From time to time, you’ll find yourself watching the news, or reading the newspaper, and a story will come on that tells you absolutely nothing you wanted or needed to know. Some of these are harmless, such as profiles on the marginally remarkable people in your community; others are “human interest” pieces, like a feel-good story about a 4th Grade class decorating rubber ducks as an art project. None of these stories actually hurt anything; they’re just indications that either nothing actually happened today, or else nothing happened that isn’t too controversial for the local news team to cover it. One such story, which migrated onto the Internet this week, concerned a woman who sent a naked picture of herself to her husband using an iPhone – and the picture getting pirated and distributed all over the Net…
You can reference the story off the original site here if you want to, but the upshot is that the woman in our story was using an iPhone photo sharing application to send a topless photo of herself to her husband, who is currently overseas serving in the military. Unfortunately, the application’s internal security wasn’t very well conceived, and the picture was stolen and illegally distributed all around the ‘Net. What makes this a story at all is that the application wasn’t a “free app,” which means that the woman in question actually paid money to use it, and that the application was marketed as being a (relatively) secure way to send pictures over the Internet. What makes it a non-story is that anyone over the age of ten already knows that there is no such thing…
Even in its earliest days, the Internet was never really secure. Long before there were websites and blogs and social networking and all of the other conventions we take for granted now, there were hackers – men and occasionally women who lived to crack security, nose around systems they weren’t supposed to be in, and steal data for fun and profit. It’s probably fair to say that even twenty-five years ago, before there were cell phones, digital cameras or photo-sharing sites, no one who understood the first thing about computers would have put a naked picture of themselves on one – unless they were prepared to have it stolen by the first hacker who came along. There’s a reason that computers with really important data on them are not connected to the Internet, and it has nothing to do with conspiracy theories…
So if it’s a total non-story, why am I calling it to your attention? Well, for one thing, this particular data theft wasn’t managed by a daring hacker; the photo-sharing app (and its parent company) had a major security problem that they had apparently failed to address until much too late. For another, the woman whose naked picture was stolen is suing the company, claiming that when the pictures were posted online and then sent to her family and her employer her whole life was destroyed. So if we want to be fair, in this case, we should probably stop blaming the topless woman, who was merely far too trusting, and start blaming the software company, which was apparently too stupid to grasp concepts like “data security,” “reasonable expectation of privacy,” “public relations fiasco” or “expensive/catastrophic liability lawsuit…”
Let’s hope they grasp the concept of “get a good lawyer,” because if they don’t, everyone who paid for this particular iPhone app is going to end up having wasted their money. And if your company sells a product that can be hacked, cracked, or otherwise used to embarrass the heck out of somebody, please don’t assume that no one would really be naïve enough to make themselves vulnerable to such an event…
Friday, May 28, 2010
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment