Yesterday, a user post on Howard Forums (one of the largest and oldest mobile phone web sites) triggered quite the reaction by MobiTV, a company that offers a variety of media content like live television and digital music services over mobile and broadband networks. The post in question contained links that could give anyone access to the MobiTV services. The rub is that MobiTV offers these as commercial services that people are supposed to pay for.
Citing infringement of its intellectual property, MobiTV sent Howard Forums cease and desist letters and then threatened to have the site shut down if the posts in question were not removed. But there was one small catch: The MobiTV links were available without any protection and were simply stored in ASCII files. No one hacked into the site or had to decrypt the files, all one had to do was open a plain text file.
Fortunately, reason has prevailed and MobiTV president Paul Scanlan and Howard Forums owner Howard Chui were able to resolve the issue. In the end, Scanlan wrote to Chui:
Please know that our first priority is always to fix any security issues with our system and we’re doing that. Additionally, we also have a responsibility to our content and carrier partners to reduce the impact of any breaches to the system once they occur and that was really the basis for the correspondence you had with our legal team.
Instead of getting lawyers involved and letting this escalate as it did yesterday, MobiTV should have recognized that it needs to take another look at the security (or lack thereof) used to manage its paid services.