Wednesday, January 26, 2011

Facebook plays the hero in Tunisia

Alexis Madrigal at The Atlantic reports on Facebook's reaction to an attempt to steal all of the Facebook logins in Tunisia.


It took a while to figure out what was happening. The problem was that the Tunisian government was stealing the usernames and passwords. Facebook was able to solve the problem and protect it's users identities. But the solution was susceptible to a basic fact of the internet - the solution required using https, and ISP's can force the use of http. After solving the problem of Tunisian password theft Joe Wallace, Facebook's Chief Security Officer, noted:


When you step back and think about how Internet traffic is routed around the world, an astonishing amount is susceptible to government access."

It is really astonishing. And safe guards need to be in place to protect us from government betrayal like the citizens of Tunisia experienced. Earlier today I saw a tweet earlier today saying that we don't need government regulation to solve our internet privacy issues. I'm afraid I have to disagree. If the biggest threat to our privacy online is the government, the only way to protect our privacy is regulations that bind the government. It is setting the fox to watch the henhouse, but the only way to limit governments invasions of our privacy is have rules protecting it. Although large companies like Facebook can help.