Twitter had some issues this weekend with folks sneaking Javascript code into profiles to effectively create self-replicating Twitter worms. These worms were exploiting a hole in which Twitter was not doing enough scrubbing of user inputs for the CSS customization of a profile page. While this was clearly a security flaw and had to be fixed, it does result from a basic philosophy which aims at maximum flexibility in how people use Twitter. This stands in fairly stark contrast with the very ti...

Yesterday, I met with someone launching an exchange for privately held companies . The idea is to have a marketplace that is somewhere between the inefficient one-off negotiation of secondary sales on one end and going public on the other. Pretty quickly our discussion turned to the disclosure of information about these private companies. One of the reasons given for being a private is so as to not have to disclose a lot of information to others (including potential competitors). So how do yo...

Twitter had some issues this weekend with folks sneaking Javascript code into profiles to effectively create self-replicating Twitter worms. These worms were exploiting a hole in which Twitter was not doing enough scrubbing of user inputs for the CSS customization of a profile page. While this was clearly a security flaw and had to be fixed, it does result from a basic philosophy which aims at maximum flexibility in how people use Twitter. This stands in fairly stark contrast with the very ti...

Yesterday, I met with someone launching an exchange for privately held companies . The idea is to have a marketplace that is somewhere between the inefficient one-off negotiation of secondary sales on one end and going public on the other. Pretty quickly our discussion turned to the disclosure of information about these private companies. One of the reasons given for being a private is so as to not have to disclose a lot of information to others (including potential competitors). So how do yo...