The FBI Has Stolen All Of Instapaper’s User Data And Some Of Its Codebase

<http://www.cultofmac.com/the-fbi-has-stolen-all-of-instapapers-user-data-and-some-of-its-codebase/102167>


On Tuesday, the FBI seized a number of servers from DigitalOne, a Swiss hosting company that leases blade servers from a Virginia datacenter. The FBI had a warrant for only one particular server, used by a fraudulent “scareware” distributor, but the FBI ended up taking a lot more servers than the one they were actually looking for, knocking several web sites offline in the process… and making off with nearly all of popular offline reading platform Instapaper‘s user data, some of its codebase and some password encryption keys in the process.


Instapaper developer Marco Arment says that even though he had backups in place that prevented the Instapaper service from going offline entirely, by making off with the Instapaper server, the FBI has “illegal possession of nearly all of Instapaper’s data and a moderate portion of its codebase.”

That data includes a complete list of users, all of their email addresses, any non-deleted bookmarks, and salted SHA-1 hashes of passwords (which should be relatively safe, according to Arment). If you use Pinboard with Instapaper, though, your plaintext username and encrypted password is now in the hands of the FBI… and the encryption key is also with them, courtesy of the Instapaper source code.

... They crashed a Ferrari and refused to do anything about it.

Anything private stored in the cloud needs to be encrypted on your local computer, with keys stored only on your local computer.

Else you can just count the hours until someone will have a copy of it. Maybe with your knowledge, often without.