UNYK shortcomings

Recently I received a series of invitations to join UNYK, an interesting relationship site. Its focus is an automatically updated contact list: when your contacts update their details, your contact list is automatically updated, and vice-versa. Given the nature of the information, I was worried about privacy/confidentiality and data openness, so I did a little web search.

On the confidentiality issue, the UNYK Terms of Service states that UNYK reserves the right to modify or update its Terms of Service or Privacy Policy at any time and without prior notice. By using the site, you agree to all revisions or modifications. The confidentiality is supposedly “verified” by a company called TRUSTe. According to the Wikipedia, the TRUSTe president co-founded of Match.com, which bought Netclub, which was founded by the UNYK president. The TRUSTe article on Wikipedia links to two articles criticizing TRUSTe’s verifications, although the author admittedly works for the competition.

On the openness issue, I couldn’t find instructions on how to export contacts, e. g. as vCard. Besides, it seems that only UNYK users can be part of your contact list. According the the UNYK Privacy Policy, canceling your registration will delete all your information from UNYK and the address books of your contacts.

Since I bought my cellphone (a Nokia 2630), I back up my data systematically. Someday I’ll start synchronizing it to Evolution, but for now it’s good enough. I would adopt UNYK only if it made it easier, not harder, to keep other contact lists.

11 respostas em “UNYK shortcomings

  1. Hi Leonardo,

    Thanks for your comments on unyk. I would like to clarify a few points.

    Concerning the terms of use, we really tried to come with the best terms to protect unyk users and unyk.

    The TRUSTe certificate means that we are respecting high industry standards in terms of how we manage our user’s information. Trust me, there is absolutely no relation between netclub match and truste, I know, I founded netclub and unyk. We are just trying to provide a good service to our users.

    On the openness issue, we are all about openness. We think that your contacts are your contacts and you should be able to export them wherever you want. So if you go in your address book you will see that you can easily export some or all of your contacts in a csv file . We will have full sync capability with most address book and mobile phones in a near future.

    If you delete your account, we will not erase your information from your contacts address book, they will simply stop receiving your updates. But it’s a good point, thanks for mentioning it, it is a bug and we will fix it.

    For the password issue, we expect our users to change their password after they have received it but Luciana is right it is not top and we will upgrade our process.

    Stick with us, we have some great releases coming soon and we really want to make it easier for you to manage and access your contacts from wherever you want.

    Cheers

    Sebastien

  2. Pingback: Leonardo Fontenelle | UNYK?

  3. Leonardo,

    Thanks for posting this information. Had you joined, you would have discovered a few more shortcomings. Namely, that the contacts list for the email address you register is automatically sent invitations! I signed up for UNYK and invitations were sent to people I had no intention of contacting, mush less giving all my information to. When I contacted the company to complain, I got no response. I cancelled my account and the friends who had not yet joined UNYK are still getting emails. I am now getting nasty emails from friends asking why I keep sending them invitation after invitation. I have contacted the company to ask them to deal with this issue and have not yet heard back. I would not recommend this site to anyone.

    Molly

  4. Leo and team,

    A further note on security for UNYK can be read here:

    http://www.nslms.com/2008/12/22/unyk-address-book/

    Basically the author shows that the site is using insecure technologies which can be compromised by spammers or worse.

    At this writing, I am unaware if this has been fixed although the author of the article posted this in Dec ’08.

    Excerpt:

    “Since I was more than a little bit surprised that there was no secure access to login and supply my credential for other services, I did a little further digging. UNYK insists in their privacy policy that they encrypt any “sensitive data” that goes across the wire. … So, since it looked like they used a lot of Web 2.0 technologies I thought possibly they were doing some javascript magic to encrypt the stuff going across the wire, I did a little test with Wireshark to see what got sent. I bit the bullet and imported my gmail contacts, and this was the result, with the password obscured by me, of course.”
    .

    Randall

  5. I never leave my email password to anybody else. I was invited, for example, to join the “Good Tree”. I immediately became suspicious when I was asked for my Gmail password! And now, the UNYK! If I subscribe to any other service in the internet, like the Wikipedia or CNet, I never use my email password as the password for that service or site. Imagine how easy it would be for them to log in to your email just by using the password you just entered upon registration! It is bad enough that our emails will never be fool-proof to determined hackers, but I don’t see any point making their task easier. Thanks to Leonardo and to all of you, too! Muito Obrigado!

  6. Many thanks for posting this information. I just now received an invitation to join UNYK. It came from a person who has been following me around the internet. He sends an invitation to join anything he’s joined and joined anything he’s discovered I’m connected to. I mostly ignore it. This time I was curious what this address updating service is because, you see, if it were legitimate and safe to use I could have used it to connect with my actual friends and simply ignored that person. The reports I’ve read here have saved me from compromising my privacy. Again, thank you very much indeed.

    • Glad I could help!

      Actually people don’t invite their contacts when they join such services; they provide their username and password for e.g. Gmail and the service sends invitation letters to the contacts. Usually, if someone join a social network, the person has to actively provide information on the contacts, but with Unyk it is part of the service knowing all of the users’ contacts, so that much more invitations are sent.

  7. Leonardo et Alles,

    Thanks for the information and insight.
    I am always wary of “services” that ask for your password to get access to your mail list.
    But, as Ryan has posted, sending it open in the internet tops it all !
    Saved me lots of digging.

    Mits

Deixe uma resposta

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do WordPress.com

Você está comentando utilizando sua conta WordPress.com. Sair / Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair / Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair / Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair / Alterar )

Conectando a %s