One-to-One
News
12/15/2006
05:50 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

MySpace Beefs Up Security; More To Come, CSO Says

The popular social networking site is taking steps to protect its young users.

The troubling headlines are everywhere. Girl, 15, runs away with MySpace acquaintance. Man met alleged victim on MySpace. Teen pleads guilty in MySpace threats case.

Never know who you'll meet next

Never know who you'll meet next

Photo by Nicholas Kamm/AFP
The popular social networking site is taking steps to protect its young users with a bold new program to stop child predators. MySpace has hired online identity and background verification company Sentinel Tech Holding to build a database and search technology that will let newly dedicated, full-time MySpace staffers find and delete profiles of registered sex offenders. They'll use identifying information including name, age, height, and eye color to weed them out. The database will aggregate data on 595,000 sex offenders otherwise isolated in 46 different registries.

Chief security officer Hemanshu Nigam, who joined MySpace last spring from Microsoft, hopes the database can be used by the rest of the social networking industry. "We saw this really gaping hole here," Nigam said last week in an interview.

The concept, however, is unproven. It's not clear how well technology for matching physical characteristics of sex offenders with photos works. And the database won't include unlisted child predators. "Most of the people who are molesting children online are not registered sex offenders," says online child safety advocate Parry Aftab of WiredSafety.org.

Connecticut Attorney General Richard Blumenthal applauds the effort but says any safety program without some form of age verification for new members would be ineffective. MySpace uses algorithms to analyze profiles and determine if members are lying about their age, and it deletes 30,000 underage profiles a week. The company continues to assess other age verification technologies, Nigam said.

MYRIAD THREATS AND RESPONSES

The database is the second significant safety measure instituted by MySpace since Nigam, a former federal prosecutor, joined the company. In June, MySpace created a policy that members older than 18 can contact younger members only if they know the child's full name or e-mail address. This change came soon after MySpace was sued for $30 million by a 14-year-old and her mother who accused a 19-year-old the girl met online of sexually assaulting her. Nigam said one or more new initiatives will be announced in January.

Lawmakers are cracking down as well. Virginia Attorney General Bob McConnell last week said he will push for the creation of a database of registered sex offender e-mail addresses and instant message user names. At the federal level, an upcoming effort from Sens. John McCain, R-Ariz., and Chuck Schumer, D-N.Y., would create a national registry similar to the one proposed by McConnell.

MySpace is dealing with other threats. In June, a banner ad may have infected a million of its users with adware. More recently, a worm took advantage of a flaw in Apple's QuickTime media player to change user profiles and add links to fake Web sites. The cross-site scripting attack uses JavaScript to manipulate code or steal data. RSnake, founder of ha.ckers.org and sla.ckers.org, says social networking sites are petri dishes for testing cross-site scripting attacks.

MySpace works with application vendors like Adobe and Apple to ensure security and get fixes to users when necessary. Nigam said he has reached out to Apple in the most recent attack. MySpace investigative teams work with law enforcement to identify attack sources.

Unfortunately, incidents keep making headlines. There's the recent account of an Ohio man accused of posting video on MySpace depicting the attack and rape of a 14-year-old boy. But with its latest efforts and more on the way, MySpace should become a safer place.

with Kelly Jackson Higgins

Comment  | 
Print  | 
More Insights
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Dec. 9, 2014
Apps will make or break the tablet as a work device, but don't shortchange critical factors related to hardware, security, peripherals, and integration.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of December 14, 2014. Be here for the show and for the incredible Friday Afternoon Conversation that runs beside the program.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.