When Friends Give Your Info To Commercial Websites With Security Holes

from the hmm... dept

We've posted a few stories wondering why people aren't upset that their friends and acquaintances are providing their private contact info to a random company named Plaxo. Of course, people might get a little more concerned if they knew that Plaxo's security wasn't so hot. Jeremy Wagstaff points out that Plaxo was recently alerted to a huge security hole that revealed everyone's contact list info. Once again, you have to wonder: why are we okay that someone we know is giving all of our info to a company who can't even keep it private? And, if they reveal all the info, who is the responsible party? Plaxo, or our "friends" who gave our info to Plaxo?
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    beck, 17 Mar 2004 @ 10:33pm

    You Can't Win


    I started a new email address for personal correspondence only. No Internet signups, don't give the address to anyone but friends and family.


    Two weeks later my grandmother sends me an online greeting card from some fly-by-night outfit.


    Thanks Grandma.

    link to this | view in chronology ]

  • identicon
    Stacy Martin, 17 Mar 2004 @ 11:23pm

    Plaxo Security

    Mike,

    We acknowledge the recent vulnerabilities that were reported and in both cases, Plaxo reacted very quickly to the reports and fixed the problems within hours of receiving each report.

    While I'm not attempting to diminish the seriousness of the vulnerabilities, their reach was limited since the vulnerabilities only applied to the smaller population of Plaxo Web users, and they could only be implemented by targetting individual users. In revewing the behavior of both vulnerabilities, we do not believe any user's data was compromised beyond those who reported the problems. But nevertheless, since late last week, we've made a number of additional changes and enhancements to the service in order to minimize the occurance of these types of problems again.

    We appreciate the Internet community and our users in assisting us and enhancing our service by making us aware of these problems. We would like to thank our users for their continued support.

    Shortly, we will be adding to our web site a Privacy and Security area to better inform our users of potential security problems and fixes, in addition to best practices, FAQs, articles, and discussion forums on security and privacy issues regarding the usage of Plaxo. Questions on security, privacy, or abuse can be directed to my attention by contacting us at privacy-at-plaxo.com.

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.