Jan 24 2008
One of the basic tenets I’ve been living with for a while is if it’s online, it’s public. I consider everything I write online to be available to the public, whether it’s something I blog about, something I write on a closed mailing list or something I put on a social networking site. Most people don’t realize how true that really is and that their data is only a couple of lines of code from being posted all over the Internet at the best of times. Half a million MySpace users found out this week exactly how true that is; the photos they considered private were recently placed online in a 17 Gb file.
One of the things I find mildly surprising is that creator of the file, DMaul, says he hasn’t found any photos that we’re “obviously illegal”. I guess that means the folks doing bad things on the Internet are smart enough not to place photographic proof on a social networking site. The good news is even if your pictures were amongst those downloaded, the sheer size of the file is enough to keep most people from downloading it. Someone might index the files and place them in an online database though, which would make things interesting again.
The average end user thinks their information is safe with their social media company, if they think about it at all. But this isn’t the case, whether due to a vulnerability similar to what MySpace suffered or a business model that makes your private information a commodity like Facebook’s Beacon. This is a lesson we’ll have to teach our friends and end users, along with others like “never accept links from a stranger” and “don’t open unknown files”.