LawMeme LawMeme Yale Law School  
LawMeme
Search LawMeme [ Advanced Search ]
 
 
 
 
Bl0gg3r h8X0r3d, Security Implications Scary
Posted by James Grimmelmann on Friday, October 25 @ 20:54:22 EDT Computer Crime
Blogger was hacked earlier today. According to Anil (and his guests), the password database was compromised and passwords reset. Guess a blogger's login, and you too could have started running the Orbital Blog Control Laser.

The incident is a bit terrifying from a security perspective when you remember that users casually entrust Blogger with their FTP passwords. It looks like that database was separate from the main Blogger database, so the unthinkable didn't happen this time. Discussion since this morning has centered on whether Blogger's centralized model is intrinsically risky. Decentralized blogging tools -- which, after all, often involve "trusted" web interfaces that can trample your account if not properly secured -- do have one major advantage: an intruder must actually carry out the exploit against each separate host to be attacked. Whereas if you could get yourself in to the Blogger databases, you could probably singlehandedly start or stop the war in Iraq inside of an hour.

And now for the law-school style questions. Is there an important difference between hacking ten thousand sites and hacking one site that controls ten thousand sites? Should Blogger be held to a different (legal) standard for supplying a service instead of supplying software? Should the users who gave Blogger their passwords be in trouble with their local sysadmins? With the law? And now for the kicker: what if Blogger (or its users) had been claiming protection under the DMCA? LawMeme is sorting through the implications.

 
Login
Nickname

Password

Don't have an account yet? You can create one. As registered user you have some advantages like theme manager, comments configuration and post comments with your name.
Related Links
· More about Computer Crime
· News by James Grimmelmann


Most read story about Computer Crime:
Generalized Spam and Blogs

Article Rating
Average Score: 1
Votes: 1


Please take a second and vote for this article:

Bad
Regular
Good
Very Good
Excellent


Options

Printer Friendly Page  Printer Friendly Page

Send to a Friend  Send to a Friend
"User's Login" | Login/Create an Account | 0 comments
Threshold
  
The comments are owned by the poster. We aren't responsible for their content.

Leges humanae nascuntur, vivunt, moriuntur
Human laws are born, live, and die


All stories, comments and submissions copyright their respective posters.
Everything Else Copyright (c) 2002 by the Information Society Project.
This material may be distributed only subject to the terms and conditions set forth in the Open Publication License, v1.0 or later (the latest version is presently available at http://www.opencontent.org/openpub/).

You can syndicate our news using the file backend.php