Slashdot Mirror
Parents To Block Kids From Joining MySpace
Reservoir Hill writes "A New York Times blog notes that attorneys general of 49 states are announcing a partnership with MySpace to fight sexual predators on social networks by letting parents submit the e-mail addresses of their children, so the company can prevent anyone from using that address to set up a profile. MySpace will also set up a 'closed' section for users under age 18 so only their established online friends can visit their pages. MySpace also promises to hire a contractor to identify and delete pornographic images on the site. 'This set of principles is a landmark and milestone because it involves an acknowledgment of the importance of age and identity authentication,' said Connecticut attorney General Richard Blumenthal." Blumenthal also actually said "If we can put a man on the moon..."
Really.. When I was younger I told my parents what all my email addresses were, and I would never have created a new hotmail, etc address without telling them......
Someone needs a dose of reality.
I'm wondering just which state is not taking part in this scheme? And could kids just claim to be from there to avoid the list.
Considering Phlebas, whoever the hell he is.
This isnt about providing real security. Its about myspace getting some publicity and paying lip service to doing the right thing. Its more symbolic than anything. Sure, people will still get around it, but myspace will be able to say "hey, we are doing our best to stop them".
So, in security, we have this notion called an "attack tree". Let's suppose you want to stop someone from stealing your family jewels. You put the in a safe, and all is well, right? Well... maybe not. We create this tree, where the root is "steal the jewels", and the children under the root are various ways you might accomplish this ("Use a key to open the safe", "Drill out the hinges on the safe", "Create hole in safe"). And each of these nodes can be divided out further into more children, so to use a key for example, you either need to steal a key, or be one of the people who has a legitimate use for the key, or be the locksmith who installed the lock.
Similarly, if the attackers goal is "molest my children", then you have an attack tree that might have "hang out by the school", or "give candy full of drugs", and so forth. "Lure children on the internet" is one child of that tree, and "lure children using MySpace" would be a subchild.
For each of these nodes, there's a cost associated with fixing the problem. Ideally, you fix the problem right at the top of the tree, so for example we could make sure our keys are only given to a select group of people whom we trust, that our keys are locked securely in other safes (excepting the obvious recursion problem), and kill the locksmith. OR, we could go up one node in the tree, and eliminate the key altogether, and use an electronic keypad with a user definable code, which neatly solves the entire problems of keys.
Similarly, we can do some sort of bizzare and flawed attempt to do age verification using email addresses to stop pervs on MySpace (How do we stop kids from creating multiple accounts? How do we know the parents are the ones submitting the email address and not a malicious party intent on removing a MySpace page?), and we can implement the same system on all the social networking sites, and all the online games, and all the other online communications systems in the world, effectively black-holing our children and removing them from this filthy online world... Or, we could go up one node in the tree, and tell our kids "Don't go visit weirdos on the internet without telling us first", just like we tell our kids "Don't take candy from strangers", and "Don't get into cars with people you don't know".
Not to say that we can't take steps at multiple levels in the tree; I just think there are steps we could take which are more effective.