Silicon Investor (SI) -- The First Internet Community

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Microcap & Penny Stocks : JAWS Technologies - NASDAQ (NM):JAWZ -- Ignore unavailable to you. Want to Upgrade?

To: justaninvestor who wrote (1460)	12/21/1998 1:31:00 PM
From: justaninvestor	Read Replies (2) \| Respond to of 3086

The articles that we love to see: SportsLine Contestants Exposed by Craig Bicknell 3:00 a.m. 19.Dec.98.PST Ken Williams wanted to check the background on a potential business partner, so he turned to the Web. Friday afternoon, he entered the man's last name and hometown into a popular search engine. What turned up was a link to a database on the CBS SportsLine Web server that contained the names, email addresses, home addresses, and phone numbers of hundreds of people who'd entered contests such as the March Madness Projection Payoff. "I was able to download the entire directory -- almost 9 megabytes," said Williams, president of a Web-security firm. Wired News was able to access the directory through the same steps Williams had taken. Williams immediately fired off an email alerting the CBS SportsLine staff of the security breach, but received no response. Several hours later, the database remained available online. By late Friday evening, CBS SportsLine had corrected the problem, and said that no one besides Williams had accessed the data. "I'm comfortable that that information has never gotten out to the public at large," said Andrew Sturner, senior vice president of business development at SportsLine. Williams has deleted the data he downloaded. The contestants whose personal information had been exposed weren't very happy about it. "I believed that information was private," said Michael Medvin, who entered a football contest in September. Sturner offered assurances that the breach was an isolated incident, that the problem has been permanently fixed, and that the entire site has passed a rigorous security audit. "We take security very seriously," he said. Still, privacy advocates decried the breach. "The typical state of security at Web sites is disturbingly low," said Jason Catlett, president of Junkbusters, a privacy-advocacy group. "I'm not surprised by this, but I'm still horrified." Catlett said he believes there's only one way to ensure security: government regulation. Industry groups have lobbied hard to keep the government from legislating Web-security rules, instead touting industry self-policing as the best way to ensure security. The problem is, said Catlett, there's no redress for people whose information has been exposed, either accidentally or maliciously. With no fear of punishment, corporations will continue to be lax about security. "If we had a law to provide statutory damages, there'd be a monetary incentive for companies to get their security right."