MySpace is undergoing scrutiny for a series of recent security breaches and oversights. The sequence of events, as reported on Wired.com, is as follows:

  • January 15 reported – MySpace issues press release announcing new safety measures after a year of looking at safety issues on the site 
    • 49 states joined with MySpace to help eliminate online predators
    • MySpace profiles for those under age 16 will be set to private
  • January 17 reported - ‘private’ MySpace teen photos leaked  
    • A bug allowed anyone access to see photos of users with private profiles, including users under the age of 16
    • Photos made their way to message boards, including those of pedophiles
    • Knowledge of the bug, and how to exploit it, circulated on message boards for months
    • Websites were created to automatically exploit the bug for anyone who entered a Friend ID into a search field
    • This is not the first time a bug of this sort has exploited private photos
  • January 18 reportedMySpace fixed the bug  
    • No public acknowledgement of the bug or the fix
  • January 24 reported – more than half a million images from private MySpace profiles leaked to BitTorrent 
    • 17-gigabyte file of images lifted from MySpace profiles during the period of the access bug was uploaded to BitTorrent (peer-to-peer file sharing)

The appearance of the file on BitTorrent signals this as one of the largest privacy breaches MySpace has had so far. MySpace has yet to acknowledge this issue.

In 2006, MySpace had to react to privacy issues surrounding registered sex offenders using MySpace to prey on minors.

We used special software to expose hundreds of registered sex offenders with accounts on MySpace. That prompted the social network to run its own computerized search, which turned up at least 29,000 registered sex offenders.

Wired was partly responsible for triggering a year-long investigation into safety issues on MySpace – but this photo-hack was missed. A bug that should have been found through testing or online monitoring of MySpace privacy issues. The January 17 Wired.com story triggered the fix of this bug that either went unnoticed or was ignored by MySpace. However, the privacy concern has not gone away. That file has made its way online in a permanent way.

Particularly for youth, and their parents & teachers, it should be cautioned not to trust the privacy settings of social networking sites like MySpace and Facebook. If there is a photo or video you don’t want anyone to see, don’t put it online. Period.

Via CNet, Wired (1, 2, 3)Tags: , , , , , ,

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • del.icio.us
  • Digg
  • StumbleUpon
  • Technorati