Quechup

From Wikipedia, the free encyclopedia

Quechup is a controversial social networking website that used automatic spamming of invitations to the entire list of e-mail addresses in the address book of people who signed up to their service.[1] These aggressive spamming activities generated a great deal of criticism,[2][3][4] and it was suggested that the Quechup.com website is just an e-mail address harvesting operation.[5] This unrestricted usage of harvested e-mail addresses was not specified in the Quechup privacy policy, which merely stated:

"You agree that we may use personally identifiable information about you to improve our marketing and promotional efforts, to analyse site usage, improve our content and product offerings, and customize our Site's content, layout, and services."[6]

The parent company of the Quechup operation is the Las Vegas-based web design company iDate.[7] This company has not apologised for what its users have seen as spamming and abuse of customer trust, but they have suspended this practice.[8]

In a public statement released on 17th September 2007,[9] iDate claimed that:

"We seem to have been accused of a number of things that simply aren't true, to my knowledge some aren't even possible. These have included sending viruses, forwarding people's passwords with invites, accessing someone's address book through a cookie when they chose not to check their address book. Clearly these wouldn't be beneficial to Quechup's service or the site's reputation,"

To address these accusations Quechup categorically states the following:

  1. The site does not send viruses or worms of any sort.
  2. Quechup does NOT save users' login or password details for any web mail address books checked, they are accessed once, and then only if provided by the user.
  3. Quechup does not send passwords with invite mails. Quechup's passwords use a strong 'one-way' encryption, which allows us to check if an entered value matches, but not to decrypt, making it impossible to send a member's password with an invite.
  4. Quechup does not spoof emails. Quechup clearly identifies itself as the origin of the email in the SENDER email header. Further Quechup uses SPF records and fully complies with Microsoft's Sender ID Framework for email authentication.

The Quechup spamming has encouraged calls for open authentication through an OpenID system such as Yahoo's BBauth, which would allow a user to grant limited access to their data without providing passwords directly to a website.[10]

[edit] References

  1. ^ Social network launches worldwide spam campaign E-consultancy.com, Accessed 10 September 2007
  2. ^ Quetchup spam The PC Doctor’s blog
  3. ^ Quechup Spam — addresses of parent corporation and attorneys Howard Rheingold, September 3rd, 2007, SmartMobs
  4. ^ Had an invite from Quechup? Jemima Kiss Digital Digest Monday September 10 2007 GuardianUnlimited, Accessed 10 September 2007
  5. ^ Quetchup = Kvetchup Saturday, September 1st, 2007 http://digitalflotsam.com/
  6. ^ Privacy policy quechup.com, Accessed 10 September 2007
  7. ^ iDate Products iDate Corporation, Accessed 10 September 2007
  8. ^ Do social network sites genuinely care about privacy? Charles Arthur The Guardian Thursday September 13 2007, Accessed 13 September 2007
  9. ^ The Quechup Social Networking Platform: IDate Corporation Updates Quechup's Address Book Feature Press release, Newbury - Berks - UK - 18 September 2007
  10. ^ OAuth: Open Authentication Comes Closer to Reality O'Reilly Radar Tuesday 09.25.07

[edit] External links