The FBI Has Stolen All Of Instapaper’s User Data And Some Of Its Codebase

By

fbipuertoricoraida060210

On Tuesday, the FBI seized a number of servers from DigitalOne, a Swiss hosting company that leases blade servers from a Virginia datacenter. The FBI had a warrant for only one particular server, used by a fraudulent “scareware” distributor, but the FBI ended up taking a lot more servers than the one they were actually looking for, knocking several web sites offline in the process… and making off with nearly all of popular offline reading platform Instapaper‘s user data, some of its codebase and some password encryption keys in the process.

Instapaper developer Marco Arment says that even though he had backups in place that prevented the Instapaper service from going offline entirely, by making off with the Instapaper server, the FBI has “illegal possession of nearly all of Instapaper’s data and a moderate portion of its codebase.”

That data includes a complete list of users, all of their email addresses, any non-deleted bookmarks, and salted SHA-1 hashes of passwords (which should be relatively safe, according to Arment). If you use Pinboard with Instapaper, though, your plaintext username and encrypted password is now in the hands of the FBI… and the encryption key is also with them, courtesy of the Instapaper source code.

Worse? It doesn’t look likely that Instapaper will ever get any of this information back, at least from where Arment is sitting.

Given the massive attacks of hacker groups over the last couple of weeks, it seems ironic that the FBI is the latest group to compromise users security. Depending on how distrustful of the government you are, you may feel very safe that the FBI has your Instapaper data, or very, very nervous.

Either way, if you use your Instapaper logins at any other sites, now might be the time to change them. Given the number of hacking attacks in recent months, it just makes sense to minimize your vulnerability and use different passwords and logins at different sites.

Newsletters

Daily round-ups or a weekly refresher, straight from Cult of Mac to your inbox.

  • The Weekender

    The week's best Apple news, reviews and how-tos from Cult of Mac, every Saturday morning. Our readers say: "Thank you guys for always posting cool stuff" -- Vaughn Nevins. "Very informative" -- Kenly Xavier.