Home » Society » Business » Adulterated Security

Adulterated Security

When the Ashley Madison breach was announced, the most confusing aspect of the reportage came directly from the screen capture of the site’s home page. It reads:

Life is too short. Have an affair.

That’s right. Not “hug your child” or “save a tree”, but “engage in conduct destructive to the stability of your marriage that involves logistics almost certain to lead to eventual discovery.”

The press coverage of the incident has focused on the misfortune facing those whose membership in the site has been exposed to the public. The dire predictions presented the image of a tidal wave of attorneys descending upon the nation’s family law courts. In general, the tone is sympathetic towards consenting adults facing the consequences of public reaction to conduct often considered immoral. One case often cited are couples that have open marriages by consent (although why such people would be concerned about exposure is unclear to me). As for the rest, I wonder whether those of us that believe in the sanctity of marital vows shouldn’t be motivated to take action to shut down sites that, like Pirate Bay, are used to hide the identity of people that prey upon our trust.

Discretion was part of the Ashley Madison promise. The image on the home page presents an attractive female face with a finger before pursed lips. Again, given the logistics that make eventual discovery almost certain, a smoking gun would have been a better metaphor than a finger.

Unless of course it was a middle finger. It turns out that Avid Life was defrauding their clientele, fabricating female accounts and collected money for services that they did not perform. Specifically, they did not delete the accounts of users that paid to have them removed.

Now think about this: the subscribers to this service are providing sensitive personal data to an organization that seems to not have any business ethics. Obviously Avid Life is concerned only with maximizing their bottom line. Is anybody watching the store? What evidence do we have that Avid Life was not selling this information on to other companies?

There was another incident in recent history that resonates with this one in my mind. Employed as a systems administrator in the national security industry, Edward Snowden purportedly became alarmed that he and his peers had access to secret information that they were not authorized to view. His way of exposing this to the public was to steal and release government secrets. It was not a limited or targeted release – it was a snowstorm of national security data including unflattering character assessments of many people, both private and official.

What if this is another Snowden-like case? What if an insider at Ashley Madison became aware that the company was planning on selling personal data for direct marketing by other companies? What if that person became outraged that the release would include information on people that had paid to have their accounts deleted?

Would the “hacker” then be a hero, rather than a criminal?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s