HowardForums, MobiTV Butting Heads Over IP, Security, Hacking

Howard Chui

It appears that Howard Chui, owner of the massive Canadian cell phone discussion site known as HowardForums.com, has run afoul of MobiTV, the company that powers mobile television for a number of carriers, including Sprint in the U.S. It seems that a user at HowardForums discovered that MobiTV doesn't really use any security when it comes to restricting access to its mobile TV channels. The user found that MobiTV has an unprotected text file on its web server that contains a list of further unprotected URLs for every channel stream the company offers. This information basically makes MobiTV's service freely available to anybody with a mobile device or personal computer that is compatible with the streaming video format used by MobiTV.

That information itself is not a problem for Howard Chui. That this particular user posted it in a thread on HowardForums.com is, though. Chui has since received a number of cease and desist and take down notices from lawyers representing MobiTV, and both parties appear ready to test the legal waters. The ISP that hosts HowardForums.com has received a notice from MobiTV that requests that HowardForums.com be shut down, and Chui, at least, seems to think that this is likely to happen since he is leaning towards fighting MobiTV on this.

There are two issues involved in this story. The painfully obvious one is that MobiTV does not understand security, and that its clients should probably be very wary of a company that considers the concept of "security through obscurity" to be sufficient for protecting its assets. The second, and less cut and dry issue, is the definition of hacking as it applies to this case. MobiTV cites the HowardForums user's "hacking" involved in gaining this information as the reason why the act of posting the links is in and of itself illegal. But, is simply typing a URL into a browser hacking? No skills or tools are required to uncover this URL. Chui likens it to a movie theater built with glass walls attempting to levy suits against passersby that happen to look in. In theory, at least, a dozen monkeys in a room with typewriters could have come up with this URL. At least once they had finished writing out the works of Shakespeare.

But monkeys were probably not involved in the process. The URL could have been found simply by typing random letters and numbers into a URL, but it seems very unlikely that was truly the case. Howard Chui's summary of the situation can, for now, be found on his website, though it is unclear how long the site, which has nearly 800,000 registered users, will be around.