[Germany] You could say StudiVZ, the German Facebook clone has a few problems on its hands, and some unwelcome publicity.
Back in August Facebook officially became Germany’s biggest social network, increasing reach by more than 50% from March to July 2009 taking it to 6.2 million unique users in Germany. By contrast StudiVZ had 4.28 million uniques (though it continues to claim 6 million registered members). Even it’s spinoff aimed at post-university adults, MeinVZ, is ailing.
Then StudiVZ became the subject of some high profile hacks which showed up its lax attitude to security.
In particular was that by a 20 year old man who used crawler software to harvest detailed user information from all of the “VZ” sites (owned by VZ-Netzwerke), copying 48,000 profiles in just four hours. Clearly he was talented at something I guess. He even made a YouTube video of it.
However, he wasn’t so great at the blackmail thing. Bizarrely he asked for just €80,000 and threatened to sell the information to gangs in Eastern Europe. The plan didn’t come off however. He turned up to the VZ offices to collect the cash, where the Police (doh!) were waiting.
But today the story just took a tragic, and perhaps sinister, turn.
It’s being reported today that the suspected hacker has committed suicide in jail. He was found dead in his prison cell in the juvenile detention centre Plötzensee. Berlin’s justice administrator didn’t give more details and said only that the detainee hadn’t shown any indications of wanting to commit suicide.
StudiVZ has now switched off the comments in their post about the incident on their company blog to avoid any damning speculation.
However anonymous commentors at other places [in German] say that the company has “blood on its hands”.
Not a great quarter, then.
tragic
hmm.. doesn’t sound so good for a company which is already said to be clone. Poor guy should have handled it better.
the guy who died hacked into schueler vz (pupils vz) not studi vz (students vz).
so the collected data is much more sensitve because those users are underaged..!
Yes, but he didn’t even hack in it. An important point not given much media is that he just run a scraper over the website without any hacking needed.
sorry, ‘hacking’ was not the right verb in this case. i just wanted to underline the difference between. schueler vz / studi vz / mein vz regarding to the age of the users und the fact that data of underaged pupils were involved in this case.
Sad story, this guy just scraped publicly available data without hacking into the site. Just speculation but possibly he just offered to sell this legally obtained data back to them, mentioning that he has other interested buyers, and got busted for it. The line to black mailing is difficult to draw here, but I have some doubt that the police even understood what he had actually done when they arrested him.
He harvested data from all 3 VZ Networks, Netzpolitik.org and several news websites reported, although the blackmail dealt with mostly SchülerVZ profiles.
Wikipedia would call him a hacker by definition:
http://en.wikipedia.org/wiki/Hacker_(computing)
In computing, a hacker is a person in one of several distinct (but not completely disjoint) communities and subcultures:
[1] People committed to circumvention of computer security. This primarily concerns unauthorized remote computer break-ins via a communication networks such as the Internet (Black hats), but also includes those who debug or fix security problems (White hats), and the morally ambiguous Grey hats. See “Hacker (computer security)”.
…
Today, mainstream usage mostly refers to computer criminals, due to the mass media usage of the word since the 1980s. This includes script kiddies, people breaking into computers using programs written by others, with very little knowledge about the way they work.
Markus, if that poor fellow scraped ill-protected content then this activity by no means qualifies as criminal: consider that Google, MS, Ask, Yahoo, etc, do it all the time. A crawler is like a blind person: if you keep the doors of your house open, he’d come in and you cannot blame him for doing that.
Traditionally a hacker is someone who is skilled at subverting technological systems and making them do things they were not originally designed to do.
http://wiki.answers.com/Q/What_does_hacker_mean
That’s what he did.
@Markus
He didn’t subvert the system in my opinion.
Mother Nature calls that survival of the fittest. He wasnt fit.
Hmm.. Visit http://www.crazyfun4m.co.cc
Hahahaha! That was a nice failure
no matter what the alleged hacks are ! This was a person first , and a hacker 2nd – some of your comments are sick – may he rest in peace +
“high profile HACK”?
Considering my information on that matter, that guy crawled all profile data being public on the VZ-networks. So it wasn’t a hack but more of a data collection.
What he was in jail for is that he tried to get some money out of his crawl which was prosecuted as a blackmailing.
He didnt hack into anything…
He accessed data that was available to everyone.
And that is where the VZ Group was really shitty about.
First saying:”He only did something that can be compared to copying a telephonebook.”
But then saying that he is the biggest scumbag of all and hacked into their systems and stole all data.
Copying open-accessable data is not a crime.
Without the whole blackmail thing, he would have done nothing wrong.
Btw: The Berlin administration actually do not report anymore when somebody in jail killed himself.
It was something like 10 people the last time they reported anything about it.
But now, they say it is for “privacy reasons”.
This is very sad. Hacking is so easy today and no data is secure at all. That is fact now. Hacking is a serious problem for private data holders and I can’t see how data can ever be kept private.
That’s not really true is it? Hacking hasn’t got any easier, there are just more sites and some still make mistakes. There’s plenty of secure data out there. Anyway, this wasn’t any kind of hack. and… “Without the whole blackmail thing, he would have done nothing wrong” – you could say that about any crime.
I want to agree to @what – he didn’t hack anything, he just build a spider who grabbed all kind of public profile data (politic interests, gender, realname, birthday and stuff).
the problem is, that other to facebook, the VZ makers aren’t focused on product design. they are more into getting money out of it. but that sounds quite reasonably for a company which did a 1:1 clone of the facebook version of 5 years ago and never put any creativity on their behalf into it.
luckily customers seem to realize, that facebook is the real marketleader and so it has become the fastest growing SN in germany. hopefully the days, in which ppl think facebook is the clone, will finally end soon.
That happened already yesterday…
not a hot failure … i came to know about it a few days back.
Oh my the sickos get everywhere. Poor guy
So are you going to start calling Facebook a Friendster and Classmates.com clone?
Nope – they just copied the idea – but studivz made a 1:1 copy and just changing the blue color into red. there are rumors that there was even remainings of the facebook code in studivz’s stylesheets.
It’s not the harvesting of data (whether it was hacked or just scraped). It’s the attempted extortion that got him into trouble. That he killed himself is not anything that can be blamed on the victim of the extortion attempt. They just did what any extortion victim is supposed to do – report it to the police. Sheesh.
@aardman: Not entirely true, if it was legally scraped data and he was simply selling it to the highest bidder then it was VZ fault for going to the police – who you naturally can’t expect to understand the technical difference between public and hacked data (and which HAS SUREL BEEN directly understood by VZ) – and getting him into a psychological situation where he killed himself. So in case it really was just a normal spider, then that would mean that VZ deliberately tried to make a person look like a criminal.
sad story
Have a look at the following (older) screenshots on why studiVZ could be called a facebook clone:
http://www.flickr.com/photos/16946748@N00/257274969
http://www.flickr.com/photos/bumi/285541845/
Hacker, lol.
The truth is that almost any site can be crawled, even Facebook. There is always going to be a security hole that can be exploited. Blackmailing is an issue, however!
europe is full of these clones
you must be a uni-browed JEW
yes its tragic, but its a big leap from their to sinister.
This is unfortunate, a tragedy