Thursday, April 5, 2007 message on APG regarding use at LDS libraries

Thank you to the alert Ancestry employee who alerted me to this recent post on the APG mailing list.

From: On Behalf Of Suzanne Russo Adams
Sent: Thursday, April 05, 2007 12:23 PM
Subject: Re: [APG] blocked at LDS libraries

Dear Colleagues,

The Family History Library and have used IP authentication for several years to help manage the access to the experience to the library. Since Ancestry and the FHL started using IP authentication several years ago, patrons at the Family History Library have not been able to use their own personal accounts on With the changes in the FHL access to effective on Monday, this has become more of an issue than it was in the past.

Ancestry learned a few days ago that patrons at the Family History Library had inadvertently used a deep link into to bypass the IP authentication that made the computer unable to log out of a personal account, even if the user wanted to, creating a security risk. Ancestry closed that hole to protect our site security and customer privacy. Shutting down the deep link log in function on the FHL computers was not a direct or an intentional ploy to upset current subscribers.

Ancestry and the FHL are currently exploring solutions to allow people to gain access to their personal accounts at the Family History Library while still protecting the privacy of customers. Rest assured that we (Ancestry and the FHL) are working on a resolution--but there is not yet a timetable for its completion.

Professional Services Desk Manager
Part of The Generations Network

You know things have gotten Ancestry's attention when they make a public pronouncement!

I've gotten a lot of information on this issue from inside Ancestry. It turns out what they're saying about customer privacy is true. When you used the hack to login to your personal account at the Salt Lake Family History Library (FHL), the cookies dropped by the IP authentication were not completely replaced. As a result, some of the website behavior of the website reflected personal account behavior, and some of the behavior exhibited FHL behavior. No testing had ever been done in this weird, hybrid environment.

But it only took a little testing to show very, large problems. On the one hand, there was no way to logout. On the other hand, there were several code paths that allowed one to change the username, password, and email address of that account.

There were several ways to see the account owner's private data, including credit card billing address, street address, phone numbers, and any genealogical data entered about living individuals. That means anyone could see the names, ages, address, and phone number for the account owner's minor children and name and ages for nieces, nephews, etc.

If you still think Ancestry was unjustified in blocking yesterday's hack, you're out of your mind.

1 comment:

  1. interesting - I tried to demontrate my private acount in the Gwent and the Glamorgan county archives in Wales som years ago.

    I was very embarressed when I could not log on and assumed it was because of firewalls on the parent net.

    The old ancestry library edition was as leaky as a sieve with passwords going round the world as a freebie on usenet and mailing lists espcially after national library week in USA

    se deja-google

    they must have lost lots of revenue

    Hugh W


Note: Only a member of this blog may post a comment.