Here are articles on privacy

Skype is better, but still problematic

My article on Skype exposing address books to the world has gone mini-viral. Written in 2017, it’s gotten dozens of citations in early 2019. A reporter approached me, asking if the problem still exists. After doing some research, here’s what I’ve found.

Microsoft’s article is incorrect (probably by accident)

Microsoft explains how People You May Know suggestions are generated in this article. At the time of this writing (February 14, 2019), the article is incomplete. The article claims you or the contact must both take action to be visible to each other through People You May Know. For example, you must add each other in your address books. Or you must exchange an invite and acceptance.

Microsoft doesn’t mention the problem case: mutual connections

The problem case exists, but is not listed here: if you have a mutual connection, then you’ll show up in each other’s People You May Know list. The mutual connection is someone who fits the you-both-take-action criteria.

So if Sam is connected to Ash, and Ash is connected to Stacy, then Sam and Stacy will show up in each others’ People You May Know list even though they’ve never taken any action with respect to each other.

Sam and Stacy will see each other without a direct connection

Deleting Still Doesn’t Solve The Problem

I deleted all my contacts. Skype is still suggesting dozens of people. I don’t know any of them. As mentioned on Microsoft’s list above, Skype remembered my past connections and is still suggesting their people to me. I don’t know any of these suggested people, but now I know one of my prior contacts knows them.

This no longer works for strangers, thank goodness

When I first found this issue (Dec 2017), I created a new test account. Browsing a stranger’s profile was enough to get suggestions of people with the same last name who looked the same (presumably family members). As of today (Feb 2019), it seems like Microsoft has reined this in a bit … from my very brief testing, it seems you need a common contact to start the suggestion engine.

I still consider this a security problem, though not as bad as it was before.

You can only figure out the contacts of someone you are or have been connected with. You can’t do it to a complete stranger, you need to have one contact—invite, connection, or chat—with them first. This isn’t as big a hurdle as you might think.

Journalists still shouldn’t use Skype

Journalists beware! If you’re a journalist, using Skype can compromise your sources. JournalistChris interviews source LittleSnitch on Skype. If JournalistChris later interviews source MafiaDon, MafiaDon will have LittleSnitch suggested as a contact. After all, they both have you as a mutual contact. If MafiaDon knows about this bug, then MafiaDon may agree to Skype with you precisely to see if LittleSnitch then shows up on MafiaDon’s People You May Know list. You really don’t want MafiaDon knowing you’ve been talking with LittleSnitch.

Even with strangers, you can get some information. When you browse random profiles, Skype will tell you how many mutual contacts you have. If you only have a few contacts in Skype, you can guess with some certainty who the mutual contact is.

if MafiaDon did your interview and then immediately looked up LittleSnitch‘s profile, MafiaDon would see that they have one mutual connection—you. That might be enough to tip off MafiaDon that LittleSnitch has been talking to the press.

Lawyers and Consultants, you beware too

The problem I outline for consultants and lawyers in my article remains. If you’re BankruptcyLawyer and you chat with MicrosoftCEO, then later chat with LogitechCEO, LogitechCEO will start seeing MicrosoftCEO as a suggested contact. LogitechCEO might even Skype with you deliberately to see who else gets suggested after the chat.

Indeed, you can imagine someone doing this very deliberately. If EvilBoy seriously wants to do research they could do this:

  1. EvilBoy creates a new skype account, live:innocent_journalist2
  2. EvilBoy approaches BankruptcyLawyer and says “I’m a journalist. I wish to interview you for an article. Connect to me on Skype as live:innocent_journalist2
  3. EvilBoy interviews BankruptcyLawyer
  4. Because BankruptcyLawyer is now the only contact in the live:innocent_journalist2 account, the People You May Know will suggest BankruptcyLawyer’s contacts to EvilBoy
  5. Furthermore, EvilBoy can now look up anyone’s profile on Skype and see if they have a mutual contact. If so, they know that person is in BankruptcyLawyer’s addressbook

This requires a concerted effort on the part of EvilBoy, and it also requires that BankruptcyLawyer add EvilBoy as a contact, accept a connection request from EvilBoy, or chat with EvilBoy at least once.

This Can Still Be Awkward Personally

This is still a problem. Let’s say Ashley uses Skype to meet people for online dating. Ashley might answer personal ads and chat with Syd and Alex. Ashley probably doesn’t want Syd and Alex to start showing up in each other’s contact lists. That could be awkward, especially if one (or both) of the relationships goes farther than a Skype chat. It seems like the privacy problems here are pretty evident.

In summary: the hurdle has risen since I wrote that article. Instead of being able to reverse engineer a stranger’s address book, you can only reverse engineer someone you’re connected to or have chatted with. Once. EvilBoy can still use Skype to work mischief, but now it takes a bit more work. For some people, this may still be too much of a privacy breach from a product that was founded on the premise of confidentiality.

The ongoing joke that is Silicon Valley Privacy

SnapChat just revised their privacy policy. I decided to read it. It looked pretty good. Then I got to the section How We Use Your Information. How does SnapChat use the information? To provide services. To communicate with me. To monitor trends. And so on.

The final bullet point? Carry out any other purpose for which the information was collected.

In other words: SnapChat has no privacy policy, and places no limits on what they can (and presumably will) do with your information.

Google’s privacy policy is similar. It sounds really grand, but if you read it carefully, in critical areas it exempts Google from any actual restrain on behavior by including similar clauses to the SnapChat clause.

Please face it: Silicon Valley, that supposed bastion of libertarian respect for individual rights, is no such thing. It’s a collection of disingenuous, deceptive, liars who are happy to write multipage privacy policies for PR purposes, which have no teeth whatsoever.

Be very, very careful of anything you put on a computer you don’t own. And I’m sure that the license agreements we agree to when we buy our computers and install Windows or Mac OS X will contain similar escape clauses if they don’t already.

If a policy does not have genuine, real teeth (“Corporation agrees to pay $1,000 for every violation of our privacy policy”), then over time, all such policies that supposedly protect consumers will be eroded. It seems to be a natural law, and it makes me believe more and more in regulation. I would rather slow progress than have process come at the expense of the well-being of consumers. Business was invented to serve us, not the other way around.

Corporations seem to be nothing if not explicitly immoral. It is very sad to watch.

Betrayal of Users. Market forces just don’t work.

Chuckle. I deleted WHISPER because it was vapid beyond all belief, and not particularly interesting. It turns out that the stuff people say if they’re anonymous is droll, predictable, and mainly drivel. Except … it turns out that Whisper was tracking people after all, even the people who had asked not to be tracked. I think this is hilarious! To those who think “the market’ will eventually take care of our privacy, this is yet another example of … NOT!

Read the Guardian article about the little violation of user privacy Whisper engaged in:

Many of my friends believe there’s this invisible thing called “the market” that will magically provide us what we need to be safe as a society. I just don’t buy it. “The market” encourages all businesses to exploit every possible opportunity for profit, including those that are ethically gray or downright evil, as long as they’re legal. Whisper, it seems, is no exception.

Sign in using…

I just went to ScreenR to try out this download-less screencasting site. It requires me to log in using my Google, Twitter, LinkedIn, etc. account. Creating a separate account on isn’t possible.

Am I the only one who is vaguely disturbed by this? This puts Google, Yahoo, etc. in the position of having an accumulated list of all the sites I use and the login credentials I use to access them. I simply don’t know if I want every site I use, every email I receive, and every person I contact conveniently located in a single database. While I’m not particularly worried about Google or Yahoo, history is full of cases of databases being hacked, stolen, or subpoena’d by people and groups that have political or social agendas.

For those who think such things just don’t happen in America, as recently as 2004 administration, congressional aides hacked into the opposing party’s computer files and leaked them to the press. Never mind the “outing” of CIA agent Valerie Plame as a political maneuver designed to put pressure on her husband.

So I’m cautious. We’re putting more and more of our personal, private information into the hands of fewer and fewer companies. Do I want to log in using my Google account? No. I want to log in using credentials that connect only to that web site. Sadly, that’s becoming a rarer option.