philosecurity

United Airlines stock temporarily lost more than $1 billion in value last week, due to an “accidental” reposting of an old news article which indicated that UA was bankrupt. From the New York Times:

“An erroneous headline that flashed across trading screens Monday, saying United had filed for a second bankruptcy, sent the airline’s stock plummeting. United Airlines shares fell to about $3 from more than $12 in less than an hour before trading was halted, wiping more than $1 billion in value.” (Note: original reports indicated that the stock fell to $.01 per share.)

United Airlines identified the source as “an old Chicago Tribune article that, it said, was posted on the Web site of The South Florida Sun-Sentinel newspaper. That article was picked up by a research firm, Income Securities Advisors, which then posted a link to it on a page on Bloomberg News, which sent a news alert based on the old article.” -A Mistaken News Report Hurts United

Jonathan Ham wrote in to say, “Seems to me a pretty good proof of concept for a web hack resulting in financial windfall. I’d sure as hell have bought UAL at $.01 if I *knew* the rumor to be false. It was bound to recover most of its value by the end of the day… If I’d bought $1,000 of UAL at $.01 this morning, it’d be worth $1.2M right now… If I’d spent $1M defending SEC inquiries, I’m still not working very hard anymore.”

Big business just got an expensive lesson in the importance of verifying the source and publication date of news articles. I have to wonder if this will generate interest in cryptographically signed news articles, which would allow consumers to quickly verify the original source and release date of the article. News companies and their affiliates could market client software which would verify the date and report back, perhaps as part of a premium subscription service. Alternatively, third-party software vendors could verify articles from many news sources. News organizations could make a profit from distributing verification keys to software developers.

Cryptographic verification could also be used as a mechanism to maintain readership. Major vendors could ensure that their keys were distributed by default in popular verification software (as with certificates and web browsers). End users could always add their own keys, but the easy availability of keys from major news vendors would help the status quo maintain readership.

With the UAL crash this week, there’s demonstrated financial incentive for both the news industry and big business to invest in developing an infrastructure for cryptographically verifying the original source and publication date of news articles. It’s about time! We haven’t yet learned to fully capitalize on the idea of selling trusted information on the Internet, but as the UA stock crash demonstrated, there is a need. Perhaps when this market matures, a lot of the technology that privacy geeks have been fighting for all along will finally become mass implemented.