Several experts in information technology (IT) and consumer protection are jousting over whether the average person can create effective protections against computer hackers.The enlightening debate between New York Times and Wired Magazine columnists is excerpted below. Media watchdog Andrew Jay Schwartzman, at left, a prominent advocate for consumers before regulatory agencies in the nation’s capital, wrote about it Nov. 16 in his Daily Item column.The debate provides several useful practical tips, even if the bottom line is that we all remain vulnerable to any hackers who are determined to exploit our vulnerabilities.One such tip: Do not provide truthful answers to password security questions, even the name of your pet dog. That’s because hackers can reconstruct our lives, put the specifics into a dossier, and then use the information to extract our data.
I was reminded of the scope of the problem this month in a somewhat embarrassing way after a dating service targeted some of my old friends from Connecticut.
Zoosk, an app on Facebook, in effect hijacked my address book and began sending unauthorized invitations at random — supposedly from me. Zoosk apparently builds customer base by uploading address books extracted from those who undertake exploratory clicks to learn what its app does. I sometimes start a registration process, as here, upon receiving an invitation to connect. But any app should provide an easy opt-out before it hijacks data, and should have a transparent complaint process.
The invitations encouraged addressees to click on their service to see “my” photos. If someone did so then his or her address book apparently was hijacked in the same way. The process expands the database of Zoosk ad infinitum in spirit of chain mail. Partly as a result, Zoosk now boasts that it is the world leader in its field.
In this way, one of “my” invitations went to the wife of my first boss, whom I met a few times at our office in the mid-1970s when I worked at the Hartford Courant. My former boss, who used his wife’s email a few years ago to send several of us an email, wrote me last week in response to the Zoosk “invitation” that I should use his email for communications to the family. That’s for sure, especially for a message via a dating service!
Zoosk executives such as Co-founder and Co-CEO Shayan Zadeh have been extremely unresponsive to my letters of inquiry and complaint. My follow ups include my threat to take the matter to the Federal Trade Commission, whose headquarters are across the street from the Justice Integrity Project office in Washington, DC.
Like victims everywhere, therefore, I was in the right frame of mind to read the recent columns surveying protections available to consumers against the wide array of scams, inconveniences, and other cyber-threats that confront any heavy user of Internet services.
Schwartzman, the former leader of the Media Access Project, provides a brief overview, We’re doomed. His column focuses on hacking attacks even more aggressive and otherwise sinister than Zoosk-style methods. He cited a New York Times column by Nichole Perlroth, How to Devise Passwords That Drive Hackers Away. Also cited was Wired columnist Mat Honan, who wrote, The New York Times Is Wrong: Strong Passwords Can’t Save Us.
As for Zoosk, my column here is part of my apology to my friends or colleagues who were distracted — and perhaps victimized — by the company and its business practices.
In a footnote to that tale, one of my “invitations” went to Deborah, my girlfriend in college more than four decades ago. She opened it, no doubt to laugh with her husband that I was apparently still trying to get a date. But her clicks hijacked her address book — and sent out many similar invitations to her list, supposedly on her behalf. Some of her contacts accepted “her” invitation. Thus, the huckster promotion continues.
With any luck, however, the last laugh may be on the masterminds at Zoosk, who hide all their own and other employee emails — doubtless from fear of hackers and irate members of the public.
Deborah, as it happens, is a retired career attorney at the Federal Trade Commission and Department of Justice. She no longer with any official power, but is fully familiar with the regulatory system. She wrote Zoosk’s public relations firm that their dating service operation deserves to be investigated and denounced.
And who better than the management of Zoosk to appreciate a little tough love?
- Zappos Attacked: 25 Million Accounts At Risk
- eBay Hacked Ask Its Millions Of Users To Change Passwords
- Apple App Developers Have Access To Your Personal Photos And Contact List
- FTC Advises Consumers on Preventing, Identifying, and Dealing With Hacked Email or Social Networking Accounts
- Consumer Advocate: How To Protected Your Online Identity
- Sony PlayStation Hacking: Why It’s Dangerous, How To Protect Yourself