The Net Ain't Secure

The Internet is like the Wild Wild West. The rules of the game aren’t (can’t be?) defined upfront. Rather, we evolve them as we go along because it’s impossible to know what opportunities, situations and loopholes may come up on this frontier.

There’s this site called Ashley Madison whose by-line is “Life is short. Have an affair.” The site facilitates exactly that:
“Have an Affair today on Ashley Madison. Thousands of cheating wives and cheating husbands signup everyday looking for an affair…. With Our affair guarantee package we guarantee you will find the perfect affair partner.”
No, this isn’t a joke. It’s for real! The site has 40 million registered users.

And then the site got hacked. The hackers, who call themselves the Impact Team, demanded that the site be taken down. Or else?
“We will release all customer records, including profiles with all the customers’ secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails.”
To prove they were the real deal, they released a few sample files of data (and continue to do so since the site continues to run). The hackers wrote:
“Too bad for those men, they’re cheating dirtbags.”
This sounds like the moral police working with hackers!

The data isn’t easy to access and it is pretty raw (“raw” means not formatted for easy reading/searching), but that’s not a problem for those who know how to program. It’s becoming a targeted search operation, as John Herrman points out:
“They started by searching for people with government email addresses, university email addresses, and addresses associated with major corporations.”
You can see where this is heading: public embarrassment, blackmail and even fraud (with the card details). Herrman wonders:
“Will news organizations, presented with user profiles associated with public figures, ask for comment? Treat each as news? Which ones?”

Does all this worry you, not because of Ashley Madison in particular but because of the general security and privacy risks it brings to your attention? Is it a sign of the future where “every email, private message, text and transaction” could come back to haunt you?

Or do you agree with John Gruber’s take?
“This feels like the plot from a movie — it’s hard to imagine a large scale hack that would create more schadenfreude than this.”

Either way, as the ancient Chinese curse supposedly said:
“May you live in interesting times.”

Comments

Post a Comment

Popular posts from this blog

Student of the Year

Image
As a toddler, my daughter loved Alia Bhatt’s songs, esp. the ones from Student of the Year . (That movie did have many good songs and well-choreographed dances). Fast forward to present day, when she is 12 yo. She rarely watches Hindi movies now, but one of the few ones she likes of late, Raja aur Rani ki Prem Kahani has, yes, Alia Bhatt.   If I had any hopes that there was anything to be read in the name of her toddler-time favorite ( Student of the Year ), they have been dashed. Our conversations come exam time are perfectly captured by this photo and its caption: In fact, the pic below captures how she and I look at her answer sheets – me intently, she with an expression of “It’s over, so why are you even looking at it?”   Of late, we pull her leg and tell her that she isn’t showing any signs of academic prowess, she’d better find a rich guy to marry. Some time later, she showed us this meme on the Internet: “Me No Study, Me No Care Me Go Marry Millionaire If He Die
Read more

Why we Deceive Ourselves

In their book, The Elephant in the Brain , the authors describe this weird aspect of deception that we practice: deceiving ourselves! That is so weird: “If our minds contain maps of our worlds, what good comes from having an inaccurate version of these maps?” The Sigmund Freud school of thought treats self-deception as a defense mechanism, “a way for the ego to protect itself”. The mind seeks to protect itself from anxiety and other negative emotions. Many object to this reasoning: since accurate information is so critical to our survival, surely distorting information would be dangerous. Wouldn’t the goal of protecting our self-esteem have been better achieved by making the brain’s self-esteem mechanism stronger instead? The new school of thought explains self-deception as “primarily outward-facing, manipulative, and ultimately self-serving”. This is based on Thomas Schelling’s work on game theory: “In a variety of scenarios, limiting or sabotaging yourself is the winn
Read more

Handling of the Satyam Scam

The Satyam scam. How does that fit into Montek Singh Ahluwalia’s book on reforms in India, Backstage ? The reason is that, as both NASSCOM and the government of India felt: “(Satyam’s) collapse would create a great deal of disruption for clients worldwide and seriously damage India’s reputation as a reliable source of software services.”   Therefore, the government decided to work with the private sector to “organize a quick takeover by a reputable new buyer, who would quickly restart the company”. But that could not be done overnight. In the meantime, the new board would have to reach out to Satyam’s clients and “reassure them that the company would survive”.   For the new board to have credibility when it made that statement, it had to be staffed with people who understood the private sector, the IT sector in particular, and commanded respect and trust. Deepak Parikh from HDFC was made chairman, and other members of the board included a former NASSCOM chairman, CII member,
Read more