Remember How The DMCA 'Stopped' The Release Of Ashley Madison Cheaters Data? About That…
from the boom-goes-the-dynamite dept
Last month, you may recall, the news broke that the “dating site for people who want to cheat on their spouse,” Ashley Madison, had its systems hacked, and all its data leaked. For rather obvious reasons, this had a lot of people rather worried about what would be revealed. However, the company insisted that there was no problem at all, because it had used the DMCA to take down all leaked copies. We pointed out how ridiculous this was on multiple levels. First, that’s not what the DMCA is for, and as embarrassing as this was for Ashley Madison’s parent company Avid Life Media, it does not hold the copyright in such data. Second, the idea that this would actually stop the data from reaching the public was ludicrous.
And… it took longer than expected, but less than a month later, the data file has leaked online, and you can bet that lots of people — journalists, security researchers, blackmailers and just generally curious folks — have been downloading it and checking it out.
Maybe, next time, rather than claiming copyright, the company will do a better job of protecting its systems.
Filed Under: cheating, copyright, dmca, infidelity, leak
Companies: ashley madison, avid life media
Comments on “Remember How The DMCA 'Stopped' The Release Of Ashley Madison Cheaters Data? About That…”
Naughty, naughty
The UK press are reporting that around 150 of the email addresses are gov.uk domains. AKA the UK Government and/or Parliament. Oops.
Re: Naughty, naughty
The Tories are in power. About half the MPs from their last stint in office during the Thatcher/Major era seemed to be in trouble for having extramarital affairs, issues with rent boys and all sorts of other things (all while running on a platform of “family values” and “morality”, of course”).
I don’t think anyone remotely attentive should be surprised in any way.
Re: Re: Naughty, naughty
The very definition of a politician is someone who wants to tell other people how to behave, while making an exception for themselves because they delude themselves into thinking that they are superior to those they are ruling.
Re: Re: Re: Naughty, naughty
That may be what many do.
But I still don’t think that’s the definition. Certainly not the “Very definition”.
You are literally killing me with the exaggerations.
Re: Re: Re:2 Naughty, naughty
I’ve already told him about this, at least a thousand times. He never, ever listens to anything anyone says.
Re: Re: Re:2 Naughty, naughty
You guys are right, i’d probably re-classify politicians as more megnomaniacs………but then, i would’nt want to offend the megnomaniacs
Re: Re: Re:3 Naughty, naughty
not the same anon as above, as i realise my comment might suggest……
I liked your description anon
Re: Re: Re:3 Naughty, naughty
What’s a “megnomaniac”? Did you mean “megalomaniac”?
Re: Naughty, naughty
They don’t verify email addresses so it would be pretty easy to smear someone you don’t like. Not that I would be surprised if they were legit.
Re: Re: Naughty, naughty
Signing up for a service that’s likely to get you in hot water if you get caught is one level of stupid, doing so using an email that’s likely to get you in legal hot water is quite another. There’s also the issue that unless the service made their members’ emails public, which would be incredibly stupid, using an email email address to ‘smear’ someone would require you to expect that the database would be hacked and leaked, as it would be useless for the purpose otherwise.
As such I imagine any government email addresses are indeed legitimate.
Re: Re: Re: Naughty, naughty
I thought he meant that the hackers could have added it.
Re: Re: Naughty, naughty
…They don’t verify email addresses…
If that’s true it’s negligence, pure and simple. Even on-line game sites requires responding to an email sent to the stated address to complete registration.
Re: Re: Re: Naughty, naughty
How is that negligence? Worst case (or so they thought) was that someone would start getting unwanted emails from them, but the confirmation email would be an unwanted email itself.
If someone is going to lie about their email address to make someone else look bad, that’s on the liar, not on the website… but unless they knew the hack was imminent, why would anyone bother doing this?
Re: Naughty, naughty
I wonder if this is being treated as a national security issue.
Consider the Office of Personnel Management data breach in the US, reported a couple months ago. The identities, financial information, personal details and more, for millions of American government employees with security clearances, plus their relatives. 21.5 million people total. Details on which of them are in financial difficulty. Even 1.1 million fingerprints, making secret agents no longer safe even if their names are changed
China (and whoever they trade the data to) now knows who they are, and the financial data narrows down who to target for recruitment.
Now leverage this with the Ashley Madison leak, 37 million registered users exposed. You can bet that the Chinese and others are cross-referencing the two datasets to see who has a security clearance AND is cheating on their spouse. Or who is married to someone with a security clearance, and is cheating or being cheated on. Sorted by financial difficulty.
No doubt the Ashley Madison leak is giving a few foreign intelligence officers a Stimulating Personal Moment without even being a member.
Re: Re: Naughty, naughty
funny thing would be, those who’ve been hacked, getting pissed about it, while incidently, some of them also being folks who cheerleaded their own governments exact same act perputated on them……..get this, then continue to cheerlead the same act
Big old freaking facepalm
Re: Naughty, naughty
NOOOOOOOOOOOOO,
But
But
I have my
My
My blinders on
Aghhhhh
Stupid things not working,…..maybe if i hit it…like this……end of transmission
OMG there's mike masnick! turns ons: exposing myself online, big black buck-aneers, fantasy football
looks like we have a wiener
The DMCA can not save the hypocrites from themselves.
lolololol
the thing to also consider is, what if the security flaw had been found by a security expert and brought to the attention of the company concerned? the chances are, like so many previous examples, the security expert would have been threatened with court action over copyright or something equally as ridiculous! what has happened here is harsh, but a warning apparently was given. no sympathy from me!
Re: Re:
That prior warning should make the grounds for a great class action law suit. I wonder how they will contact the class?
Re: Re: Re:
Two words, “Divorce Records”
Re: Re:
Here’s the thing: the hackers had near-total control of access to all the infromation on the corporation.
And it was undetected.
Re: Re: Re:
“And it was undetected” doesn’t say much of anything.
That can be anything from “Firewalls? Who needs firewalls? Anti-virus anti-smirus, we don’t want them”
to
“Yea we had firewalls with closed to open process and a clean up rule, VPNs, IDS, application firewall, access management with elevated access controls, role base with ‘just needed’ access, centralized AV, device management, web-proxy, PCI compliancy, SFTP server, PEN testing, etc……sigh, but they still got us”.
Big fucking spectrum.
Re: Re: Re: Re:
“we don’t want them” or need them, or, why do we need them
The amount of times ive seen that mindset being posted is mind boggeling
I say
Why the fuck not!
the paranoid in me would say
Why the fuck dont YOU want them…….followed by, who are you, and what business are you in?
Because
Why the fuck not!????
Headaches of such a system is not valid argument, as with most things continueously used, it will improve with time, if its given a damn chance too
Excuse my french
Re: Re: Re: Re:
apologies, my last post was not clear on re-read, was not a critazism, i agree, more security, why the hell not?
Re: Re: Re:2 Re:
No apologies needed..I work in IT SEC too. =b
Misinterpreting the DMCA again
It’s Digital Millennium Censorship Act.
I know that Censorship is so easy to confuse with Copyright because they are so similar and have such similar origins and purposes.
If it was digital millennium copyright act, then the person wielding the DMCA would need to be the copyright owner of the material they seek to have censored.
And so it begins
Re: Re:
Its been beginning for a very long time now
Re: Re:
Um, Yoda is not the sci fi character who said “And so it begins”.
And this shows why you want strong encryption without backdoors.
Put a backdoor and you just gave the ones who want to exploit what’s behind it the red carpet. Because, you know, the law isn’t the only one who would use a backdoor…
Now, this is a case that in the end, was made public, but thik about what someone who wants to blackmail, let’s say, a government official in care of important national security related resources can do if he gets access to juicy details like these.
Like, you know: “Look the other way when these crates labelled Автомат Калашникова arrive to your country, and I will look the way about this little thing that might interest your wife a lot. And yeah, don’t mind my accent and that I got the plans of that interesting building either, make it not your business, even if it’s your business.”
Blackmailers, Inc. loves the recent approaches to ban encryption on the internet. It makes their jobs easier.
Re: Re:
If i were government, i’d probably be thinking, on how to have access and me alone, i know, hacks/exploits based on physical access requirement
mmmmm, how many hobby hackers have access to under sea cables again
Anyway, something along that line of thinking
“the company insisted that there was no problem at all, because it had used the DMCA to take down all leaked copies”
Typical corporate+ PR bullshit for the easilly satisfied
Easy as in, if they say its ok, its then ok….whether it IS ok, is another matter
Now if they were being truthfull, they could have said something along the lines of
“Dont worry folks, your governing bodies are actively and perpetually pursuing, AND, maintaning exploits against your property, so, really, you should learn to expect more of this in the future, and learn to accept it!
Thank you for your understanding and imaginary support”
“P.S.
Everythings OK”
*raised shoulder, two thumbs up, shinning teeth*