MyBlackBook, the security issues of a sex log

Prof. Eugene Spafford in his latest post talks about MyBlackBook, an unusual web service whose mission is “to provide people with a place to store their sexual history, partners, and experiences in a safe, secure and confidential place”. This New York based venture moved from the assumption that “one out of three people have some kind of sex log” mostly kept on paper. A solution that is hard to maintain and troublesome to protect from prying eyes.

MyBlackBook is not a dating site, it does not have any “social” feature, it’s a very personal service. I think this is quite remarkable since in today online environment all intimate and confidential aspects of human existence are neglected. The focus is mostly on sharing and connecting while our innermost and private processes don’t get any support from web technologies.

However in his post Prof. Spafford makes some sound criticism of MyBlackBook.

My first thought is “Wow! What a way to datamine information on potential hot dates!” That quickly led to the realization that this is an incredible tool for collecting blackmail information. Even if the people operating it are legit (and I have no reason to doubt that they are anything but honest), this site will be a prime target for criminals.

Prof. Spafford is basically right, but only because the guys at MyBlackBook did everything they could to undermine the security of the sensitive information they are entrusted with. Here is a partial list of their “oversights”.

  • To sign up, MyBlackBook require a valid email address that is used to send a confirmation email where the username and password are fully displayed in clear! I think that a service of this sort should be as anonymous as it could and shouldn’t require any unnecessary personal information, especially email addresses.

  • Users data, or in MyBlackBook jargon their “entries” and “sessions”, are SSL encrypted during transmission, but no further information is provided about how they are stored on MyBlackBook’s servers. One could reasonably suspect they are “in clear”.

Then they say “All passwords are stored in our database as a non-reversible MD5 hash, which means if you forget your password we cannot retrieve it, and you would need to create a new password using our ‘Change Password’ form.”

  • First of all, plain-vanilla hashing is not enough to protect passwords, salting and stretching would be also advisable.
  • Second MD5 is very badly flawed and shouldn’t be used at all.
  • A good thing is that they avoided the curse of the secret question, but if a user forget his/her password, and still remember the username, he/she can simply fill the form and a new password will be emailed in clear to him/her.
  • To date if you try to delete your MyBlackBook account an error message is generated. Furthermore I did not find any further information about account deletion, nor it is mentioned in their Terms of Service document. Not nice …

MyBlackBook is a very smart and fun project, but with lots of open issues on the security front. I hope John Ianuale, president of Resorb Networks and lead developer of MyBlackBook, could fix them, but I’m afraid it will require a complete redesign of the underlying software architecture. I would be more than happy to discuss with John the approach used by Clipperz online password manager to the creation of really secure digital vaults where users can get the service without trusting the service provider. Maybe we could even try to change prof. Spafford opinion and lower his distrust toward online storage services.

My bottom line: don’t store things remotely online, even in “secure” storage, unless you wouldn’t mind that they get published in a blog somewhere — or worse. Of course, storing online locally with poor security is not really that much better…

PS MyBlackBook was launched more than one year ago, but surprisingly the blogosphere paid little attention …

Wally

Submitted by Marco on 10 October, 2006 - 15:25 |
tags:

A little update...

Submitted by Rob Ianuale (not verified) on 11 October, 2006 - 01:40.

After reading your blog, I decided to to a few fixes, and clear up some things..

I’ve updated the FAQ with a little more information about the security measures taken.

From the FAQ

MyBlackBook takes the utmost security measures to keep your data safe. We use Advanced Encryption Standard (AES) when storing your information on our servers. As well, a unique key is generated at the time of account creation which is based on some of the information you provide during the sign up process.

This key is not stored anywhere on our servers, and is generated “on the fly” when you log into and begin using the service. This allows for safe encryption and decryption of the data, and provides only part of the security that MyBlackBook takes. The data is further encrypted using a “primary key” that is stored on our servers, and is randomly generated.

The security measures taken to keep your data safe is equivalent to the technology and security practices banks use to keep your account information safe from criminals.

All personally identifiable information such as your name, and contact information is encrypted using this system. The remaining data, such as “Sex”, “State”, and other relative information is encrypted using only our primary key so that we can generate charts and graphs, and provide statistics in the aggregate function.

As well, the “Remove account” feature is working again, thank you for the notice. As well, there is now a ‘Termination’ entry in the Terms of Service.

Email addresses are required for verification, and to receive the “Active Link”, as well as to receive the password reset link. (otherwise we would need a ‘secret question’).

Hope this clears up some things, if you do have any more questions, please feel free to contact me directly.

Sincerely, Robert Ianuale.

Browser cryptography

Submitted by Marco on 11 October, 2006 - 21:16.

Dear Robert, thanks for listening and answering to my post.

Happy to hear that all users data are stored in an encrypted form. However, if I understand correctly, the encryption key is generated “on the fly” from “some” registration data that are stored in clear and that could be known in advance by an attacker. The obscurity of this key derivation algorithm is then a crucial issue … Your claim of using as much security measure as a bank is objectionable, but this is not my point.

I believe that services like MyBlackBook should know nothing of their users (in the same way a bank know nothing of the content of safe deposit boxes). The computing power of Javascript-enabled browsers is more than enough to implement strong cryptography algorithms using only local resources.

This approach will inhibit the production of aggregated statistics, but I’m sure that MyBlackBook’s users will happily trade statistics for the guarantee of perfect privacy.

Regards, Marco

It is great to read the post

Submitted by MLM Leads (not verified) on 27 March, 2009 - 13:58.

It is great to read the post as well as the comments here. Yes, There are security issues on internet, hackers are using various technologies to hack data. So, there should be some STRONG security plans/procedures,

I too had some issues with

Submitted by James (not verified) on 4 April, 2009 - 18:20.

I too had some issues with hackers, So, I have followed some safe methods, When I get data from front-end, I used to convert them into some other characters and again when I retrive in the back-end, I just convert it, I am using a script here, It is working great…Now, I am not loosing any data….James from Beach Vacations