Ashley Madison 資料分析...

Ashley Madison 洩漏出來的資料拿來分析發現網站上根本沒有女性在使用:「Almost None of the Women in the Ashley Madison Database Ever Used the Site」。

作者分析以後發現 550 萬的女性使用者幾乎都是假的:

It isn’t even a sadscape of 31 million men competing to attract those 5.5 million women in the database. Instead, it’s like a science fictional future where every woman on Earth is dead, and some Dilbert-like engineer has replaced them with badly-designed robots.

純粹就性別欄位來看:

但如果把活躍度以及使用聊天功能的人數放進去,就呼應了作者的講法:

最後的說明:

Overall, the picture is grim indeed. Out of 5.5 million female accounts, roughly zero percent had ever shown any kind of activity at all, after the day they were created.

不過中間還有一段很重要,幾年前加拿大的前員工控訴 Ashley Madison 的工作環境很惡劣時提出來「偽造女性帳號」的事情:

A few years ago, a former employee of Ashley Madison sued the company in Canada over her terrible work conditions. She claimed that she’d gotten repetitive stress injuries in her hands after the company hired her to create 1,000 fake profiles of women in three months, written in Portuguese, to attract a Brazilian audience. The case was settled out of court, and Ashley Madison claimed that the woman never made any fake profiles.

接下來不知道還會有多少分析...

這次的 Ashley-Madison 資料外洩

在「Notes on the Ashley-Madison dump」這邊給了這次婚外情約會網站 Ashley Madison 資料外洩的註解,甚至還包括 BitTorrentmagnet:// 下載連結...

將近四千萬筆資料的資料外洩 (實際約三千六百萬),男性為大宗,約 28 million 是男性,5 million 女性 (依據 gender 欄位),有 2 million 無法確認。不過如果交叉比對信用卡資料,會發現只有男性付費:

It's heavily men. I count 28-million men to 5 million woman, according to the "gender" field in the database (with 2-million undetermined). However, glancing through the credit-card transactions, I find only male names.

另外是密碼儲存方式是 bcrypt

Passwords hashed with bcrypt. Almost all the records appear to be protected with bcrypt. This is a refreshing change. Most of the time when we see big sites hacked, the passwords are protected either poorly (with MD5) or not at all (in "clear text", so that they can be immediately used to hack people). Hackers will be able to "crack" many of these passwords when users chose weak ones, but users who strong passwords are safe.

整包是 9.7GB 的壓縮資料... FreeBuf.COM 也整理了一篇:「七夕将至,婚外情网站数据终于裸奔了」。