OkCupid, a free online dating site (and a great place to meet weirdos of all proclivities), is putting user data at risk with its current data encryption practices, according to The Electronic Frontier Foundation (EFF).
An EFF report states, “Every OkCupid email, chat session, search, clicked link, page viewed, and username is transmitted over the Internet in unencrypted plaintext, where it can be intercepted and read by anyone on the network.” Which means that you might have blocked that trans-gender admirer Denise, but if she has any hacking abilities, she will could potentially read your sensitive internet interactions. Or, in a more Orwellian twist, OkCupid’s vulnerabilities could be used as an asset by governments to compile information on its citizens.
EFF states that OkCupid, which already offers a good deal of privacy controls, should offer the dating service in HTTPS, which provides encrypted communication and secure connections. In other words, HTTPS would help hide an Evangelical Christian woman’s searches for bondage enthusiasts, or a married couple’s quest for orgy fanatics.
As stated by EFF:
The failure to encrypt your communications exposes sensitive data in online profiles to eavesdroppers, who could snoop on the content of your profile to learn about sensitive topics like religious and political beliefs, drug use, and sexual practices. The failure to encrypt also exposes the HTTP cookie that’s used to authenticate you to the site, which means that the eavesdropper can actually take over your account and impersonate you, even without knowing your password.
The report cites a newly-released tool called Firesheep, which can be used on shared wi-fi networks to “take over web-based accounts on non-HTTPS sites”—something that can be done with basic eavesdropping skills. Firesheep is free, open-source and available now for Mac OS X and Windows; which means that it is very easy to acquire and use to exploit internet users.
To send a message to OkCupid asking the site to tighten its privacy controls and switch to HTTPS, head over to the EFF OkCupid petition page.
February 10, 2012 at 4:07 pm, OkCupid has no love for user privacy – Death and Taxes | Satellite Internet said:
[...] OkCupid has no love for user privacyDeath and TaxesAn EFF report states, ?Every OkCupid email, chat session, search, clicked link, page viewed, and username is transmitted over the Internet in unencrypted plaintext, where it can be intercepted and read by anyone on the network.and more » [...]
February 10, 2012 at 5:05 pm, Temporary Test Blog » Blog Archive » Online dating sites: Looking for love, finding violations of privacy - ITworld.com said:
[...] in security that compromise at least the privacy and possibly the financial security of their users.OkCupid has no love for user privacyDeath and TaxesOnline Dating Sites Have Serious Security HolesKansas City infoZineNow the EFF sounds [...]
February 10, 2012 at 6:09 pm, Online dating sites: Looking for love, finding violations of privacy – ITworld.com - How To Win Back A Girls Heart said:
[...] Security HolesKansas City infoZineNow the EFF sounds an alarm about dating sitesNetwork WorldOkCupid has no love for user privacyDeath and Taxesall 3 news articles »Click Here To Check Out This how to win back a girls [...]
February 11, 2012 at 1:15 am, Online dating sites: Looking for love, finding violations of privacy – ITworld.com said:
[...] Online dating sites: Looking for love, finding violations of privacyITworld.comBy Kevin Fogarty Add a new comment February 10, 2012, 4:47 PM — As if dating – and meeting potential mates online – weren't tough enough, the Electronic Frontier Foundation (EFF) reports online dating sites come with big holes in security that …Online Dating Sites Have Serious Security HolesNow the EFF sounds an alarm about dating sitesOkCupid has no love for user privacy [...]
February 11, 2012 at 1:34 pm, Online dating sites: Looking for love, finding violations of privacy – ITworld.com | More Fun With Sex said:
[...] Security HolesKansas City infoZineNow the EFF sounds an alarm about dating sitesNetwork WorldOkCupid has no love for user privacyDeath and Taxes<a [...]
February 11, 2012 at 4:02 pm, Hawkeyes Set to Host Spartans | Gologor blog category, Friend said:
[...] encryption practices, according to The Electronic Frontier Foundation (EFF). Read some-more upon Death as well as Taxes Smith scores twenty-three as Hawks trip past Magic in OT Josh Smith had twenty-three points as [...]
February 12, 2012 at 7:24 am, horny hot said:
Lol everybody talk about dating
February 12, 2012 at 10:42 am, Online Dating Sites: Seek Love, Find Privacy Violations – PCWorld - How To Win Back A Girls Heart said:
[...] Frontier …Online dating sites: Looking for love, finding violations of privacyITworld.comOkCupid has no love for user privacyDeath and Taxesall 3 news articles »Click Here To Check Out This how to win back a girls [...]
February 12, 2012 at 11:32 am, Temporary Test Blog » Blog Archive » Online Dating Sites: Seek Love, Find Privacy Violations - PCWorld said:
[...] Frontier …Online dating sites: Looking for love, finding violations of privacyITworld.comOkCupid has no love for user privacyDeath and Taxesall 3 news [...]
February 18, 2012 at 5:28 pm, Accountant Williams said:
hello
April 30, 2012 at 2:47 pm, Candice Jones said:
My 13 year old daughter's gmail has been hacked in by someone on OKCupid. They created a profile of a 19 year old girl with her gmail address and now she is getting emials all day long. We cannot just delete the account becasue we need the password it was set up with (which was not us) and I e-mailed them only to get a response telling me that I need to let them know what my new address is because it is the adult thing to do! Are you kidding me, where do I complain about older men soliciting my 13 year old on a site that does not care? Very scary
April 30, 2012 at 3:23 pm, Laura Carr Trefethen said:
that's terrible!!!
April 30, 2012 at 3:23 pm, Laura Carr Trefethen said:
that's terrible!!!
April 30, 2012 at 2:47 pm, Candice Jones said:
My 13 year old daughter's gmail has been hacked in by someone on OKCupid. They created a profile of a 19 year old girl with her gmail address and now she is getting emials all day long. We cannot just delete the account becasue we need the password it was set up with (which was not us) and I e-mailed them only to get a response telling me that I need to let them know what my new address is because it is the adult thing to do! Are you kidding me, where do I complain about older men soliciting my 13 year old on a site that does not care? Very scary