Is anyone else having fun with the news of the recent grumblings over at Plenty of Fish and this security hole? I'm having a hell of a fun time with the story myself. On the one hand PoF founder, Markus Frind, is stating that Argentinian Hacker, Chris Russo (who describes himself as an ethical hacker) attempted to extort him into hiring him for his security services to fix “hole” in the site that would allow one to steal user information. You can read Frind's bizarre tale here, on his blog.
From Russo's side he says he found a security hole in the site and attempted to create a proof of concept and notify Markus Frind of the breach. I'm not sure that Russo's method was all that smart: “Hey Markus, I just broke your “sh$t” by stealing this information.” I'd be pretty upset myself. There's a right way and a wrong way to do things. A security expert, Brian Krebs, also demo'd the security hole for Frind and you can find his side of the story here.
Dr. House sagely offers this bit of wisdom: “Everybody lies.” I think someone's lying here and I'm thinking it's Frind who lied about Plenty of Fish's security breach. However, you gotta draw your own conclusions. Take a look at the blog posts and decide for yourself.
Do you think the security hole was a bigger deal than Markus Frind was making it out to be? Do you think your account info was exposed?