Security experts divided on ethics of Facebook’s password purchases

Last week, Facebook CSO Alex Stamos told conference attendees in Lisbon that the company buys stolen passwords on the black market, and some security experts are questioning the ethics and benefits of this approach.

“Paying for stolen passwords only reinforces the criminal business model and further encourages hackers to steal passwords,” said Amichai Shulman, founder and CTO at Redwood Shores, Calif.-based security vendor Imperva, Inc.

Paying off hackers has other consequences as well.

“You don’t know where that money’s going to go,” said Javvad Malik, security advocate at San Mateo, Calif.-based AlienVault, Inc.. “That money is likely to go towards funding more criminal activity.”

To read this article in full or to leave a comment, please click here