05:50 PM
Connect Directly

MySpace Beefs Up Security; More To Come, CSO Says

The popular social networking site is taking steps to protect its young users.

The troubling headlines are everywhere. Girl, 15, runs away with MySpace acquaintance. Man met alleged victim on MySpace. Teen pleads guilty in MySpace threats case.

Never know who you'll meet next

Never know who you'll meet next

Photo by Nicholas Kamm/AFP
The popular social networking site is taking steps to protect its young users with a bold new program to stop child predators. MySpace has hired online identity and background verification company Sentinel Tech Holding to build a database and search technology that will let newly dedicated, full-time MySpace staffers find and delete profiles of registered sex offenders. They'll use identifying information including name, age, height, and eye color to weed them out. The database will aggregate data on 595,000 sex offenders otherwise isolated in 46 different registries.

Chief security officer Hemanshu Nigam, who joined MySpace last spring from Microsoft, hopes the database can be used by the rest of the social networking industry. "We saw this really gaping hole here," Nigam said last week in an interview.

The concept, however, is unproven. It's not clear how well technology for matching physical characteristics of sex offenders with photos works. And the database won't include unlisted child predators. "Most of the people who are molesting children online are not registered sex offenders," says online child safety advocate Parry Aftab of

Connecticut Attorney General Richard Blumenthal applauds the effort but says any safety program without some form of age verification for new members would be ineffective. MySpace uses algorithms to analyze profiles and determine if members are lying about their age, and it deletes 30,000 underage profiles a week. The company continues to assess other age verification technologies, Nigam said.


The database is the second significant safety measure instituted by MySpace since Nigam, a former federal prosecutor, joined the company. In June, MySpace created a policy that members older than 18 can contact younger members only if they know the child's full name or e-mail address. This change came soon after MySpace was sued for $30 million by a 14-year-old and her mother who accused a 19-year-old the girl met online of sexually assaulting her. Nigam said one or more new initiatives will be announced in January.

Lawmakers are cracking down as well. Virginia Attorney General Bob McConnell last week said he will push for the creation of a database of registered sex offender e-mail addresses and instant message user names. At the federal level, an upcoming effort from Sens. John McCain, R-Ariz., and Chuck Schumer, D-N.Y., would create a national registry similar to the one proposed by McConnell.

MySpace is dealing with other threats. In June, a banner ad may have infected a million of its users with adware. More recently, a worm took advantage of a flaw in Apple's QuickTime media player to change user profiles and add links to fake Web sites. The cross-site scripting attack uses JavaScript to manipulate code or steal data. RSnake, founder of and, says social networking sites are petri dishes for testing cross-site scripting attacks.

MySpace works with application vendors like Adobe and Apple to ensure security and get fixes to users when necessary. Nigam said he has reached out to Apple in the most recent attack. MySpace investigative teams work with law enforcement to identify attack sources.

Unfortunately, incidents keep making headlines. There's the recent account of an Ohio man accused of posting video on MySpace depicting the attack and rape of a 14-year-old boy. But with its latest efforts and more on the way, MySpace should become a safer place.

with Kelly Jackson Higgins

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of October 9, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll