Skip to main content

Ashley Madison's data breach is everyone's problem

Ashley Madison's data breach is everyone's problem

Share this story

Late last night, the 37 million users of the adultery-themed dating site Ashley Madison got some very bad news. A group calling itself the Impact Team appears to have compromised all the company's data, and is threatening to release "all customer records, including profiles with all the customers' secret sexual fantasies" if Ashley Madison and a sister site are not taken down.

Collecting and retaining user data is the norm in modern web businesses, and while it's usually invisible, the result for Ashley Madison has been catastrophic. In hindsight, we can point to data that should have been anonymized or connections that should have been less accessible, but the biggest problem is deeper and more universal. If services want to offer genuine privacy, they have to break away from those practices, interrogating every element of their service as a potential security problem. Ashley Madison didn't do that. The service was engineered and arranged like dozens of other modern web sites — and by following those rules, the company made a breach like this inevitable.

The company made a breach like this inevitable

The most obvious example of this is Ashley Madison's password reset feature. It works just like dozens of other password resets you've seen: you enter in your email, and if you're in the database, they'll send a link to create a new password. As developer Troy Hunt points out, it also shows you a slightly different message if the email really is in the database. The result is that, if you want to find out if your husband is looking for dates on Ashley Madison, all you have to do is plug in his email and see which page you get.

That was true long before the hack, and it was a serious data leak — but because it followed standard web practices, it slipped by mostly unnoticed. It's not the only example: you could make similar points about data retention, SQL databases or a dozen other back-end features. This is how web development usually works. You find features that work on other sites and you copy them, giving developers a codebase to work from and users a head start in figuring out the site. But those features aren't usually built with privacy in mind, which means developers often import security problems at the same time. The password reset feature was fine for services like Amazon or Gmail, where it doesn't matter if you're outed as a user — but for an ostensibly private service like Ashley Madison, it was a disaster waiting to happen.

Now that the company's database is on the cusp of being made public, there are other design decisions that may prove even more damaging. Why, for instance, did the site keep users' real names and addresses on file? It's a standard practice, sure, and it certainly makes billing easier — but now that Ashley Madison has been breached, it's hard to think the benefits outweighed the risk. As Johns Hopkins cryptographer Matthew Green pointed out in the wake of the breach, customer data is often a liability rather than an asset. If the service is meant to be private, why not purge all identifiable information from the servers, communicating only through pseudonyms?

Customer data is often a liability rather than an asset

The worst practice of all was Ashley Madison's "paid delete" service, which offered to take down user's private data for $19 — a practice that now looks like extortion in the service of privacy. But even the idea of paying a premium for privacy isn't new within the web more broadly. WHOIS offers a version of the same service: for an extra $8 per year, you can keep your personal information out of the database. The difference, of course, is that Ashley Madison is an entirely different kind of service, and should have been baking privacy in from the very beginning.

It's an open question how strong Ashley Madison's privacy needed to be — should it have used Bitcoins instead of credit cards? insisted on Tor? — but the company seems to have ignored those issues entirely. The result was a disaster waiting to happen. There's no obvious technical failure to blame for the breach (according to the company, the attacker was an insider threat), but there was a serious data management problem, and it’s entirely Ashley Madison’s fault. Much of the data that's at risk of leaking should never have been available at all.

But while Ashley Madison made a bad, painful error by openly retaining that much data, it’s not the only company that’s making that mistake. We expect modern web companies to collect and retain data on their users, even when they have no reason to. The expectation hits every level, from the way sites are funded to the way they're engineered. It rarely backfires, but when it does, it can be a nightmare for companies and users alike. For Ashley Madison, it may be that the company didn't truly consider privacy until it was too late.

Verge Video: What is the future of sex?

Today’s Storystream

Feed refreshed Sep 24 Not just you

E
External Link
Emma RothSep 24
California Governor Gavin Newsom vetoes the state’s “BitLicense” law.

The bill, called the Digital Financial Assets Law, would establish a regulatory framework for companies that transact with cryptocurrency in the state, similar to New York’s BitLicense system. In a statement, Newsom says it’s “premature to lock a licensing structure” and that implementing such a program is a “costly undertaking:”

A more flexible approach is needed to ensure regulatory oversight can keep up with rapidly evolving technology and use cases, and is tailored with the proper tools to address trends and mitigate consumer harm.


A
Youtube
Andrew WebsterSep 24
Look at this Thing.

At its Tudum event today, Netflix showed off a new clip from the Tim Burton series Wednesday, which focused on a very important character: the sentient hand known as Thing. The full series starts streaming on November 23rd.


Welcome to the new Verge

Revolutionizing the media with blog posts

Nilay PatelSep 13
A
The Verge
Andrew WebsterSep 24
Get ready for some Netflix news.

At 1PM ET today Netflix is streaming its second annual Tudum event, where you can expect to hear news about and see trailers from its biggest franchises, including The Witcher and Bridgerton. I’ll be covering the event live alongside my colleague Charles Pulliam-Moore, and you can also watch along at the link below. There will be lots of expected names during the stream, but I have my fingers crossed for a new season of Hemlock Grove.


A
Andrew WebsterSep 24
Looking for something to do this weekend?

Why not hang out on the couch playing video games and watching TV. It’s a good time for it, with intriguing recent releases like Return to Monkey Island, Session: Skate Sim, and the Star Wars spinoff Andor. Or you could check out some of the new anime on Netflix, including Thermae Romae Novae (pictured below), which is my personal favorite time-traveling story about bathing.


A screenshot from the Netflix anime Thermae Romae Novae.
Thermae Romae Novae.
Image: Netflix
J
Twitter
Jay PetersSep 23
Twitch’s creators SVP is leaving the company.

Constance Knight, Twitch’s senior vice president of global creators, is leaving for a new opportunity, according to Bloomberg’s Cecilia D’Anastasio. Knight shared her departure with staff on the same day Twitch announced impending cuts to how much its biggest streamers will earn from subscriptions.


T
Twitter
Tom WarrenSep 23
Has the Windows 11 2022 Update made your gaming PC stutter?

Nvidia GPU owners have been complaining of stuttering and poor frame rates with the latest Windows 11 update, but thankfully there’s a fix. Nvidia has identified an issue with its GeForce Experience overlay and the Windows 11 2022 Update (22H2). A fix is available in beta from Nvidia’s website.


A
External Link
If you’re using crash detection on the iPhone 14, invest in a really good phone mount.

Motorcycle owner Douglas Sonders has a cautionary tale in Jalopnik today about the iPhone 14’s new crash detection feature. He was riding his LiveWire One motorcycle down the West Side Highway at about 60 mph when he hit a bump, causing his iPhone 14 Pro Max to fly off its handlebar mount. Soon after, his girlfriend and parents received text messages that he had been in a horrible accident, causing several hours of panic. The phone even called the police, all because it fell off the handlebars. All thanks to crash detection.

Riding a motorcycle is very dangerous, and the last thing anyone needs is to think their loved one was in a horrible crash when they weren’t. This is obviously an edge case, but it makes me wonder what other sort of false positives we see as more phones adopt this technology.


A
External Link
Ford is running out of its own Blue Oval badges.

Running out of semiconductors is one thing, but running out of your own iconic nameplates is just downright brutal. The Wall Street Journal reports badge and nameplate shortages are impacting the automaker's popular F-series pickup lineup, delaying deliveries and causing general chaos.

Some executives are even proposing a 3D printing workaround, but they didn’t feel like the substitutes would clear the bar. All in all, it's been a dreadful summer of supply chain setbacks for Ford, leading the company to reorganize its org chart to bring some sort of relief.