Friday, August 21, 2015

Your cheatin’ heart: The Ashley Madison Affair

Part of me wants to say that, if ever there’s a site that deserves to be hacked, it’s Ashley Madison, the for married folks looking for some side action.

On the other hand, I suspect that not much actually happens on Ashley Madison, beyond a bunch of bored, curious, seven-year-itchy husbands signing and checking off their list of fantasies and druthers. After all, how many actual hookups are going to come about if the demographics are 86% male and 14% female? With odds like that, you’re really not likely to find someone who’s both compatible and convenient. Sounds like one big fantasy-land to me. Online entrapment for folks for whom the SI swimsuit addition and the Playboy Bunny of the Month (if there is such a thing) don’t quite do it for any more.

Well, now they’ve been stung, and big time. Apparently, there are places you can go to grab the info of the 37 million members of the club.

The information available for each user was extensive.

"It's everything from their name, age, interests, whether they smoke or drink, down to very detailed sexual fantasies, what they enjoy having done to them and what they want to do to others," said Adam McNeil, a malware intelligence analyst at Malwarebytes Labs, a Santa Clara, Calif.-based computer security firm who has inspected the database. (Source: USA Today)

Some intermediaries are already combing through and publishing lists of everyone with, e.g., a .gov email address. (Seriously, what were people thinking when they signed up with their work email? Talk about the little head doing the thinking for the big head.)

But by now there are supposed 37 million members worrying about whether they’re going to get found out by their spouse, or outed by some vigilante troublemakers. Not to mention that they’ll be the target of people who are as equally noxious – if not worse – than the original hackers:

The release of the data is going to unleash a flood of phishing attacks on unsuspecting users, security experts warn. Anyone who wants can now go and download millions of email addresses and use them to send out "phishing" messages that contain malicious software that the unwary or the worried might open, said Ken Westin, senior security analyst at Tripwire, a Portland, Ore.-based security company.(Source: USA Today)

Meanwhile, it’s not clear what the hackers wanted. Are they blackmailers? The morality police? Thrill seekers?

The hackers appeared to target AshleyMadison and EstablishedMen over the questionable morals they condoned and encouraged, but they also took issue with what they considered ALM’s fraudulent business practices. Despite promising customers to delete their user data from the site for a $19 fee, the company actually retained the data on ALM’s servers, the hackers claimed. “Too bad for those men, they’re cheating dirtbags and deserve no such discretion,” the hackers wrote. “Too bad for ALM [Ashley Madison parent Avid Life Media], you promised secrecy but didn’t deliver.” (Source: Wired)

So far, the only “cheating dirtbag” that I’ve seen outed is the hypocritical Josh Duggar, the scion of the smarmy Duggar Family of reality TV renown. Last spring, it was revealed that, as a teenager, he had molested his younger sisters, which put the kibosh on the family’s reality TV show, as well as on his career as a lobbyist for the Family Research Council. And now he has admitted that, although he is the married father of four (including a newborn), he was doing some pay for play on Ashley Madison,

While there is always some satisfaction when a latter-day Elmer Gantry gets his comeuppance, I have to say that I hope that the hackers are identified and prosecuted,

As for Ashley Madison, I hope that they have good insurance. I understand why they didn’t want to pay off a blackmailer, but their security was clearly lacking.

What a world we live in!

No comments: