AllThingsD » hacker

FBI's "Sabu" Hacker Was a Model Informant

Chad Bray — Fri, 09 Mar 2012 08:06:16 +0000

As soon as he was caught, an influential computer hacker agreed to become a government informant and “literally worked around the clock” to help federal agents nab an elusive collective of alleged cyber criminals who have launched online attacks against companies, governments and individuals.

The new details, revealed in court documents made public on Thursday, show how quickly investigators were able to turn 28-year-old Hector Xavier Monsegur against his fellow alleged hackers.

Read the rest of this post on the original site »

Exclusive: Randi Zuckerberg Leaves Facebook to Start New Social Media Firm (Resignation Letter)

Kara Swisher — Wed, 03 Aug 2011 20:23:14 +0000

Randi Zuckerberg, who is director of marketing at Facebook and also the sister of CEO and co-founder Mark Zuckerberg — is leaving the company after six years to start a new media firm to help companies become more social.

In her resignation letter, which is below in its entirety, Zuckerberg said:

“I have spent my years at Facebook pouring my heart and soul into innovating and pushing the media industry forward by introducing new concepts around live, social, participatory viewing that the media industry has since adopted. We have made incredible progress, but there is still much to be done and other ways I can affect change. Now is the perfect time for me to move outside of Facebook to build a company focused on the exciting trends underway in the media industry.”

Facebook confirmed the departure and in a statement said: “We can confirm Randi has decided to leave Facebook to start her own company. We are all grateful for her important service.”

There was no comment from Mark Zuckerberg directly.

The company Randi Zuckerberg is creating is apparently called RtoZ Media, which is obviously a play on her name.

The move is likely to be much noticed, since Randi Zuckberberg has been at Facebook since its early days and has also been a high-profile and charismatic personality both inside the social networking company and in Silicon Valley.

She has been on maternity leave for the last three months, after having her first child, and sources said she has told them that being away from the rapid-fire pace at Facebook has given her time to reflect on what she wants to do in the next phase of her career.

Presumably, leaving Facebook will give Zuckerberg greater freedom to work for a range of companies without a conflict. That said, it’s unlikely she’ll take on Google+ as a client.

Zuckerberg is certainly going out on a high note — she was recently nominated for an Emmy award in the category of live coverage of a current news event for her work on “Facebook Live,” a real-time news show she created and hosted for the company.

Zuckerberg, who is definitely not a geek like her brother, noted in her letter to Facebook COO Sheryl Sandberg and communications head Elliot Schrage: “I am thankful for the strong mentorship, guidance, and support, which is empowering me to follow my dreams and show that you don’t have to be an engineer to be a hacker.”

Here is the letter and also a video I did with her last year when Zuckerberg was covering the Golden Globes in Beverly Hills for Facebook early last year:

Randi Zuckerberg Letter 8.3.11

[ See post to watch video ]

Sued Playstation Hacker and iPhone Unlocker Joins Facebook

Liz Gannes — Mon, 27 Jun 2011 16:38:01 +0000

George Hotz, the young hacker who unlocked the iPhone and jailbroke the Sony PlayStation 3, has taken a job at Facebook, reports iPhone Download Blog. Known as “GeoHot,” Hotz was sued by Sony for copyright infringement and violation of the Computer Fraud and Abuse Act, and settled with the PS3 maker in March.

Gawkergate Password Mess Was Two Years in the Making

Arik Hesseldahl — Thu, 30 Dec 2010 23:32:18 +0000

Gawker was told about the flaw in the method it used to store user passwords to its commenting system more than two years before it was hacked, the Guardian’s Charles Arthur reports.

A Gawker user posted a message on Get Satisfaction and received a promise to “improve it,” though no such improvement ever took place.

Well, we know how that turned out. A hacker group called Gnosis gained entry not only to the commenting system, but also to pretty much everything the Gawker team used to run its collection of sites.

Gawker was hacked. Gawker founder Nick Denton apologized. But the damage wasn’t limited to Gawker and its users.

Soon Twitter and LinkedIn were dealing with hacking attacks on their sites. Then Yahoo and World of Warcraft developer Blizzard forced users to change their passwords. And finally the collateral damage reached all the way to the New York Times.

We also learned that many of the people whose passwords were disclosed used simple ones. Topping the list: “123456.” And we all learned a little about the dangers of using the same password everywhere.

No comment yet from Denton, although I’ll certainly update if I hear back from him.

And in case you didn’t pay enough attention to all this, and why it’s not a good idea to share passwords across multiple sites, here’s a great cartoon from XKCD that illustrates the dangers:

The Gawker Hack Ripple Hits LinkedIn

Peter Kafka — Tue, 14 Dec 2010 17:37:48 +0000

Gawker Media is still cleaning up the mess left by a hacker attack this weekend, but now other sites have their own work to do. That’s because Gawker commenters who had their logins and passwords exposed may have used the same combinations on other sites, creating more headaches.

Example 1: Twitter saw a rash of promotional tweets for a bogus berry weight-loss product, the result of a security breach thought to be connected to the Gawker break-in.

Example 2: LinkedIn has temporarily disabled the accounts of any users whose email addresses turned up in the public database of hacked accounts. It’s asking those users to reset their passwords.

LinkedIn PR guy Hani Durzy says the move, which started yesterday afternoon, has only affected a “small fraction” of LinkedIn’s 85 million members. He says the social network made the decision proactively, not because it had any evidence that any accounts had been misused; LinkedIn now has a blog post on the topic.

Some context/math: Gawker has said it has had to notify users of 1.5 million email addresses to change their passwords following the break-in.

If, for argument’s sake, half of those emails belonged to LinkedIn users, that would be less than one percent of the company’s user base. And likely much less: For some reason I have two emails connected to my single LinkedIn account. And both were exposed during Gawkergate, so I got two emails this morning.

No real debacles so far, but that doesn’t mean we won’t see them. Who’s next?

Nick Denton "So Very Sorry" About Giant Gawker Media Hack

Peter Kafka — Mon, 13 Dec 2010 18:56:46 +0000

It takes something pretty catastrophic for Nick Denton to apologize in public. So mark this one down: The Gawker Media owner says he’s “so very sorry” about the hacking attack that exposed some 1.5 million of his readers’ passwords.

Denton being Denton, he made his mea culpa in a relatively obscure corner of his blog network–an open comments thread with Gawker readers. And if you had a bit too much of the wrong kind of skepticism, you might think that this photo Denton posted to the thread was a bit cavalier:

But nope, says Denton. That’s real contrition: “Okay, here you go. That’s me on the left and Tom Plunkett, our CTO, on the right. We’re looking appropriately glum. It didn’t take any acting.” (Also worth noting that Denton was responding directly to a reader request for “a photo of yourself wearing a dunce cap or something of that nature. With a big ‘I’m sorry’ sign.”)

In more important news: Denton’s sites, which stopped posting yesterday afternoon as a result of the attack, are now back up again. And if you’ve ever left a comment on one of the sites, you should go there and change your password, then do the same at any other site where you’ve used the same login/password combo.

A few other notes:

Gawker Media says that readers who used Twitter or Facebook logins to leave comments on the blog network haven’t been affected. But people who used the same login on Gawker as they have on Facebook or Twitter may very well be in trouble. Which may be one reason so many Twitter users I know are now promoting a bogus weight-loss berry.
There’s a Google document that contains some of the hacked email/login info, and something called Hint has been emailing some hacked commenters with a reminder to change their passwords. (Who are they? Why do they want to associate their yet-to-launch site with a security breach? Anyone?) But not finding your info on the document and not getting an email doesn’t mean you don’t have a security problem. Play it safe and change your password now, regardless.

PayPal Races To Fix IPhone App Security Flaw

Spencer E. Ante — Wed, 03 Nov 2010 21:45:57 +0000

Internet-payment provider PayPal said its iPhone application contained a security flaw that could allow a hacker to access users’ accounts and has rushed out an update to correct the problem.

The hole stems from the app’s failure to confirm the authenticity of PayPal’s website when communicating over the Internet–a basic lapse that the security researcher who found the flaw said would allow someone to intercept passwords from unsuspecting users.

PayPal spokeswoman Amanda Pires said the eBay Inc. unit verified the vulnerability Tuesday night and has fixed the problem after being notified by The Wall Street Journal. PayPal sent the fixed version of the app to Apple Inc.’s App Store. “To my knowledge it has not affected anybody,” Ms. Pires said. “We’ve never had an issue with our app until now.”

A hacker would need skill and luck to make use of the vulnerability, which only affects users of the iPhone app connecting over unsecured Wi-Fi networks. It doesn’t affect the company’s Android app or users of the PayPal.com website.

Read the rest of this post on the original site

Australian Teenager Unwittingly Unleashed Twitter Chaos

Beth Callaghan — Wed, 22 Sep 2010 17:05:59 +0000

Pearce Delphin, a 17-year-old high-school senior who lives with his parents in Melbourne, admitted Wednesday morning to tweeting the piece of “mouseover” code that wreaked havoc on Twitter’s system on Tuesday. He told AFP via email that he did it “merely to see if it could be done…that Javascript really could be executed within a tweet,” but it was soon seized upon by hackers with mischief in mind. “Hopefully I won’t get in trouble!” he added.

Microsoft's Steve Ballmer and Ray Ozzie Live at D8

John Paczkowski — Thu, 03 Jun 2010 15:17:47 +0000

As an indicator of the headwinds facing Microsoft and its CEO, Steve Ballmer, today, two pieces of news last week are worth considering. The first, that Apple (AAPL) had overtaken Microsoft as the world’s most valuable technology company, would seem to signal that Microsoft (MSFT) is no longer quite the driving force in technology it once was, particularly in the consumer space. The second, word of a restructuring that will give Ballmer greater oversight of Microsoft’s Entertainment and Devices Division, indicates that the company is scrambling to change this.

The enterprise space, though, is a different story, as Chief Software Architect Ray Ozzie, who joins Ballmer onstage today, will tell you. In enterprise, Microsoft is still the undisputed leader, though here, too, the company is under attack by new on-demand computing services from formidable rivals like Google (GOOG) and Amazon (AMZN).

Full video is below, followed by the liveblog:

[ See post to watch video ]

Liveblog

8:09 am: Stay tuned. This morning’s interview will begin soon.

8:16 am: Before the main event, a few introductory remarks from Wall Street Journal Managing Editor Robert Thomson. Obligatory Steve Ballmer hoodie joke.

8:17 am: Thomson talking about Australia’s contributions to the technology industry. His top example: The Ugg boot, which solved Australia’s sheep overpopulation problem.

8:18 am: Thomson now drawing parallels between “Harry Potter” characters Harry/Hermione and Walt/Kara.

8:20 am: Walt takes the stage with a faux wand: “Expelliarmus!”

8:21 am: Ballmer and Ozzie take the stage.

8:21 am: Neither is wearing a hoodie.

8:22 am: This is Ozzie’s first appearance at D. Ballmer’s a veteran.

8:22 am: A first question for the pair: Where do you think the economy is these days?

Ballmer: I would say in the developed world, things have come off the lows for sure. I think our industry is even more revved up than others. But we’re in a good product cycle that has propelled the market. We’ve seen some comeback in business spending. What’s the old adage? Burn me once, shame on me [pause]–whatever it is. At least for now, we continue to see developed countries coming back. Emerging markets are a bit different.

Ballmer talks for a moment about China and intellectual property protections there, which are obviously problematic.

8:25 am: Walt asks about the cloud and the transition from the desktop. Microsoft has been the dominant company in local clients, but now you’ve said you’re “all in” in the cloud. What sort of opportunity is this?

Ozzie: I can’t remember a time when it’s been so exciting from the perspective of so many transitions happening concurrently. Now we’ve got everybody connected on the Internet…all devices connectible on the Internet. Now we’ve got companies around the industry coalescing around standards-based ways for storing data. We’re at a shift in the enterprise space and how it manages IT.

Ozzie talks about sharing-based operations in enterprise computing. How does the mobile phone connect to these scenarios? The real opportunity for us is how do we re-pivot to the cloud and make all these devices connect to the cloud.

8:29 am: Ballmer jumps in and notes that almost all players in the business believe the desktop will be important for some time, despite all that we’re hearing about the cloud and HTML5. At the end of the day, the world we’re talking about is driven from the cloud out, but it’s smart cloud talking to smart devices and apps that are controlled locally.

8:31 am: More from Ballmer–The experiences people want will almost always require some device with a reasonable amount of storage and graphics ability. The trend today is all about getting smarter on the client, not getting thinner on the client.

8:32 am: Ozzie says that regardless of what the device is, applications will feel more cached than installed, thanks to the cloud.

8:32 am: Walt–So the cloud isn’t a threat to you?

Ballmer: There’s nothing bad for us in the trend. It’s all good. But it’s a transition and as such, it’s a period of tumult. So we need to be smarter and more vigilant. But not because we’re moving from a world that’s fundamentally good for us to a world that’s not. We’re moving from a world that’s good for us to a world that’s potentially even more good for us.

8:34 am: Walt–Who’s your competition today?

Ballmer: The main ones are folks that people would guess: Google, Apple, Oracle (ORCL), VMware (VMW). And of course, we still always have the things that come out of Open Source–Linux, etc.

8:35 am: Walt asks about synching. He describes it as an unmet need. People need to synch their stuff across multiple devices, sometimes cross-platform. Why isn’t this just built into things today?

Ozzie: Right now one core synch tech is built into most devices these days. It’s called OpenSync. Synch is hard, but it’s a straightforward engineering task. What’s transpiring on the Net is unusual, because we’re spreading our data all over the Web. But we don’t really have a conceptual model for this that’s as clean as those of the past. I think at a high level, what we all want is how are we going to agree as an industry on some meta-data ways of how and where I keep my data. I don’t think we’ll end up in a world where all our data is stored in a single place.

8:39 am: Walt pushes ahead. Notes Zuckerberg’s appearance last night and the privacy implications of this.

Ballmer: There’s an innovation problem here. If you want to share some things and not share other things, you can wind up with something at a complexity level that people don’t want to or can’t engage. Getting the UI right is an innovation challenge.

8:41 am: Walt follows up, asks if competitors are coming together on a standard level.

Ozzie says they are, but not at an “experience level.”

8:41 am: Ballmer–Companies are going to try to get a differential advantage here and that means users are going to struggle with the privacy model for their information. Remember the cookie debate? Consumers didn’t understand what the cookie was. So how do you craft the discussion around issues like these so that they do?

8:43 am: Ozzie on privacy in the cloud–Businesses want to know that we’re not looking at their data. We’ve got to be very clean about this.

8:44 am: Ballmer–I think that the notion that there are different tastes in privacy and there are different opportunities to commercialize this is important, but there’s got to be a dialogue with the customer; the customer has to be allowed to make the choice.

8:45 am: Ballmer talks a bit about the differences between the consumer cloud and the enterprise cloud.

8:46 am: Walt recalls Tuesday evening’s Steve Jobs interview. Steve thought we’re on a course where fewer people will be using PCs and more portable devices (like the iPad). What do you think?

Ballmer: I think that people are going to be using PCs in greater and greater numbers for years to come. But I think PCs will look different…they’ll evolve. They’ll get smaller…they’ll get touch…their innards will change. The real question is, “What is a PC?” Nothing that’s done on a PC today will get less relevant tomorrow. I think there will exist a general-purpose device that does anything you want, because people don’t want multiple devices, or can’t afford them. I think the PC as we know it will continue to morph in form factor. So the real question is: Where do you push? Ballmer notes Jobs’s truck metaphor and says, “Windows machines will not be trucks.”

8:50 am: Walt circles back, notes that Ballmer uses the term “PC” to include things that most people don’t think of as PCs. Is the iPad a PC?

Ballmer: Of course it is. What do you do on it? Answer email. A guy tried to take notes on it at a meeting I was at yesterday–that was interesting [chuckles from the audience]. He suggests that the positioning of devices like the iPad as something beyond the PC is just a marketing tactic.

8:52 am: Walt talks a bit about Microsoft’s history in tablets. What’s the company doing in this area these days? Are there going to be tablets that look like the iPad that run Windows?

Ballmer: Sure. You’re going to have a range of devices over time that are light and don’t have a keyboard and will run Windows. Depending on what you want, there will be devices that offer a similar experience to Windows. There will be others that will be more customized, more optimized. This will be a real competitive form factor of innovation. We will, with our partners, drive innovation in form factor. Windows Phone, for example. Apple has chosen to do this as well.

8:55 am: Still more from Ballmer–Some people will want to have two different devices for two different purposes. But there has to be an option for an integrated device. The bulk of the market is going to stay with general-purpose devices.

8:57 am: A question for Ozzie–Do you think the tablet will have mass appeal this time around?

Ozzie: I think there’s going to be success in a number of form factors–in the pad form factor, in the tablet mode. I think there will be appliance-like screens that will be in our living rooms. This isn’t science fiction anymore; it’s possible. There are certain fundamental differences in productivity in consumption and creation experiences, though. Both must exist on these devices.

8:59 am: Ballmer says Microsoft and Apple will eventually “run into each other” in the market. Is the iPad really that different from the PC? No, it’s just a different form factor. The Mac’s got minimal market share; iPad’s got a surge of momentum. The race is on.

9:01 am: Walt–I think the Mac, while still at a low market share, has done pretty well for Apple.

Ballmer: Apple had a heck of a quarter last quarter, but their market share remains the same. He seems to suggest that the debut of the iPad is a signal that the Mac is going away. PCs running Microsoft software are not.

9:02 am: Conversation shifts to talk of the mobile space. Where are you now?

Ballmer: We had a good longtime employee who wanted to retire and he’s going to do so. And it doesn’t make sense to replace him. On the phone side of the business, we learned the value of excellent execution. We were ahead of this game and now we find ourselves No. 5 in the market. We missed a whole cycle. I’ve been quite public about the fact that I’ve made some changes in leadership around our Windows Phone software. We had to do a little clean-up. The excellence in execution is an important part of innovation. We’re driving forward in the phone business. But this is a very dynamic business; the market leaders here have shifted over twice in the past few years, and that’s an opportunity for us. So we’ve got to have great ideas and we’ve got to execute consistently.

9:05 am: Walt asks about rivals in the mobile space? Let’s talk about RIM (RIMM).

Ballmer: They’re obviously a good competitor. There’s this old myth that they’re primarily an enterprise company, but they’ve done quite well in the consumer market. As a general-purpose tech platform, RIM has less robustness than its competitors, but there’s a reason they’ve got such a huge following.

Walt: What about Nokia (NOK)?

Ballmer: I know they’ve got this huge global market share. But being in the U.S. skews your perspective because they’ve got such small share here. On the software side, they’re also trying to get their act together.

Walt: Apple?

Ballmer: They’ve done a good job of coming from nowhere a few years ago. They’ve done the best job on the browser. People focus on the apps, but the browser is really the thing that has distinguished their phones from others.

9:09 am: Ballmer–The irony of the situation is that the Internet was designed for the PC and then reoptimized for the PC. And partly what everyone’s trying to do with the phone is say, “Okay, I’m not a PC, I’m a phone–how do I plug into this?” So rivals like RIM that don’t have a PC business may be at a disadvantage. Or they may have better perspective.

9:11 am: Walt asks the pair’s thoughts on Google and its advances in mobile, tablets, etc.

Ballmer: On the phone, Android’s a real competitor. On the larger screen devices, who knows? I don’t know that these Android-based things will matter. But I don’t know that they won’t either. I don’t really understand why Google has to have two different mobile operating systems. Chrome? It’s like two, two, two operating systems–but they’re not in one! You want to know about Chrome, talk to them. (An odd comment to make considering Microsoft has at least 3 mobile operating systems that I can think of: Windows Mobile 6.x, Windows Phone OS 7.0, and whatever it’s got running on the Kin)

Ozzie: On the Android-versus-Chrome issue, Android is a bet on the past; Chrome is a bet on the future. When you install an app, you’re targeting a device. When you use Chrome, you’re looking at a cloud-based future.

Ballmer: So why do two? Why not focus on one? Having two OS’s is confusing. You need coherence.

Walt: Well, you have OS variations, don’t you?

Ballmer concedes this, but notes that Microsoft also has coherence. Do one. Make a bet and pursue it.

9:16 am: Walt–How is Bing doing against Google?

Ballmer: Well, we launched only a year ago, but we’re the first search engine to gain market share in a long time…but this is a long game. We’re up 54 percent in unique users year over year; our demographics are good. We overindex with younger crowds. We’ve done a lot to establish a name and to make a good product that delivers relevant results. But I think we have our work cut out for us in a battle with a very large behemoth.

Walt: Wait. You’re calling someone else a behemoth?

Ballmer chuckles, remarks on the Yahoo (YHOO) deal, notes that search is a scale business. Scale is important for improvement in product quality. The Yahoo deal will help with this, he says.

9:19 am: Walt–Is Microsoft taking an app ecosystem approach with Bing?

Ozzie says that it is. Suggests that the company is developing it with a plug-in architecture in mind. Talks about layering.

Ballmer: Rarely when you search do you want to search. You’re not looking for a list of Web sites. You want to find the Web site you’re looking for. You want to do something. If we can help the user take actions more quickly, that would be a great breakthrough.

Walt: You really could have a good encapsulate app in Bing.

Ballmer: That is what we have. The question is, is that extensible?

Q & A

Q: Is Apple right to dismiss the stylus?

A: Ballmer–We do think people want to take notes and draw. What’s the best way to do that? Well, there are different ways to do that and we’ll support them all. Today, we offer devices that do use a stylus. I certainly believe that people do want to take the things that they do today with pencil and paper and do them with new technologies.

Ozzie: The software here has not kept up with the hardware. With touch, we haven’t yet even figured what the control architecture should be. There will be slates you use a stylus on, there will be others that you use touch, etc.

Q: Talk about your degree of comfort in following the law in China. And how are you dealing with the security issues there?

A: Ballmer–Do we think there are hackers everywhere, including China? Yes. Are there professional hackers everywhere? Yes. Do we think that almost every government employs people to read things that they shouldn’t? I don’t know, but I suspect they do. I don’t find any of this amazing.

When it comes to China, if you’re going to stay and do business someplace, I’m not going to put my employees in harm’s way. The best way to make a difference in China and other countries is to stay in the country. We’re staying and trying to be part of a reformation process…and I think that’s the principled stand to take.

Q: Any advice for Apple and Google as they face potential antitrust troubles? [laughter]

A: [Ballmer grins] No advice. I just wish them the best in getting lots of good experience.

Q: Question about health care.

A: Ballmer–It’s a slow moving market. Certainly the money that was put into the health-care bill gives an incentive to have these things proceed a little more quickly.

Q: What do you want Microsoft’s role to be in media?

A: Ballmer–Media starts with what gets created, so we need great tools for creators to make content, and we need to make tools to help people monetize that. This is an area that the advantages Google has in search can and are being leveraged.

Q: Question about weak battery life in the laptop form factor.

A: Ballmer–We’re doing a lot with software. We’re doing work to support Intel’s (INTC) efforts to create chips with better power consumption. This is an area of improvement for us.

Q: What are your thoughts on cross-platform development?

A: HTML5 will show up everywhere. The question is, will that be enough to write great apps? Will there be folks that may have some things that run cross-platform? I think there will be. But developers are going to optimize for one platform.

Walt: Will Silverlight run on the iPhone?

Ballmer: It doesn’t. And my guess is that if it did, it would be blocked.

And that’s a wrap.

A note about our coverage: This liveblog is not an official transcript of the conversation that occurred onstage. Rather, it is a compilation of quotes, paraphrased statements and ad-lib observations written and posted to the Web as quickly as possible. It is not intended as a transcript and should not be interpreted as one.

Gathering Vitals of Your So-Called Scattered Life

Walter S. Mossberg — Thu, 13 May 2010 01:03:15 +0000

The important records of most people’s lives are too often hard to find when you need them. Some are on paper, scattered in folders, drawers or boxes in homes and offices. Others are in digital files on one or more computers.

For years, there have been software programs and Web sites that try to corral portions of this information. Some of these digital products offer to organize your online IDs and passwords. Others focus on financial, health, or other information.

[ See post to watch video ]

But a couple of relatively new products aim to digitally collect your important data in all these categories in one easy-to-access place: either on your computer or on the Web. One is Orggit, launched last fall by a Chicago-based company called Morgan Street Document Systems. The other is InformationSafe, launched in January by New York company Ascend Partnerships.

Orggit, available at orggit.com, costs $50 a year. InformationSafe, available at infosafe.com, is $50 for a desktop version or $50 a year for a Web version. A backup service for the desktop version of InformationSafe is $30 a year.

I’ve been testing both, and found each fairly easy to use and potentially very valuable, especially as your life gets more complicated. It’s a real bonus to be able to find everything in one place, even scanned paper documents. Both products work on either Windows PCs or Macs.

They also share some important downsides. As you might expect, they are only effective if you take the time and effort to enter all your information, from passwords to credit-card information to all the medications you take, and more. That can be a chore, even though both products try to make it easier with predefined templates for each type of data.

Another downside: security. Anything stored digitally, especially online, is vulnerable to criminal hackers. Both products offer multiple log-in plans, not just passwords but things like photos or important dates in your life that you must identify. Both also use a tough form of encryption typically favored by the government and banks. But there are no guarantees.

On this issue, InformationSafe has the edge. While it offers a Web-based version, it also comes in a version that exists only on your local computer, or on a removable drive. The company says this local version is chosen by 80% of its users. Orggit is purely Web-based, and can be accessed from any computer or from Orggit’s nicely designed free iPhone app.

InformationSafe’s desktop version is less convenient, because it can’t be accessed remotely. But it’s more secure. Still, even data stored only on a local computer or drive can be compromised by a determined hacker who targets it when the machine is online, or if it is lost or stolen and falls into the wrong hands.

Orggit’s iPhone app

You could use InformationSafe on a PC that you never connect to the Internet, but you’d be unable to use the company’s optional backup service and could lose everything if the hard disk fails, unless you faithfully back it up locally.

Each product is divided into logical sections, such as finance, health, insurance, passwords, and so forth. Orggit has a simpler layout, with colorful icons and a quicker, easier way to download reports on what’s in your wallet and on your health data. InformationSafe has many more canned templates, but you can enter almost anything into Orggit as well.

Each allows you to type in your information using the templates, or to upload digital or scanned documents, such as a living will or the image of a driver’s license. Each also allows you to type notes on everything you store.

Orggit has a special health feature InformationSafe lacks. Once you sign up, you get a physical wallet card with a toll-free number that can be called by emergency or medical personnel to gain access to your vital medical information. This phone number also is displayed in the iPhone app.

Also, Orggit allows you to store separate sets of information for up to 10 family members or other people, who can share some or all of their information with each other. InformationSafe allows the entry of information about other people, but it is basically designed for a single user; and sharing, while possible, is more limited.

InformationSafe has a more staid look and feel, but it isn’t hard to navigate. However, its local and Web versions aren’t connected, are purchased separately and don’t synchronize with each other even if you have both.

You can get Web backup of the local version for a fee, but this backup isn’t visible from the Web. The company says it is working on this feature.

If you’re comfortable with digital storage, these two products offer an effective way to organize the details of your life.

Find all of Walt Mossberg’s columns and videos online, free of charge, at the All Things Digital Web site, walt.allthingsd.com. Email him at mossberg@wsj.com.

The Secret Life of Chatroulette's Hacker Founder

Peter Kafka — Mon, 10 May 2010 15:23:59 +0000

Can’t read enough about Andrey Ternovskiy, the kid who built Chatroulette? You’re in luck: This week’s New Yorker has an excellent profile of the Russian teenager.

The piece seems to have been primarily reported this winter, just as Chatroulette was becoming a phenomenon and shortly before Ternovsky lit out for the United States. If you’re interested in digital media investing, there are a few tasty tidbits, like Union Square Ventures partner Fred Wilson’s assistance in arranging a visa for Ternovskiy, and the programmer’s disdain for Digital Sky Technologies’ Yuri Milner.

And there’s a tiny bit about Chatroulette’s finances, at least as of a couple months ago: Since Google (GOOG) wouldn’t get cut him an AdWords check, Ternovsky’s sole source of revenue was Mamba, a Russian dating service. But that was enough: He was generating $1,500 in advertising a day, which he said covered his costs. Still, there’s not much in the way of “news” here.

But make a point of reading Julia Ioffe’s story, which paints a compelling portrait of Ternovsky’s Moscow childhood. It’s going to seem both familiar and alien to a lot of you.

He was born on April 22, 1992, less than four months after the collapse of the Soviet Union, and grew up in a tidy apartment in a typically dingy Moscow high-rise. His mother, Elena, is a talented mathematician who works on differential equations at the élite Moscow State University. His father, Vladimir, is an associate professor of mathematics at the same university, and dabbles in cybernetics. Their household was loving but turbulent. The couple fought and frequently separated, and Vladimir started a parallel family, an issue that was never openly discussed. (“It’s a little game we play,” Elena said of the arrangement.) Andrey retreated to his room, where, thanks to Vladimir’s belief that “the future would have something to do with computers,” there was always a machine, as up to date as the family could afford. Vladimir invested great effort in Andrey’s upbringing, engaging a Chinese tutor, a weight-lifting coach, and a chess teacher. But most of Andrey’s learning occurred alone, with his computer. He started with games, usually of the reality-simulating variety. By fourth grade, he was writing code.

Like many young Russians with programming skills, Ternovskiy turned to hacking. When he was eleven, he came upon zloy.org (which translates as angry.org), a hacker forum led by a young man named Sergey (a.k.a. Terminator), who trained his followers in cyber warfare. Using the handle Flashboy, Ternovskiy soon mastered the art of the denial-of-service attack, wherein a target system is paralyzed by a mass of incoming communication requests. Next came Web-site and e-mail hacking, a service he gladly performed for girls who asked nicely. By 2007, at the age of fifteen, Ternovskiy had learned about what hackers call “social engineering”–getting what one wants through deceit or manipulation. Posing as a teacher, Ternovskiy got access to some practice tests before they were delivered to his school.

You can, and should, read the rest here.

It's a Botnet Party Vietnam

John Paczkowski — Wed, 31 Mar 2010 15:20:07 +0000

East Asia obviously isn’t taking Google’s principled stand in China very seriously–not that you’d expect it to. Politically motivated cyberattacks in the region continue. The latest to be identified: A botnet intended to silence widespread opposition to a bauxite mining operation in Vietnam run by China’s state-owned mining group, Chinalco.

Though similar to the late-2009 attacks against Google (GOOG), this effort was a bit less sophisticated. Still, it appears to have been politically motivated and perpetrated by folks with some sort of allegiance to the government of the Socialist Republic of Vietnam.

“The malware infected the computers of potentially tens of thousands of users who downloaded Vietnamese keyboard language software and possibly other legitimate software that was altered to infect users,” Neel Mehta of Google’s security team wrote in a blog post describing the attack.

“While the malware itself was not especially sophisticated,” Mehta added, “it has nonetheless been used for damaging purposes. These infected machines have been used both to spy on their owners as well as participate in distributed denial of service (DDoS) attacks against blogs containing messages of political dissent.”

Which is frightening, because a number of Vietnamese Internet activists have already been imprisoned for attacking Chinese involvement in the bauxite mining project.

[Image credit: Wikimedia Commons]

Other Companies Than Google Faced Big Risks in Attack, McAfee Says

Ben Worthen — Thu, 04 Mar 2010 16:30:55 +0000

It’s not news that Google (GOOG) lost some intellectual property in the highly publicized cyber attack that targeted the Internet giant and many other companies. What is more surprising, the security firm McAfee (MFE) says, is how the others could have also been victimized.

The perpetrators in the Google case gained access in some instances to the systems where companies store their “source code,” the computer code at the heart of a tech company’s products, says George Kurtz, McAfee’s chief technology officer. With this access the hacker could either steal the source code or modify it.

Read the rest of this post on the original site

Chinese Schools Tied to Attacks on Google? Where'd You Read That, Mad Magazine? [UPDATED]

John Paczkowski — Mon, 22 Feb 2010 12:56:41 +0000

UPDATE: The Financial Times reports that U.S. investigators believe an unnamed Chinese freelance security consultant is the author of at least a portion of code used in the alleged attacks on Google.

Claims that two schools in China were the source of cyberattacks against Google (GOOG) and other U.S. companies have become the butt of a state-run media joke in the country. First came vehement denials from Shanghai Jiaotong University and Lanxiang Vocational School, which dismissed the stories as unfounded. “We were shocked and indignant to hear these baseless allegations which may harm the university’s reputation,” an SJTU representative told Xinhua News, the official press agency of the People’s Republic of China. He denied any ties between the school and China’s military, as did a rep for Lanxiang.

A relatively diplomatic condemnation of the claims at issue here, but it quickly devolved into outright disparagement and mockery. A subsequent news story, also published by Xinhua, bears the title “Chinese netizens make fun of Google hacking report.”

An excerpt:

A report claiming cyber attacks on Google and other firms originated from two Chinese educational institutions is being jeered at by Chinese netizens.

“The report is sheer nonsense. Is it April Fools’ Day?” netizen sdh13814021912 commented at the www.tianya.cn forum.

“The news is doomed to be a joke.” netizen Jinse Xueguang said.

“A vocational school being used as camouflage for military-sponsored hacker training camp. Am I reading a science fiction?” said another netizen azydn.

Is it April Fools’ Day? Am I reading a science fiction? Clearly Sino-American relations around this matter have sunk to a new low. Still, it’s no surprise that China’s digerati–or the Ministry of Industry and Information Technology officials impersonating them for state-run media–have reacted this way.

Confirming the schools’ involvement in the attacks or their alleged links to the Chinese military is impossible without Beijing’s cooperation. And Beijing is clearly not going to cooperate. Why would it? It has already denied culpability. And ensuring that it remains blameless is as simple as refusing to disclose traffic data from the schools’ data networks.

PREVIOUSLY:

Premium Buys Encryption for Evernote

Walter S. Mossberg — Wed, 27 Jan 2010 23:06:06 +0000

Your review of the Evernote notes-storage service last week made it sound tempting. But do they encrypt my notes on their servers so a hacker can’t steal them? And what happens to my notes if they go out of business?

A: Evernote isn’t a purely cloud-based (Internet-based) system. It does store your notes on its servers, for Web access, but it also exists as a synchronized local application on Windows, Mac and every major smart phone. So your notes are stored locally on the hard disks of your various computers. Local storage is available on the iPhone app, and the company says it plans to add local storage to Android phones soon. Thus, even if the company went out of business, the notes on your Mac or PC or iPhone would be safe.

Evernote says it doesn’t encrypt data on its servers because it indexes all your notes for quick searching, and performs image recognition on photo notes, and it claims encryption would prevent that. Your user name and password, however, are always encrypted in transit, according to the company, and passwords aren’t stored on its servers—even if you have a free account. For premium users ($5 a month or $45 a year) all of the data, not just user names and passwords, are encrypted.

Also, the service allows users to encrypt all, or any part, of any note, and the company says it doesn’t receive the key to decrypt this material. The only part of a wholly encrypted note that the company would hold on its server would be its title and tags, if any.

I’m looking for a lightweight laptop, ideally under five pounds and with long-lasting battery life. I’m confused by all the models. Can you help me to narrow it down to a handful?

A: Unless you are looking for a tiny netbook, I suggest you consider a couple of options. One is a new category of Windows laptops variously called things like “ultrathin” and “thin and light.” All are well under five pounds in weight and many have good battery life. I reviewed three of these laptops—models from Toshiba, Hewlett-Packard (HPQ) and Lenovo—back in November, and you can read the column at http://bit.ly/m3JQn.

The second option worth considering is a Mac, which I believe has superior software and security, albeit at a higher price. Apple’s (AAPL) MacBook and 13″ MacBook Pro, while heavier than this new batch of Windows machines, weigh slightly under five pounds and have strong battery life. My review of the latest MacBook, from October, is available at http://bit.ly/7brVJk.

You can find Mossberg’s Mailbox, and my other columns, for free at the All Things Digital site, http://walt.allthingsd.com.

China on “Google Farce”: Our Internet Is Open

John Paczkowski — Fri, 22 Jan 2010 15:06:24 +0000

“Ten of the 13 root name servers in the world are located in the US. They are the top hierarchy of the Internet, which means by controlling them, the US can define the freedom of the Internet. How can Clinton guarantee you a freedom if her country has the power to unplug you?”

– Yu Wanli, an expert on international studies at Peking University

U.S. Secretary of State Hillary Clinton’s speech on Internet censorship Thursday and her call for an investigation into charges that Chinese-backed hackers attacked Google have met with a bristling and indignant response from Beijing.

In a statement posted to China’s foreign ministry Web site, Ministry spokesman Ma Zhaoxu said the United States should “cease using so-called Internet freedom to make groundless accusations against China. The US has criticised China’s policies to administer the internet, and insinuated that China restricts internet freedom. This runs contrary to the facts and is harmful to China-US relations. We urge the United States to respect the facts….China’s Internet is open.”

Well, that’s an interesting perspective on the country’s legendary Internet filtering system. Evidently, the vast infrastructure of technology that has made online dissent an impossibility doesn’t exist!

Ma’s criticism of Clinton was echoed in the China’s state-run media, which refers to the current debacle as “the Google farce.” An editorial in the Global Times today denounced Clinton’s call for free access to the Internet to be a foreign policy matter as a form of “information imperialism.”

“The U.S. campaign for uncensored and free flow of information on an unrestricted Internet is a disguised attempt to impose its values on other cultures in the name of democracy,” the editorial reads. “The U.S. government’s ideological imposition is unacceptable and, for that reason, will not be allowed to succeed.”

PREVIOUSLY:

The Microsoft Cougar Memo: It's Grrrrrrrrreat!

Kara Swisher — Wed, 23 Sep 2009 12:12:26 +0000

Last week, a cougar was reported to be roaming on the Redmond, Wash., campus of Microsoft, which led to all kinds of cutesy jokes about the new Snow Leopard operating system from Apple (AAPL).

No, BoomTown cannot make this stuff up!

Nor did I make up this original and very fine global alert that Microsoft Global Security sent last week, which assured employees of the software giant that “Microsoft Security will conduct frequent patrols of all wooded areas of the campus.”

That’s more than you can say about how the software giant handles hackers!

Here’s an image of the memo (click on it to see a large version):

Previously, TechFlash had the text of the second warning, which gives cougar-fighting tips.

They included:

“Stay calm. Talk to the cougar in a confident voice.”

“Do not run. Try to back away from the cougar slowly. Sudden movement or flight may trigger an instinctive attack. Do not turn your back on the cougar. Face the cougar and remain upright.”

And, most important of all: “Do all you can to enlarge your image. Don’t crouch down or try to hide. Pick up sticks or branches and wave them about.”

Which, if you think about it, is even better advice for Microsoft (MSFT) Bing execs–this means you, Yusuf!–in tangling with search archrival Google (GOOG).

eBay Bids to Fix a Security Hole

Peter Kafka — Tue, 11 Aug 2009 15:47:47 +0000

See? You don’t just have to be a buzzy social network to suffer through security problems. You can be a relatively staid Web 1.0 giant, too. eBay (EBAY) is warning developers who build programs that incorporate the online marketplace’s engine about a security breach.

In letters to sent Monday to 90,000 developers who work on eBay’s Developers Program, the company warns about a security hole that could cause problems, but hasn’t yet. It also takes pains to point out that the security flaw doesn’t affect eBay customers themselves. eBay says third-party software now accounts for 25 percent of its listings.

An eBay spokesman tells me that eBay came across the weakness itself not because a hacker had exploited it, and that the company is acting “out of an abundance of caution,” which is a term the eBay folks seem to favor (see email text below). “The information that *may* have been compromised consisted of basic contact information that could potentially be used in a phishing attack. At this point, we have not identified any unusual patterns in our developer accounts and we are notifying them and requesting they change their developer passwords out of an abundance of caution [sic].”

Here’s the complete text of eBay’s heads-up letter:

Hello [redacted], this is Kumar Kandaswamy, and I manage the eBay Developers Program. I’d like you to read this important message about account safety. The safety and security of the eBay Developers Program is a top priority. While we believe that people are basically good, we also must live with the reality that there are fraudsters out there who have made it their illicit “profession” to find ways to exploit others on the Internet.

Occasionally, fraudsters attempt to gain unauthorized access to the eBay Developers Program. eBay has recently identified a means by which someone could gain access to eBay Developers Program account information. This type of access DOES NOT allow the capture of financial or other sensitive information, such as credit card or bank account information or Social Security numbers.

Fortunately, we have not detected any unusual activity with any Developer account. Out of an abundance of caution and to help ensure the security of the eBay Developers Program, we are requiring that all developers take the following steps:

* Take advantage of our new, stricter password standards and change your eBay Developers Program (developer.ebay.com) passwords. It is not necessary to change eBay (www.ebay.com) passwords. If you believe you or your customers have been the victim of fraudulent activity, contact us immediately at apifeedback@ebay.com.

Sincerely, Kumar Kandaswamy

BoomTown Decodes Twitter's Denial-of-Service Blog Post (So You Don't Have To)

Kara Swisher — Sat, 08 Aug 2009 00:17:56 +0000

This morning, in a blog post titled “The Adventure Continues,” Twitter co-founder Biz Stone gave more of an explanation for the outage that the microblogging service endured due to a denial-of-service attack yesterday.

Fortunately, BoomTown can read between the lines in order to decipher the secret message herein!

Biz wrote: The Adventure Continues.

Translation: By “adventure,” I mean yet-another-friggin’-Twitter-birdie-crisis.

Considering all the fail whales, the stolen documents and now this, I would have to say we have now taken Time Warner (TWX) online unit AOL’s title as Internet company most likely to experience technical difficulties. Do not adjust your screens! Please stand by!

Biz wrote: In the past 24 hours, we’ve been contending with a variety of attacks that continue to change in nature and intensity. We’re working to restore access to apps built on the Twitter platform that were affected by defensive measures–there was some overcompensation on our part as we tune our system to deal with this scale of attack.

Translation: We’d like to blame this one on TechCrunch somehow, and are hard at work on another impolitic internal memo about how to do so that also manages to insult potential acquirers, such as Google (GOOG), Microsoft (MSFT), and our investors.

The reason we doused this crisis with extra amounts of weed killer is because no one will be able to accuse us of sitting by in our usual chill manner, which is exemplified by the official Twitter company motto: “Scoble dude, relax, it’s only 140 characters.”

Biz wrote: The ongoing, massively coordinated attacks on Twitter this week appear to have been geopolitical in motivation. However, we don’t feel it’s appropriate to engage in speculative discussion about these motivations. The open exchange of information can have a positive impact globally and our job is to keep Twitter services running reliably to the best of our ability.

Translation: And if blaming TechCrunch does not work, there is always Iran to point the finger at!

However, we don’t feel it’s appropriate to engage in speculative discussion of these motivations–mostly because it will just piss off the hackers more and they will crush our little technical operation like it is papier maché.

Which, let’s be honest, it is. Anybody got any spare Elmer’s Glue?

Biz wrote: As a reminder, no data or personal information of any kind has been compromised. Denial of Service attacks are a known quantity on the web and they are not going away any time soon. Nevertheless, we can and will improve system response to these assaults such that they don’t interfere with our normal, everyday Twittering.

Translation: No data or personal information of any kind have been compromised, except–of course–for Ashton Kuchter’s.

But, to be fair, that dude overshares like Perez and Paris Hilton combined and on steroids.

Not that we mind him tweeting pictures of his wife’s posterior, but he makes John Mayer seem shy.

Denial-of-service attacks are a known quantity on the Web, much the way our fail whale is.

Nevertheless, we can and will fail again, so there will be yet another spate of articles and blog posts about the indignity of life without Twittering to show just how indispensable we are.

So Much for Hijacking "Every iPhone in the World"

John Paczkowski — Fri, 31 Jul 2009 20:14:10 +0000

Once again, the iPhone is safe for text messaging. Apple on Friday distributed iPhone OS 3.0.1, a point release to the operating system that addresses a security vulnerability that could have allowed a malicious hacker to seize control of an iPhone with an unusual SMS text message.

The flaw was first demonstrated Thursday. “This is serious. The only thing you can do to prevent it is turn off your phone,” security researcher Charlie Miller said of it earlier this week. “Someone could pretty quickly take over every iPhone in the world with this.”

Well, not anymore, as Apple (AAPL) was quick to note. “This morning, less than 24 hours after a demonstration of this exploit, we’ve issued a free software update that eliminates the vulnerability from the iPhone,” said an Apple spokesperson. “Contrary to what’s been reported, no one has been able to take control of the iPhone to gain access to personal information using this exploit.”

So Much for Hijacking "Every iPhone in the World"

John Paczkowski — Fri, 31 Jul 2009 20:14:10 +0000

Liveblogging Fortune Brainstorm Tech: Twitter Co-Founder "Yes-There-Is-A" Biz Stone

Kara Swisher — Fri, 24 Jul 2009 01:45:42 +0000

Twitter co-founder Biz Stone took the stage at Fortune magazine’s Brainstorm Tech conference late this afternoon and was greeted by that old chestnut: When is Twitter going to make some simoleons?

Fortune’s Adam Lashinsky, who interviewed Stone (the pair are pictured here) posted a poll about that and a few other topics (the audience preferred Facebook to Twitter by about three to one, for example), and then asked a question he said was on the minds of many in Silicon Valley:

“Why the hell aren’t you guys making money?”

“I think that’s a legitimate concern,” said Stone. “We need to focus on value before we focus on profit.”

But, he added that the San Francisco-based Twitter was ready to show some commitment to revenue this year.

Oh dear, what will BoomTown have to gripe about at Twitter now?

Because–aside from the lack of a business model–I must confess I like Twitter an awful lot and find it extremely useful!

Earlier, Stone made the salient point that Twitter was just in the first innings.

“We have a lot of growing to do,” he said. “In general, we feel we are about one percent into the growing of Twitter.”

One more important issue than money-making, he noted correctly, was that the level of engagement at Twitter is not as high as the level of awareness.

“We just have to position our product better,” said Stone.

Of course, Lashinsky had to ask about the recently stolen documents that a hacker nabbed from some Twitter employees’ personal accounts.

Stone said that there are “unpolished notes,” which only “give you an idea of scope we are thinking of…the idea is that we are thinking big.”

Lashinsky asked if Twitter would sue either TechCrunch, which published some of the stolen documents, or the hacker who stole them.

(My first thought: Let’s all pray that TechCrunch will avoid touting that navel-gazing nonstory into the weekend.)

“I don’t know,” said Stone diplomatically, since TechCrunch’s Michael Arrington was sitting right in the room. “In general, we have a responsibility to look into these things and see what makes sense.”

Then, it was pretty much back to business models, and Stone seemed open to a lot of them, as long as they were not forced on the innovative digital darling.

“We want to develop a revenue model that is baked-in…and is not something that is tacked on,” he said.

Some ideas: Advertising, of course, as well as commercial accounts and verifying brands.

“We spent a lot of 2008 trying to get ahead technically of the unexpected popularity,” said Stone. “The very, very high level [of what Twitter needs to be doing] is to add more value to users.”

That means more focus on adding new features, such as a reputation system, better discovery and more explanation–for David Letterman, for example–of exactly how Twitter can be used.

And yes, making money. Stone noted that Twitter wanted to change the world too, and the best way to do that was to make “tons of money.”

“What we don’t want is to become that child actor that grew up all freaky,” he said, noting a Ron Howard development cycle was Twitter’s goal.

All hail Opie Twitter, oops, Taylor!

[Photo credit: Brad Markel for Fortune]

In a Pinch, Arrington Will Fence

Nitrozac and Snaggy — Sat, 18 Jul 2009 00:42:10 +0000

Twitter: Don't Blame Google for Twitterhack (But Do Be Careful About Publishing Stolen Documents!)

Peter Kafka — Wed, 15 Jul 2009 20:36:17 +0000

Twitter has weighed in on the hacker who rooted through the company’s files and on the Web sites that published some of the stolen info. The short version: Don’t blame Google for our security problems; we need to use better passwords. But do be careful about publishing hacked data; we’re talking to our lawyers.

In a post from co-founder Biz Stone, the company counsels users that, with the exception of a single account, none of their personal information seems to have been exposed as a result of the hack. But before establishing that, Stone goes out of his way to explain that Twitter’s security problems are Twitter’s security problems, not cloud computing’s security problems or Google’s (GOOG) security problems.

This attack had nothing to do with any vulnerability in Google Apps which we continue to use. This is more about Twitter being in enough of a spotlight that folks who work here can become targets. In fact, around the same time, Evan’s wife’s personal email was hacked and from there, the hacker was able to gain access to some of Evan’s personal accounts such as Amazon and PayPal but not email. This isn’t about any flaw in web apps, it speaks to the importance of following good personal security guidelines such as choosing strong passwords.

That last line seems directed at the likes of analysts like yours truly, who suggested this morning that the hack would raise concerns about the security of services that place work data on shared servers accessed via the Web. (Though the Twitter guys did seem to like my underwear-drawer metaphor. Cool!)

Stone then goes on to rattle a sword, gently but pointedly, at Web sites that have published stuff pilfered by the hacker.

We are in touch with our legal counsel about what this theft means for Twitter, the hacker, and anyone who accepts and subsequently shares or publishes these stolen documents. We’re not sure yet exactly what the implications are for folks who choose to get involved at this point but when we learn more and are able to share more, we will.

Note that while it’s easy enough to find this stuff on the Web, only a handful of mainstream Web sites, including TechCrunch, Gawker and Silicon Alley Insider, have published it, and most of what they have published is banal. I’ve asked all three sites for a response to Twitter’s response.

In the meantime, TechCrunch’s Mike Arrington, who has promised to publish more, announces in a new post that he is in the midst of “negotiations” with Twitter’s lawyers about his plans. Happy to hear from a First Amendment specialist, but I don’t think Twitter has a case against Web publishers here; the issue is an ethical one, not a legal one.

UPDATE: Here’s Gawker Editor-in-Chief Gabriel Snyder’s “bring it on” retort:

It’s hilarious to see Twitter, which has become a conduit for real-time, unauthorized information from places like the New York Times’ internal meetings, now get prissy about corporate privacy. Ev Williams seems to have learned a lot about the mores of the institutional elite during his stay in Sun Valley. As for Twitter coming after us for publishing the docs, the only thing I’m upset about is that the leaker didn’t come to us with them first.

Twitter Hacking Spurs Ethics Debate Over Leaked Files

Marisa Taylor — Wed, 15 Jul 2009 20:25:50 +0000

The hacking of Twitter CEO Evan Williams’s email account has sparked an ethics debate after TechCrunch said that it would publish some of the confidential documents that the hacker leaked.

The brouhaha began when TechCrunch founder Michael Arrington blogged that a French hacker calling himself “Hacker Croll” said he had broken into Mr. Williams’s account as well as those of Mr. Williams’s wife and two Twitter employees.

An English translation of a post on French blog Koren shows that the hacker claims he gained access to Mr. Williams’s Gmail, PayPal, Amazon (AMZN) and AT&T (T) accounts, among others, and thus was able to find documents containing Twitter employee food preferences, credit card numbers, phone numbers and salaries.

Read the rest of this post on the original site