Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Privacy Flaws In Chatroulette Expose Users

CmdrTaco posted more than 4 years ago | from the users-exposed-themselves-just-fine dept.

Privacy 101

itwbennett writes "In a paper posted online this week, researchers from the University of Colorado at Boulder and McGill University outline three different types of attacks that could be launched against Chatroulette users. While the new research doesn't expose any gaping privacy holes, it does show how the service could be misused by determined criminals. For example, the researchers were able to use IP-mapping services to get a general idea of users' location (a public Web site, called Chatroulettemap.com already does this). Then by searching Facebook using information obtained in chats and comparing pictures, researchers were able to identify chatters. 'Even in a city as big as Chicago, you can drill down and find the person you're actually talking to,' said Richard Han, an associate professor with the University of Colorado who co-authored the paper."

Sorry! There are no comments related to the filter you selected.

No No No No No (5, Funny)

eldavojohn (898314) | more than 4 years ago | (#32902210)

Privacy Flaws In Chatroulette Expose Users

Trust me, on Chatroulette it's the users that have been exposing themselves.

Re:No No No No No (5, Funny)

jmerlin (1010641) | more than 4 years ago | (#32902342)

This brings a whole new meaning to the word "gaping privacy holes."

Re:No No No No No (2, Insightful)

Jesus IS the Devil (317662) | more than 4 years ago | (#32903002)

Mr. Goatse hasn't been seen on /. in YEARS...

Re:No No No No No (0)

Anonymous Coward | more than 4 years ago | (#32903918)

no it was in goatkcd
I still have nightmare about this

Re:No No No No No (1)

roman_mir (125474) | more than 4 years ago | (#32906904)

Yeah, if you expose them in public (and the Internet is in public) then the those are no longer your 'private', but instead they are your 'public' holes. There are quite a few.

Re:No No No No No (0)

Anonymous Coward | more than 4 years ago | (#32902428)

Trust me, on Chatroulette it's the users that have been exposing themselves.

That's true in most places, yes. According to the article, the issue is only known to occur in Soviet Russia.

Re:No No No No No (0)

Anonymous Coward | more than 4 years ago | (#32906166)

... in Soviet Russia, penis exposes you?

Re:No No No No No (0)

Anonymous Coward | more than 4 years ago | (#32906246)

Well played, good sir!

Re:No No No No No (1, Funny)

Anonymous Coward | more than 4 years ago | (#32902524)

Hehe he said "drill down" hehe.

Re:No No No No No (5, Funny)

Anonymous Coward | more than 4 years ago | (#32902966)

I was visiting a friend of mine in San Fran a few months ago. He got a new Apple laptop, so he was showing it to me. We tried out Chatroulette briefly, and the third session ended up being a close-up of some guy touching his penis. The first thing my friend wrote was "Jim, is that you? It's Freddy."

My friend recognized the other guy by his penis. Turns out they knew each other from a gym they both went to, where they'd seen other naked in the showers. They both thought it was a really funny coincidence to meet on Chatroulette like that.

Re:No No No No No (4, Insightful)

PitaBred (632671) | more than 4 years ago | (#32903544)

Even if they're gay which would give you an excuse for recognizing another man's penis, that's disturbing in many ways.

Re:No No No No No (0)

Anonymous Coward | more than 4 years ago | (#32905234)

He got a new Apple laptop...

Even if they're gay...

Was there even really any question about that?

Re:No No No No No (1)

wtfmang! (1850368) | more than 4 years ago | (#32910280)

that was clearly a troll, plz refrain from posting on slashdot for 30 days for failing to notice this fact.

Kill yourself (0, Flamebait)

initialE (758110) | more than 4 years ago | (#32908312)

Your friend is a gay apple fanboy that goes on Chatroulette, and he enjoys seeing penises on the internet, never mind that he can recognize one immediately by the shape, color or size.

Re:No No No No No (1)

amoeba1911 (978485) | more than 4 years ago | (#32909168)

Fred: Hey Jim! Long time no see! Remember me from gym class?
Jim: Hmmm... no, I don't recall. What do you look like?
Fred: *unzips pants and lets the snake loose*
Jim: Ah, Fred! I remember now, it's good to see you again.

Re:No No No No No (0)

Anonymous Coward | more than 4 years ago | (#32910204)

You believed that line???

Given the differences between a flaccid penis and an erect one, your friend had exposure to that penis erect. This exposure may have been in the showers, but wasn't likely from showering.

Re:No No No No No (0, Redundant)

funaho (42567) | more than 4 years ago | (#32902988)

Trust me, on Chatroulette it's the users that have been exposing themselves.

This is exactly the thought that came into my head after reading the headline.

Re:No No No No No (0)

Anonymous Coward | more than 4 years ago | (#32904382)

This is exactly the thought that came into my head after reading the headline.

Me too, because I read the "from the users-exposed-themselves-just-fine dept." byline.

Re:No No No No No (2, Funny)

vxice (1690200) | more than 4 years ago | (#32903060)

I'm guessing they cross reference the video of your genitals to the picture of your genitals on adultfriendfinder.com for a start on identifying person.

Re:No No No No No (1)

maxume (22995) | more than 4 years ago | (#32903888)

As if any of the pics on adult friend finder are real.

Re:No No No No No (1)

spazdor (902907) | more than 4 years ago | (#32904414)

As if there are any women on that site at all except for the ones whose photos they paid to use.

Re:No No No No No (0)

Anonymous Coward | more than 4 years ago | (#32904518)

As if they paid any women at all for those photos.

Re:No No No No No (0)

Anonymous Coward | more than 4 years ago | (#32904876)

As a creepy stalker guy, I can verify that some of them are real.

Re:No No No No No (1)

Xyrus (755017) | more than 4 years ago | (#32903572)

In other news, ChatRoulette is looking for a new name. Some of the top contenders are:

BouncyPenis
FindAFap
PervertLottery

And...

INeverKnewYouCouldDoThatWithAHamster

Goatse and Tubgirl are also falling from fame as lolcatz and trolls everywhere now just link to ChatRoulette. More after we come back from commercial.

Re:No No No No No (1)

Alizarin Erythrosin (457981) | more than 4 years ago | (#32903910)

Exactly... In true FTFY form:

Even in a city as big as Chicago, you can drill down and find the penis you're actually looking at

Won't work all the time... (5, Funny)

Bryansix (761547) | more than 4 years ago | (#32902268)

For one simple reason. Facebook does not let you set your profile picture to a shot of your genitals.

Re:Won't work all the time... (0)

Anonymous Coward | more than 4 years ago | (#32904030)

How's about a banana and 2 kiwi's?

Re:Won't work all the time... (3, Funny)

mobby_6kl (668092) | more than 4 years ago | (#32904384)

Maybe not, but facebook does let you search by email addresses [chatroulettefunny.com] !

Re:Won't work all the time... (0)

Anonymous Coward | more than 4 years ago | (#32910982)

I does however let someone change your account profile picture to goatse.

Trust me my brother never should have messed with the it geek :)

This is news? (1, Funny)

Hoi Polloi (522990) | more than 4 years ago | (#32902302)

So the security flaw is that by asking someone for personal information you can obtain personal information about them? This is called social engineering (or maybe just talking).

Not sure what you'd do with this anyway, go meet that masturbator you saw online?

Re:This is news? (2, Interesting)

socz (1057222) | more than 4 years ago | (#32902368)

Why make it so complicated and give it a fancy name? Here's the summed up version: "ASL?" What else do I need to know?

Re:This is news? (2, Funny)

Haffner (1349071) | more than 4 years ago | (#32902440)

In another paper posted online this week from the University of Colorado at Boulder, my hand hurts when I poke it with something sharp.

Researchers found new feature (3, Funny)

iamhassi (659463) | more than 4 years ago | (#32902972)

"... researchers were able to use IP-mapping services to get a general idea of user's location... Chatroulette is now testing a new feature called Localroulette, which connects people from specific cities with one another."

Congratulations researchers, you've discovered chatroulette's new features.

Please tell me taxpayers didn't pay for this research :( "... researchers from the University of Colorado at Boulder and McGill University ..."

DOH!

they weren't researching anything, network admin probably noticed IP logs of them spending all day on chatroulette [gizmodo.com] and they had to come up with some excuse.

*phone rings*
Person answering: Hello?
Admin: is this the research office of (BLANK)?
"Researcher": Yes it is
Admin: I'm the network admin for (insert "prestigious" university) and we've noticed someone in your office has spent the last 4 months on a website by the name of "chatroulette". Do you know anything about this?
"Researcher": Um.... what's the website?
Admin: Chatroulette
"Researcher": ..... no, no doesn't ring a bell
Admin: Well if you notice anyone please let us know. The website is known for inappropriate content (NSFW) [buzzhunt.co.uk] and we'll be monitoring the PC logins of the individuals and alert campus security once we know who is visiting the website.
"Researcher": OH Chatroulette! Oh yes I'm very familiar with that website, we're researching it
Admin: Research?
"Researcher": Yes research. We're... um, "probing" it's vulnerabilities, looking for "gaping holes" that "expose" users (chuckle)
Admin: gaping holes?
"Researcher": smiling Yes gaping holes... in security
Admin: Oh i see... well thank you for letting me know, I'll note this in the logs
"Researcher": You do that, have a good afternoon
Admin: You too

For those not stupid enough to know: (3, Interesting)

Saysys (976276) | more than 4 years ago | (#32902328)

"Chatroulette is a website that pairs random strangers from around the world together for webcam-based conversations. Visitors to the website randomly begin an online chat (video, audio and text) with another visitor. At any point, either user may leave the current chat by initiating another random connection. As of July 11 the site is offering an experimental "localized" version which pairs people by state". -wikipedia

So 1.) people find each-other intentional and 2.) "using information obtained in chats" I can get you SSN... if you tell me.

Literal nothing worthy of note in this research folks... move on.

Re:For those not stupid enough to know: (2, Informative)

ByOhTek (1181381) | more than 4 years ago | (#32902390)

Actually, if you RTFS, it's more along the line of combining the IP address of the other party, and the picture to narrow down who/where.

I think they are missing the bigger flaw here. Flash, or even worse, peer-to-peer flash...

Re:For those not stupid enough to know: (2, Informative)

Restil (31903) | more than 4 years ago | (#32902480)

I can always sniff out the ip address of the host I'm communicating with, even if all of the data is encrypted. The only way to prevent that is to run all of the data (video, audio, and text) through a central server (or multiple central servers) or some type of proxy. The point is, someone is going to have to pay for a huge amount of bandwidth, as opposed to the way it works now where all the main server has to do is arrange the connections.

-Restil

Re:For those not stupid enough to know: (0)

Anonymous Coward | more than 4 years ago | (#32903948)

I think they are missing the bigger flaw here. Flash, or even worse, peer-to-peer flash...

From what I understand, there's already quite a bit of Flashing going on. And yes, it's mostly guys showing their pee-ers.

Re:For those not stupid enough to know: (1)

The Wild Norseman (1404891) | more than 4 years ago | (#32908076)

And yes, it's mostly guys showing their pee-ers.

So you're saying it's a Pee-er to Pee-er network?

Question about chatroulette (4, Interesting)

Pojut (1027544) | more than 4 years ago | (#32902382)

Has anyone ever used it and engaged in an interesting conversation with a person who became a regular point of contact? Or is it all just penises and overweight bald guys?

Re:Question about chatroulette (4, Funny)

nozzo (851371) | more than 4 years ago | (#32902534)

Yeah I did but all he wanted to talk about was penises and overweight bald guys so I stopped it.

Re:Question about chatroulette (0)

decipher_saint (72686) | more than 4 years ago | (#32902538)

Everyone on the 'net is either a dick or an overweight bald guy. Chatroulette just exposes this fact.

Whoa there (0)

Anonymous Coward | more than 4 years ago | (#32902754)

I am not bald.

Re:Whoa there (0)

Anonymous Coward | more than 4 years ago | (#32904138)

What a dick.

Re:Whoa there (0)

Anonymous Coward | more than 4 years ago | (#32909834)

Thats what your Momma said

Re:Question about chatroulette (1)

Restil (31903) | more than 4 years ago | (#32902542)

There's always Merton [youtube.com] . And Ben Folds imitating him. But otherwise, you're pretty spot-on.

-Restil

Re:Question about chatroulette (2, Funny)

Drakkenmensch (1255800) | more than 4 years ago | (#32902582)

Has anyone ever used it and engaged in an interesting conversation with a person who became a regular point of contact? Or is it all just penises and overweight bald guys?

Who says it can't be both?

Re:Question about chatroulette (1)

StikyPad (445176) | more than 4 years ago | (#32902814)

To be fair, I'm sure he didn't mean to imply that penises and overweight bald guys were mutually exclusive.

Re:Question about chatroulette (1)

Abstrackt (609015) | more than 4 years ago | (#32911810)

Has anyone ever used it and engaged in an interesting conversation with a person who became a regular point of contact? Or is it all just penises and overweight bald guys?

Who says it can't be both?

Trying to start a genital origami club eh?

Re:Question about chatroulette (1, Informative)

Anonymous Coward | more than 4 years ago | (#32902732)

No regular point of contact, but I have had interesting conversations with some people the 2-3 nights I tried it. It's also fun just to mess around telling bullshit. Just innocent, maybe PG-13 bullshit, nothing offensive or related to genitals. :)

You've probably seen videos of that piano-singer guy on chatroulette. There are genuine, nice and fun people too on it. Well there used to be at least, it may have (and probably has) degenerated...

Re:Question about chatroulette (0)

Anonymous Coward | more than 4 years ago | (#32902938)

I believe the correct term is "penes".

Re:Question about chatroulette (0)

Anonymous Coward | more than 4 years ago | (#32902994)

This is an important note for all overweight or bald people, these qualities make you as attractive as a penis.

Yes (3, Interesting)

axl917 (1542205) | more than 4 years ago | (#32903328)

I still talk to a girl in Sicily I ran into on roulette a few months ago. It is rare, but you can find normal people there.

Re:Yes (2, Funny)

wjousts (1529427) | more than 4 years ago | (#32905604)

Unfortunately, when asked, she said it's just overweight bald guys and penis'

Re:Question about chatroulette (0)

Anonymous Coward | more than 4 years ago | (#32903474)

I still talk to someone from omegle, which is what people used before chatroulette.

I think a better question is how many heterosexual people bother to talk to someone from the same sex on a site like that? Even if you arent there for romantic interests, it seems everyone I know (myself included) just skips their own gender.

Re:Question about chatroulette (1)

Rude Turnip (49495) | more than 4 years ago | (#32903602)

I like to advertise my shirt designs. I'll set my camera on a printout with a design and a comment like "Put some clothes on. Get this shirt for $10" and let it sit all day. There is no way to put hyperlinks in, of course, so I just have the URL typed out on the sheet of paper.

Re:Question about chatroulette (1)

Yvan256 (722131) | more than 4 years ago | (#32903846)

"If you want to find quality friends on chatroulette you have to wade through all the dicks first." - Cartman

Re:Question about chatroulette (3, Funny)

dr_dank (472072) | more than 4 years ago | (#32903874)

It's penises all the way down.

Re:Question about chatroulette (1)

Myu (823582) | more than 4 years ago | (#32906094)

Some of them looked pretty up to me.

Re:Question about chatroulette (0)

Anonymous Coward | more than 4 years ago | (#32906732)

It's penises all the way down.

No, you definitely have that direction backward.

Re:Question about chatroulette (1)

RJFerret (1279530) | more than 4 years ago | (#32908476)

Hmm, who would look for a conversation on ChatRoulette? But I can attest it's not all penises and bald guys, there are also vaginas and bare girls (both recorded and live).

It helps if you go on as a couple, or if you are female, as this guy found out: explanation video [vimeo.com]

Hope it's not as exposed as Goat.cx (0)

Anonymous Coward | more than 4 years ago | (#32902396)

That is one ugly exposure !! EEuh

Re:Hope it's not as exposed as Goat.cx (0)

Anonymous Coward | more than 4 years ago | (#32902662)

Yeah, I keep finding users in the Christmas Islands. It's really odd.

jeez, you nerds! (0)

Anonymous Coward | more than 4 years ago | (#32902430)

Omg omg omg! I'm having a face to face chat with someone, but - I can find out who they are!

Re:jeez, you nerds! (0)

Anonymous Coward | more than 4 years ago | (#32905438)

Omg omg omg! I'm having a face to penis chat with someone, but - I can find out who they are!

FTFY.

Um, OK. (5, Funny)

pushing-robot (1037830) | more than 4 years ago | (#32902452)

Next article: Privacy flaws In Public Streaking Expose Users

Nothing New (3, Informative)

Ziekheid (1427027) | more than 4 years ago | (#32902506)

At least 2 of the 3 things mentioned in the paper can be done on ANY cam site (blogtv, ustream, tinychat, etc).
It's truly ridiculous to only mention Chatroulette here and I don't consider any of the things mentioned a real security flaw. 4chan has been "exploiting" these sites for years already, it's nothing new.

Re:Nothing New (0, Offtopic)

socz (1057222) | more than 4 years ago | (#32902638)

It's just like the evening news talking about closing down websites that help promote piracy. I always wondered: "why don't they talk about rapidshare, IRC and newsgroups?" Seriously, there's WAY better ways to obtain things than downloading from a website (ddl) or torrent (p2p).

Maybe if we blew this up, we'd bring more attention (of regulators), but the masses would also be like ohhhhhhhhh!

Re:Nothing New (-1, Troll)

Darkness404 (1287218) | more than 4 years ago | (#32902964)

Because with Rapidshare you get what? 2 KB/Sec downloads compared to the 200 KB/Sec you can get from a good website and faster for torrents.

And with IRC and Newsgroups it is a lot harder to find what you want for the average user.

Re:Nothing New (0)

Anonymous Coward | more than 4 years ago | (#32903066)

How is parent not at -1 Troll yet?

Re:Nothing New (0)

Anonymous Coward | more than 4 years ago | (#32902948)

I guess it's because Chatroulette has some notoriety and maybe the researchers wanted to give people yet another reason not to use it. Sort of a "if you're stupid enough to use Chatroulette, here's what can happen" warning.

researchers? (2, Funny)

z-j-y (1056250) | more than 4 years ago | (#32902790)

researchers in universities are seriously out of ideas of what to research

Re:researchers? (3, Informative)

Rijnzael (1294596) | more than 4 years ago | (#32904046)

I'm actually a CU-Boulder student and had a class with Han last semester. He's a great prof and really cares about the students' understanding. I was surprised to see that he put out research on something so common-knowledge; "Oh once you have a picture of someone you can look for another picture that looks like it and you know you've found your target". He's more of an operating systems/networking kind of guy. This just seems like fluff research to keep the department chair happy while he actually does his teaching and "real" research. Academia has this tendency to prioritize quality over quantity, and I think this provides an example of the pressures even good profs feel from the top re: publishing.

Re:researchers? (1)

caffeinemessiah (918089) | more than 4 years ago | (#32905656)

He's more of an operating systems/networking kind of guy. This just seems like fluff research to keep the department chair happy while he actually does his teaching and "real" research. Academia has this tendency to prioritize quality over quantity, and I think this provides an example of the pressures even good profs feel from the top re: publishing.

That's a very generous assessment. Obviously, I don't know the guy, but another possible hypothesis is that he's made the oft-repeated mistake of an expert outside his own field, who thinks he's also good enough to be an expert in another field. Academia is chock full of this -- having a good publishing record in one field tends to inflate one's ego, and can frequently lead to moronic research in even a closely related field.

I'm thinking of you, "obesity spreads through a social network" guy, who is actually a political scientist.

Drilling Down (1)

derrickh (157646) | more than 4 years ago | (#32902846)

I wasnt aware that enough people posted pictures of their genitalia on Facebook to make accurate comparisons with Chatroulette. I stand corrected.

D

Misleading title (-1, Redundant)

gregulator (756993) | more than 4 years ago | (#32902862)

Privacy Flaws In Chatroulette Expose Users? No... I am pretty sure the users expose themselves. (mod me redundant.)

Re:Misleading title (0, Redundant)

a_nonamiss (743253) | more than 4 years ago | (#32903008)

Additionally, you should be modded redundant.

Shocking revelation (1)

shutdown -p now (807394) | more than 4 years ago | (#32902890)

Exposing your face and allowing it to be recorded can lead to your identification! Who knew?

Re:Shocking revelation (1)

rwade (131726) | more than 4 years ago | (#32904082)

Yeah, great point. I thought the point of Chatroulette was to engage people -- if you're engaging them and telling them things about you that can be used in searching for your profile on facebook, well...my point is -- how is that a privacy flaw in Chatroulette? Chatroulette discloses three things:

1) Your city

2) What you look like

3) What you say

#1 is not enough on its own to identify you. #1 & #2 is not enough on its own to find your name on facebook. #3 is the smoking gun, apparently -- however, Chatroulette has nothing to do with that. What you say is up to you.

All I did was (1)

bigfootchick (1855082) | more than 4 years ago | (#32902934)

All I did was /whois USERNAME and I got all their details. Another trick I use is google their name on Facebook. Or lookup FourSquare. :)

gaping privacy holes? (2, Funny)

ThisIsAnonymous (1146121) | more than 4 years ago | (#32902974)

gaping privacy holes

Why would that phrase ever be used when discussing Chatroulette.

Dupe? (3, Informative)

MonsterTrimble (1205334) | more than 4 years ago | (#32903042)

I thought this was the exact issue the U.S. miltary had when they had soldiers posting geotagged pictures to facebook which identified where they were in Afghanistan. Same idea - people, given a few small details, can very easily find out about you by the use of Google.

Back when I was in first year university (1996) it was still pretty wild west on the internet. I was talking to a friend who I had never given any of my real details (name, address, etc) when she popped up and asked if I went to AMHS (my high school). After picking my jaw off the floor I found out that I had mistakenly forwarded them an E-mail which I had originally forwarded from my school account to my hotmail account. They found the e-mail address, and googled it. It was all laid out there on the Universities' website.

Re:Dupe? (1)

RollingThunder (88952) | more than 4 years ago | (#32903362)

I believe the Facebook issue is fairly different. In that case, it's not Facebook doing the geotagging, it's fancy new cameras (often built in to smartphones) that tag the image file itself with the location, as best as the camera can determine it at the time. Facebook then just makes that metadata easily available.

In this situation, it's the obvious problem of a peer-to-peer connection, namely that each peer knows the other's IP address, and from that you can start to narrow down a location, often fairly precisely.

Re:Dupe? (1)

ottothecow (600101) | more than 4 years ago | (#32903652)

I thought facebook stripped all metadata?

When you upload a photo to facebook, it is heavily compressed into a few stock sizes. The focus on compression to speed things up and save bandwidth is probably at the point of removing the few bytes taken by even the most basic EXIF data...facebook photo can be flipped through incredibly quickly (due to optimization and preloading). I am sure they keep that data stored safely away somewhere (and may someday add the ability to view it), but it certainly isn't in the pictures they actually serve up.

Re:Dupe? (1)

RollingThunder (88952) | more than 4 years ago | (#32905554)

That's a very good question, I'll have to experiment.

Re:Dupe? (1)

ceoyoyo (59147) | more than 4 years ago | (#32903966)

Giving away your location by posting your GPS coordinates is slightly different than giving away your location by having someone analyze your IP and a picture of you.

Your story... (1)

N0Man74 (1620447) | more than 4 years ago | (#32905616)

Your story reminded me of an experience I had back around that same time period ('96 or '97), when ICQ was fairly new and I was in my last year of college.

My sister spent a lot of time on ICQ and made a few friends. Apparently some guy on there used what little information she had shared with him (I don't know exactly what that was) and was able to put together enough information on her to figure out exactly where she lived. Soon after, he made some some thinly veiled threats to show up at her home and possibly cause her and her son harm. She was concerned, so she came to me.

I took little information that she could provide me with about him (along with his IP), and managed to determine not only what his real name, but also his place of employment, names and e-mail addresses of members of management at his company, and determined that he had sent these threats to my sister from his work computer during work hours.

He was in another country (Canada), so I doubted he was a real threat to her, but management at that company still was not happy to hear about this guy's behavior when I reported it to them.

Re:Dupe? (0)

Anonymous Coward | more than 4 years ago | (#32911326)

They found the e-mail address, and googled it.

Don't you mean, AltaVistaed it?

Re:Dupe? (1)

enjar (249223) | more than 4 years ago | (#32912034)

If someone Googled something in 1996 they would have access to time travel. Just sayin ...

What a waste of everyone's time (0)

Anonymous Coward | more than 4 years ago | (#32903084)

1) Guys pretending to be women
2) Using IP addresses to find a general location
3) Finding someone on Facebook based on their interests

How are any of these things new?

Those aren't flaws (2, Interesting)

Graham J - XVI (1076671) | more than 4 years ago | (#32903472)

Nothing mentioned in TFA is a flaw with Chatroulette, they're simply byproducts of this type of communication. If I printed a picture of myself and stapled it to a telephone pole someone could possibly identify me and try to scam me, too. Does this mean telephone poles have flaws?

Re:Those aren't flaws (1)

amoeba1911 (978485) | more than 4 years ago | (#32909194)

Slashdot Your Rights Online Story | Privacy Flaws in Telephone Poles Expose Users

People are still using Chatroulette? (2, Insightful)

Hell0W0rld (1315765) | more than 4 years ago | (#32904814)

I thought this was only made for some /b/tards and bored journalists.

I hate to be all Captain Obvious on you, but... (2, Interesting)

TheABomb (180342) | more than 4 years ago | (#32905768)

When you plug in a camera, sit down in front of said camera, and broadcast said camera to random strangers, the very notion of a "privacy flaw" becomes moot.

Are you kidding me? (2, Insightful)

BitterOak (537666) | more than 4 years ago | (#32905824)

Privacy flaws in Chatroulette? Based on what I've seen on Chatroulette, these are not people who care much about privacy!

title formulated for maximum comment count (1)

xmousex (661995) | more than 4 years ago | (#32905844)

in before a million comments about 'exposing' ...too late

ho8o (-1, Flamebait)

Anonymous Coward | more than 4 years ago | (#32906082)

be fun. It used To survive at Aal The mobo blew you to join the have an IRC client against vigorous be 'very poorly

MiTM attack (0)

Anonymous Coward | more than 4 years ago | (#32909442)

I performed a dead-simple MITM on ChatRoulette. Take two different virtual webcam programs. Open two browser windows. Set it up so browser window A is using a "webcam" that's actually a live screen capture of the other person in browser window B, and vice versa. It's crappily slow, and it doesn't forward chats. The chat forwarding could be easily automated with AutoHotKey. I just forwarded it by hand with copy and paste if it seemed interesting. Plus you can inject your own comments if you want which is fun.

How is this news? (1)

Lando (9348) | more than 4 years ago | (#32910034)

Ummm, gee it's simple enough to get someone's facebook account. I generally do it by saying, "What's your facebook account?" How is this a security flaw?

Shock horror. (1)

vegiVamp (518171) | more than 4 years ago | (#32910978)

IP can be used to track area.

Social engineering can provide you with people's details.

Film at eleven.

Quick ! (1)

vegiVamp (518171) | more than 4 years ago | (#32910988)

Someone notify CmdrTaco that kdawson got a hold of his password.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?