Can't Blame The Messenger For Identity Theft Security Problems
from the poking-holes dept
With all of the various data security holes reported over the past few weeks, one aspect that didn't get much coverage was how some of them were discovered. The guy who found out that an online payroll company was exposing plenty of personal data has written up his experience claiming that PayMaxx threatened to sue him for pointing out the flaw. They said it was a violation of the Computer Fraud and Abuse Act -- even though he was just trying to protect his own and others' content. With such an experience behind him, he's pointing out that any real attempt to stop identity theft needs to explicitly allow "white hat" hacking. This way, those who are simply trying to help companies find the security flaws in their system are protected. It's basically a question of whether or not the messenger should be blamed. Still, many will point out that there's a fine line between good Samaritan hacking and malicious hacking -- and some worry that malicious hackers will start claiming good intentions when they're caught. However, if the boundaries are made clear, this shouldn't be a huge problem.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
Protect against Identity Theft - use CAT (Cellular
The eAUthentication Service is available to all Web sites from Mega AS Consulting Ltd.
Use it.
[ link to this | view in chronology ]