Monday, March 19, 2007

Technology News: Viruses & Malware: MySpace Bug Alerts Could Trigger Mischief

Technology News: Viruses & Malware: MySpace Bug Alerts Could Trigger MischiefYou don't run the world's oldest and largest cybersafety gorup without knowing a few hackers. But there is a difference between "hackers" and "Hackers." The term "hacker" had traditionally stood for network security and design experts. They were the ones who built the Internet, not the ones who destroys it.

Vint Cerf, the father of the Internet and creator of TCP/IP (the code that created the Internet), proudly defines himself as a "hacker." But in his case, it's a capital "H" hacker. He builds, and doesn't destroy.

Many others using the term "Hacker" have been involved in protecting kids online. The former group, Ethical Hackers Against Pedophilia, broke the first commercial child porn ring (what later became known as "Landslide"). Without their dogged determination to "follow the money" and find those behind this site, thousands would have escaped the police and countless children would be exploited in the process as well.

Did they break the law? Not to my knowledge.

Now some "hackers" have announced that they will publish security bugs on a public website. These are bugs they found on myspace. It's not surprising that myspace has bugs. It grew out of a tiny concept to one of the most popular sites ever published. It may not always scale. But it's not a financial institution, or a banking site, or an insurance company site, or paypal, or a healthcare site. It's a social network. No one should be posting anything there that "parents, principals, predators and the police" shouldn't or couldn't safely see.

so, will there be bugs? I'm sure there will be. Few sites are security bug free.

But is publishing them on a website the way to go? Only if you want to be famous anonymously. Otherwise, if they are serious about fixing security bugs, let me know. I'll introduce you to the right people at myspace. And perhaps you'll bec ome famous for finding bugs on a huge and very popular site and protecting people, instead of potentially putting them at risk.

my 2 cents.

No comments:

Post a Comment

Parry Aftab is interested in hearing ideas and questions about digital safety, privacy and cybersense. Please do not advertise or promote services or products or include a link, video or image in your comment.

Now for the boring legal stuff:
We reserve the right to delete and/or moderate any comments at any time.
Note that Parry Aftab does not respond to legal questions and cannot address specific issues about reported abuse.She cannot be retained as legal counsel online, and any prospective client must sign a retainer agreement before becoming a legal client of Ms. Aftab. Any legal discussions are educational and informational only and anything submitted may be made public on this blog.

Ms.Aftab reserves the right to report any abuse, threats or harassment to the requisite authorities.