Lessons of Failure
Humans + Software Development = Always Interesting

Jan/11

19

Two Major Privacy Violations You Probably Didn’t Notice

Somehow, I managed to channel my security hero Bruce Schneier, who manages to find all that is amazingly stupid and insane about security, from the TSA to RSA.  And I accidentally stumbled across some major privacy violations that didn’t appear to be privacy violations on the surface.

We take a lot of things for granted today when it comes to multiple device access and our privacy.  On the one hand, we expect our data to synchronize seamlessly from device to desktop and back again.  But at the same time, we don’t want our private data stored any longer than we need it.  As it turns out, those two tenets are in direct conflict with each other in a sinister and subtle way.

Big Brother is Watching YouSuppose you use Skype and have it on a mobile device and a computer.  Great–You sign into your Skype account from a laptop and see your contacts.  Doing the same from your iPhone and you get the same list.  No surprises there, right?

Now let’s say you had a conversation (IM-based chat) with a business associate about some sensitive account data relating to a current client.  And just in case, because you use your mobile device around the very same client, you want to make sure that conversation isn’t visible at all, ever.  So you delete the conversation from Skype on your laptop.

At this point, you haven’t logged into your Skype on the mobile device.  You’d expect that conversation data to delete in both devices, right?

Turns out, you’d be dead wrong on that one.

Skype saves these conversations on their server and puts them on any device where you have their software installed. “Ah!” you say, “but you forgot about the Privacy options!”

Skype Privacy Options

The Iron Clad Guard of Privacy, right?

True enough, I didn’t mention them–so now suppose you have “Keep History For: No history” set in your Skype options (the Iron Clad Privacy Guard(tm)!).  And you cleared your conversations out from Skype on the laptop.  And you’ve never logged into Skype using your mobile device…you’re good now, right?

Nope.  That conversation is still on Skype’s servers, but gone from your laptop.  Next time you login to the mobile and go back in the history, it’s still there!  And here’s the kicker:  you can’t get rid of it either!

This isn’t unique to Skype.  I was able to reproduce the same thing via Sent Messages in Facebook.  I specifically had deleted a bunch of old conversations I had with friends from my web browser version.  One day, I went in via my iPhone and voila, there they were all staring me in the face!  Facebook is storing your conversations from years ago (mine were 18+ months old), even when you’ve deleted them from your Inbox and Sent folder.

Why oh why would they do it?

Delete means delete, right?  Not really as it turns out.  There might be reasons these companies want to hang on to your data for a bit longer than when you want to…

  1. Legal reasons:  If you did something illegal, and law enforcement wants to come a-knocking, Facebook and Skype are covering their proverbial backsides.
  2. Ad targeting reasons:  Just like GMail searches your inbox for reasons to post an ad to you, Facebook is definitely doing the same.  Skype might be, but since they don’t have ads in their software, that seems less likely.
  3. Oops reasons:  They might want to be able to restore your “accidentally deleted” data if you call customer support in a panic.  This probably makes it easiest to look the customer in the eye if they discover it, but it’s probably the least used reason of the three, sadly.
  4. Other, Secret, More Sinister reasons:  I’m no paranoid conspiracy theorist, but there’s always the outside chance of some other reason they want to keep your data around that I haven’t mentioned, so we’ll leave this catch-all for good measure.

Regardless of the reason, these create huge loopholes for those concerned about actual privacy.  The fact that neither of these is mentioned in the terms of service is not surprised, but definitely problematic.

Developers:  Make sure your apps don’t do bad things like this.  When people find out, the negative publicity isn’t worth the supposed safety margin gained above.

Next time you think that “private” conversation is cleared from Never-Never-Land when you turn on those Privacy Options, you’d better think again.

Be Sociable, Share!

· ·

4 comments

  • Risto · January 20, 2011 at 12:24 am

    Very informative and well written article. Loggings stuff in skype is the real pain. For example when you have used your laptop for lets say 3 months and after that log on your home pc – old logs appear in your skype for hours and you have to delete them once more. The real crap. They should just create one checkbox under privacy options “Dont want to DL logs on other computers” or something. If they really want to store your logs, ok but it shouldn’t be uncomfortable for user :)

  • Björn · January 20, 2011 at 6:58 am

    Even if companies would delete such things, they would still be floating around on backups. It might be practically impossible to delete everything.

  • Kirsten Winkler · January 20, 2011 at 7:13 am

    Really interesting. For the casual user this might be even considered as a plus, hey – all my important talks with friends and family are saved automatically! Thank you Skype.

    For business I agree, this is a tricky situation. Do you know if services that claim to be more secure like GoToMeeting do the same or are those sessions really deleted?

  • Author comment by Dave · January 20, 2011 at 8:28 am

    @Kirsten: I don’t know about GoToMeeting or others, like WebEx. They may fall into the same trap…only a test would tell for sure.

    @Björn: Agreed, we can’t get it all off the storage media, but they should at least take a first-order attempt. :)

<<

>>