Tivo: a privacy problem? No. Not at all. Why do you ask?
|We've had some
pretty good time, laughing at DoubleClick
who told every journalist on planet earth that its servers were fine, thank you, although
many of them were vulnerable to basic hacking techniques, that logins and passwords were
accessible from the outside world and that a trojan horse was planted for 2 years (or less
who knows...) in one of its coporate server.
Who want to laugh with another website the Privacy Foundation recently put on newspaper headlines (Tivo)?
This company deals some kind of "intelligent" VCR, and collect a fair amount of private datas about how the VCR is used. Mmmhhh... personal datas. Alone in the dark, lost among an obscure server more or less connected to the internet... They scream, and scream, and scream... How is it possible that "personal datas" can be collected by third parties ? Can't they read ? These data are personal !!!
Following the Privacy Foundation advisory, Matt Zinn, TiVo's chief privacy officer, told the press : "We don't disclose personally identifiable information as a matter of policy, and we won't as a matter of policy".
Great. After our article, I guess we'll have another declaration like "this (development) server was totally diconnected from production databases and nobody could ever access to our production environment"...
Well. Surfing upon Tivo's website (the www.tivo.com development server which is not connected to the production environment), we discovered that a good old bug, well known since it was released one year ago, authorize netizens to access to all of the logins and passwords within seconds...
Privacy'll wait (for the patches)...
About the privacy problems at TiVo:
Nous envoyer des commentaires
By la page de le Feed-Back
Sommaire général du site
On s'en fout!
|Les dossiers :
Le monde fou des Admins
Le hack le plus bizarre
Guerre de l'info
Convention contre la cyber-criminalité
sur le site
...et sur le Net
D'autres choses du Ouèb