund for the creation of a foundation to help make Web users more aware of their privacy rights and how they can improve their online safety. It's what the law calls a "cy pres" settlement, named for an old French phrase that literally means, "the next best thing."
"Next best" isn't exactly a settlement, contends the advocacy group Public Knowledge, in a statement for the court in the Beacon case filed last week. Why, asks Public Citizen, should Facebook use its own money to pay its own people to do what it should have been paying its own people to do in the first place?

We Get It, We Get It!
"Creating the Facebook foundation is an inappropriate cy pres-like remedy that provides no value to the class because (1) the foundation is unneeded -- numerous established organizations already advocate for improved online privacy, safety and security by educating users, regulators and businesses; and (2) Facebook, whose founder and CEO questions whether privacy rights should be safeguarded, retains unwarranted influence over the proposed foundation," reads Public Citizen's official objection to the proposed settlement .In essence, Facebook is paying itself money to gain a broad release of its users' legal claims and to create an unneeded foundation over which it will have significant control. It is difficult to imagine a greater abuse of the cy pres remedy."
Public Citizen is seeking a legal award of at least US$2,500 per member of the class action, the precedent for which it claims has already been established by the Video Privacy Protection Act. That law was originally created to prevent the misuse of data belonging to customers of video rental establishments.
However, the group's plea is noteworthy also for what it's not asking for, or more accurately, what's it's asking to not receive: specifically, the creation of yet another policy group advising social networks to be more respectful, and users everywhere to be more careful. We get that already, the group argues.
Neck-Deep in Centers, Foundations and Clearinghouses
"Numerous independent, non-profit groups already exist to do precisely that," writes Public Citizen. "A list of such organizations, although not comprehensive, includes the Electronic Privacy Information Center ("established in 1994 to focus public attention on emerging civil liberties issues and to protect privacy, the First Amendment, and constitutional values"), the Electronic Frontier Foundation ("educates the press and public" by "defending free speech, privacy, innovation, and consumer rights today"), Privacy Rights Clearinghouse ("two-part mission -- consumer information and consumer advocacy" with goals to "[r]aise consumers' awareness of how technology affects personal privacy, and to empower consumers to take action to control their own personal information"), the Center for Digital Democracy (addressing privacy issues while promoting "an electronic media system that fosters democratic expression and human rights"), and the World Privacy Forum ("focused on conducting in-depth research, analysis, and consumer education in the area of privacy"). In addition, the Rose Foundation's Consumer Privacy Rights Fund, created from a series of settlements in cases involving consumer privacy issues, awards grants to support privacy-related research, education, advocacy, and policy development ... In addition to being well-established, these organizations have the advantage of not being controlled by Facebook."
Public Citizen's retort now joins that of the Electronic Privacy Information Center, the Center for Digital Democracy, and four other groups which jointly filed their own letter of opposition last month. In it, the groups' attorneys write, "Facebook is not accused of failing to effectively 'educate' users and regulators. Facebook is accused of inappropriately disclosing its users' personal information in direct violation of state and federal law. A foundation whose primary goal is the education of users regarding business practices is not an appropriate remedy where it is the business practices that caused the harm."
When the settlement was proposed last September, digital media attorney David Johnson of law firm Jeffer, Mangels, Butler & Marmaro smelled a rat right away. In a blog post for his firm, Johnson wrote, "What a deal! Facebook is already required by law to promote the online privacy, safety and security of its users' information. For example, the FTC has mandated that all companies must 'maintain reasonable and appropriate measures to protect sensitive consumer information' and has already filed suit and obtained consent orders requiring a couple of dozen consumer-oriented businesses like Facebook to do so ... So Facebook effectively gets most of its money back to fund projects that it is already has an obligation to perform. If the Court winds up cutting the fees paid to Plaintiffs' counsel, this just means that more money will go back to Facebook to pay for things it is already obligated to do."
For its part, Facebook declared the matter closed last September, and has had no further comment since then. The judge in the San Jose US District Court case already granted preliminary approval to the settlement in October, but final approval awaits the judge's review of comments received in the interim.
© 2009 Betanews. All rights reserved.

© 2009 ECT News Network. All rights reserved.

Information from : technewsworld.com

Facebook's Virtual World War II Memorials

By Monika Scislowska
AP
02/07/10 5:00 AM PT

Volunteers hoping to keep alive the memories of those who died in conflicts decades ago are turning to Facebook to set up memorial pages. One individual being memorialized is Henio Zytomirski, a boy who was murdered in the Holocaust. Those who maintain the pages say they give people around the world a chance to know those who died, though others say such displays may trivialize tragedies.

Henio Zytomirski's Facebook profile picture stands out from most. The grinning 6-year-old is captured in black and white and poses in an old-fashioned buttoned-up shirt and shorts.
The photograph, shot in 1939, is probably the last taken of him before he was murdered in the Holocaust.
A group in the boy's hometown of Lublin is using the social networking site to breathe virtual life into Henio's stolen childhood and give people around the world the chance to get to know him -- as well as mourn the millions of others killed by Nazi Germany.
With nearly 3,000 friends, Henio's page is one of the most striking examples of a new phenomenon in which people are setting up Facebook memorials for the victims of the past century's greatest tragedies. Another project in Belgium attempts to create Facebook pages for each of the 27,594 Allied soldiers who were killed in Belgium during WWII, and Anne Frank and the Auschwitz memorial site are also on Facebook.

Rekindling Memories
Facebook and MySpace users have long been creating memorial pages for friends and family, but these new projects aim to rekindle lives of the more distant dead who might otherwise be forgotten.
"Henio was an eyewitness and a victim to the Nazis' actions. Because he was murdered, he could never provide his testimony," his page says in a post written by Neta Zytomirski Avidar, a cousin of Henio's who lives in Israel and has helped build the site. "We try to guess what might have been his testimony."
On Henio's page, postings made by Henio's cousin and other administrators shift between third-person descriptions of his life and posts in the voice of dead boy.
One of Henio's pictures shows a Hebrew-language book -- the kind Henio would have studied from if the war hadn't broken out on what was to have been his first day of school, preventing him from ever attending.
The caption in Polish reads: "It will be September soon. I will go to school. I wonder what's it like at school. I'm a bit afraid. Daddy says there is no need to be afraid. After all -- he is a teacher. Today I saw my textbook."
Questioning the Use of First-Person
Some historians and educators fear the use of the social media in war remembrance could trivialize tragedies like the Holocaust, or that postings like those in Henio's name could blur the boundaries between fact and fiction.
Adam Kopciowski, a historian at Lublin's Marie Curie-Sklodowska University who specializes in Jewish studies, believes posts written in the dead boy's voice raise ethical questions and amount to "abuse toward a child that has been dead for the past 70 years."
"This is an act of pretending to be a person that has died, but we cannot be sure whether he spoke that way, whether he thought that way, whether he acted that way," Kopciowski said.
Certainly amid the postings for Henio, some mundane, even silly, messages can be found on his Wall, such as invitations to play the popular Facebook game Mafia Wars. Some send him little virtual gifts: a bouquet of flowers, honey from Israel, dreidels at Hanukkah.
Joy Sather-Wagstaff, a cultural anthropologist at North Dakota State University, said the virtual gifts should not necessarily be seen as frivolous.
"I look at this as a virtual version of what they would leave if they actually went to a place where there was a monument to him. I bet they would leave little notes and toys -- the physical material version of what you see them leaving on Facebook."
Grappling With Grief
Sather-Wagstaff cofacilitated an informal December conference in Washington, D.C., cohosted by the United States Holocaust Memorial Museum entitled "Conscience Un-conference: Using Social Media for Good" -- in which Henio's page was a focus of discussion.
She said she sees the Henio phenomenon as one way people today grapple with what death means in an era of great tragedies of scale, from the Sept. 11 attacks to the recent earthquake in Haiti.
Pawel Brozek, a history student who helps administer the site, said that when the project was launched last summer, it initially drew criticism from several Poles who said it insulted Henio's dignity. But those voices were quickly hushed by an outpouring of positive reaction from around the world.
Anthropologist Mark Auslander, a Brandeis University professor who specializes in the use of ritual and art in commemorating the dead, said he believes social media like Facebook are "vital new technologies " that hold great promise in education, and that Henio's site is one of the most captivating he has seen.
He discussed Henio in a recent blog, writing that "thousands of people log on in order to enter in to some sort of symbolic exchange with the Dead, to engage in an act of nurturing directed towards the other world."
"The phenomenon is very fascinating," Auslander told The Associated Press. "It tells us something profound about our deep desire around the world to be linked to one another through these fragile traces of memory. And this is potentially a very wonderful and beautiful thing."
Facebook's Take
Technically speaking, Henio's page goes against Facebook rules: Profile pages are meant primarily for individuals who are still living, to communicate with one another, share photos, play games. For users who have died, it's possible to set up a "memorialized" account so friends and family can pay tribute.
Pages for businesses, celebrities and other public figures, meanwhile, generally have "fans" instead of "friends" -- and that should also be the case for victims of historic tragedies like Henio, said Facebook spokesperson Brandee Barker.
A big reason for this is that Facebook limits the number of "friends" individual users can have to 5,000. Fan pages for businesses and public figures have no such limit, so any number of Facebook users could join as fans in tribute to the individual's life, Barker said.
She added that in "certain cases," Facebook will work with users to "migrate" a profile page to a fan page.
Henio's History
Henio and his family were forced in 1941 by the Nazis to live in Lublin's ghetto -- one of the hellish places where many Polish Jews died from a lack of food, diseases or random executions.
At some point in 1942 Henio and his father Szmuel were sent to the nearby Majdanek death camp, and it is believed he died there by early 1943. His father was killed there soon after.
Henio's Facebook page evolved from earlier commemorative projects launched by the group "Grodzka Gate-NN Teater" that uses theater and other forms of performance to resurrect the memory of the 40,000 Jews who lived in the eastern Polish city before the war -- a third of the city's population.
Henio was chosen because a trove of family pictures and letters was made available to the Lublin group by his cousin.
"Forty-thousand names and faces ... cannot be memorized," Henio's profile says, urging people instead to: "Remember just one of them."
In a typical response, an Italian Facebook "friend" of Henio's wrote this month: "Little Henio, I think about you often. I consider your presence on Facebook a great opportunity to reflect, more real than many friendships granted to real people. Thank you, Henio. I hope you can have many friends."
Piotr Kadlcik, the leader of Poland's Jewish community, said that in today's rapidly changing world he welcomes the effort.
"Absolutely all forms that help us spread information about the past should be used and encouraged," Kadlcik said. "These are not times for honoring people with huge marble monuments and official ceremonies."
Looking for a Few Good Researchers
A similar drive is also behind a new Belgian attempt to create Facebook pages for each of the 27,594 Allied soldiers who were killed in Belgium during WWII and are buried in Belgian cemeteries, men from countries including the U.S., Britain, France and Australia.
High school students are each being asked to research the lives and battles of a chosen soldier and -- with the help of archives kept by the Institute for Veterans -- produce a Facebook page for each one with photos, audio and video. It is hoped relatives of the dead soldiers will submit whatever documents and other evidence they have.
The first Facebook page created as part of that project honors Lance Cpl. Thomas Leslie Cartwright of High Wycombe, England. Cartwright was killed in fighting in 1944 and is buried in the Kasterlee War Cemetery in northern Belgium along with 99 comrades of the British Army's Royal Scots.
The plan is to have each soldier documented on Facebook by 2014, when the country will mark the 70th anniversary of Belgium's liberation.
"You are only dead if no one talks about you anymore," said Pol Van Den Driessche, a Belgian senator who launched the project, known as "Live and Remember."
© 2009 Associated Press. All rights reserved.

© 2009 ECT News Network. All rights reserved.

Information from: technewsworld.com