, , ,

Some good might still come of the Ashley Madison incident, if we’re prepared to learn from it. My sympathy extends to the innocent who thought they had nothing to do with Ashley Madison. Most the others aren’t so much victims as people who took risks and got caught. I’m not saying that to occupy the moral high ground. I’m arguing that our reliance on trust actually makes the general lack of morality a central issue here, especially as we don’t get to decide which part of our online lives is exposed, or how that information is used against us. Solving the core problem is going to require a change of mindset, and I’m not optimistic.

None of us ‘conspiracy theorists’, who fifteen years ago maybe thought the New World Order would oppress the masses using RFID or somesuch, could then have envisaged a world where corporations like Google could build a detailed picture of one’s private life using data aggregated from sources we’re not even aware of, or that profiling would become so damn intrusive and insidious, or that mass surveillance would far exceed what ECHELON was capable of, or that people would opt for an operating system that informs on them.
Maybe I was a paranoid ‘conspiracy theorist’ for warning about what the world of ‘big data’ would entail, but here I am, looking at a pilfered database of people who intended to commit adultery, matching millions of names against email addresses, places of residence and their sexual fantasies. For myself, it’s not the sex that makes it salacious, but the fact the database even exists, that 33+ million personally identifiable records have become public, and Ashley Madison acquired data elsewhere to massage the figures. Whatever next?

While the Impact Team caused untold damage, and quickened the ruination of God knows how many relationships, they also effectively demonstrated that many (or even most) of us can indeed be compromised, and impressed upon us that those we entrust our secrets to should not be deemed trustworthy by default. I learned that lesson a while ago, in my own painful and career-limiting way.
Most of us have done something stupid on the Internet, and shared information that should really be private. Most of us are certainly potential targets for identity theft. Again, once that information’s been put on the Internet, we don’t get to decide which part of it becomes public, and anyone who can be blackmailed or similarly compromised is basically fucked.

Another lesson, which is more of an observation I would have posted the other month following the Hacking Team incident, is the exposure of morally questionable activities has become a common motivation for ‘malicious’ hackers. Recent victims include Sony Pictures, Hacking Team, Ashley Madison (of course), Stratfor, the Office of Personnel Management, the NSA itself even. There is a distinct pattern here, and it means ‘threat assessments’ should be revised to take this into account.