More than half of the million images that are private photos of MySpace users was stolen and uploaded onto BitTorrent. This is a huge privacy breach to MySpace users. The hacker, “DMaul”, said that he learned the security hole from the WIRED and used the method of attack. This security hole was surfaced last fall and because of this, various adversaries such as possible pedophiles, voyeurs, and advertisements were able to steal these photos. DeMaul ended up seeding these photos and advertised them as “pictures taken exclusively from private profiles”. It turns out that his attack cycles through the accounts by MySpace Friend ID numbers, thus did not target any specific group of people. Although, the attack did not target any specific group, this is a significant breach that affected users who are under 16 because their accounts are automatically set of private and their adversaries are more dangerous. Even though the attack result in leaks of a huge amount of pictures, it seems that MySpace didn’t follow up with the issue properly.<\/p>\n
\nAfter reading this article, it occurs to me how insecure online profiles are. For example, the article also mentions various security holes that MySpace previously had. As more social network websites are created for various purposes, more and more types of assets will be compromise. If LinkedIn have any security breach, then the assets aren’t simply just pictures anymore. Adversaries will be able to steal information about users that are much more valuable. I believe one way to prevent such problem is design the security aspect heavily during the same design phase of the application. If they include a security review of the design of the application, there will be less security vulnerabilities. The way MySpace handled this attack makes me a worry that social networks might not care about the most important assets to the social networks, which are the users information.<\/p>\n
http:\/\/www.wired.com\/politics\/security\/news\/2008\/01\/myspace_torrent<\/p>\n","protected":false},"excerpt":{"rendered":"
More than half of the million images that are private photos of MySpace users was stolen and uploaded onto BitTorrent. This is a huge privacy breach to MySpace users. The hacker, “DMaul”, said that he learned the security hole from … Continue reading