MySpace Photo Leak

Until recently, MySpace had a serious security flaw that allowed photos of users whose profiles were set to private to be viewed by anyone. Two weeks ago, user called DMaul uploaded a 17 GB file of more than 500,000 private Myspace photos available for download on torrent sites. The file was the 9th most downloaded file on torrent sites that week.

According to Wired, the file quickly lost popularity after people realized it was a random collection of typical photos — weddings, babies, birthday parties. DMaul has come forward to explain his actions, saying “I think the greatest motivator was simply to prove that it could be done. It is ridiculous to think that there is privacy on public websites. These types of situations are more education than anything.” So DMaul’s actions indeed had no malicious intent, and they should by taken for their educational value.

The real kicker is that the security flaw was known on various message boards for months before it was fixed. What’s even more disconcerting is how this flaw was exploited. A thread on the discussion forum Sohh.com back in October consisted of a self-described “pedo army” sharing the private galleries of 15 and 16-year-old girls. There have even been YouTube videos and commercial websites touting this flaw. It was only after Wired broke the story that MySpace finally fixed the hole. I’m also surprised that despite a fair amount of coverage in the blogosphere, the story hasn’t made it into the mainstream news either.

MySpace has so far refused to comment on the situation, so it’s hard to say whether MySpace was unaware of the situation or was aware and didn’t act on it. Either way, the blame should lie with MySpace for flouting the privacy of its users for so long. While most teens are perfectly aware of the dangers of leaving their profiles open, there is the expectation that profiles set to private will indeed be private. Is this expectation rational in today’s world? Surely the millions of people who do their banking or shopping online would think so. Social networking sites should be taking the privacy of its users more seriously, especially when minors are concerned. It has been suggested that sites like MySpace need to create special task forces that will prowl the Internet looking for security flaws as they arise. When users have done their part to protect their privacy, MySpace should do its part too.

Protest starts on Facebook, ends in the streets

Hundreds of thousands of Columbians are expected to march today in 185 cities across the globe in protest of Revolutionary Armed Forces of Colombia (FARC) and their use of kidnapping as a weapon. How did such a mass movement get started?  Facebook.

The Christian Science Monitor reports,

“We expected the idea to resound with a lot of people but not so much and not so quickly,” says Oscar Morales, who started the Facebook group against the FARC…

Morales started the Facebook Group “UN MILLON DE VOCES CONTRA LAS FARC” on the 4th of January 2008 – it now has 265,833 members.  While  the low barrier to participation in joining a Facebook group may call into question the power such action truly holds, today’s march proves that in some cases, a click of the mouse may be the first step in becoming truly politically engaged.  The protest also depicts just how powerful a tool social networking sites such as Facebook can be in organizing political action.

Also of note is language of choice – as Facebook users go global, how do languages play out?  Currently, one must have some knowledge of English to sign up and work the features of the site – limiting the international user base to more educated segment of society.  Efforts are underway to make Facebook available in other languages: acknowledging the power of the crowd, Facebook has turned to their users to translate the site into other languages.

– Miriam Simun