Twenty years ago, in the San Francisco neighborhood then called Multimedia Gulch, a state-of-the-art server from Sun Microsystems began to run a program that would one day lead to more than a million newborn babies.

The machine belonged to a startup called Electric Classifieds, which had plans for a series of sites on the rapidly growing web that would mirror the sections of a newspaper's classified listings. The first section to launch would be the personals, on a site called Match.com.

"Match.com would be the test case to show potential partners and others that the underlying technology worked," says Fran Maier, the site's marketing director at launch and later its general manager, who later went on to lead the Internet privacy group TRUSTe for more than a decade.

Today, Match is the largest operator in what market research firm IBISWorld estimates is a $2 billion dating industry. Roughly 1 in 10 Americans have used at least one online dating service, and most Americans have a generally positive view of online dating as a way to meet new people, according to a 2013 study from the Pew Research Center. After changing hands a few times in the late 1990s, Match is now the centerpiece of Internet firm IAC's digital dating empire, which also includes sites like OKCupid, Tinder, BlackPeopleMeet, and Chemistry.com.

And just last week came the news that Match is going public. According to its SEC filing, the company collected $49.3 million in profit over the first half of 2015. It counts a collective 511 million worldwide users, when customers of all its products are tallied.

The company estimates that Match alone has helped put together more than 10 million couples, who have then gone on to have those million babies, and the company is optimistic it will see a steady stream of new users for years to come.

"Every single person is born single," current CEO Sam Yagan likes to say.

Dialing Up And Hooking Up

When the site first took to the web in April 1995, letting users post profiles and search for potential mates, online dating was still a niche pursuit. Dial-in dating bulletin board systems existed at least as far back as the 1980s, and couples met through early online services like CompuServe—conservative radio host Rush Limbaugh even met his third wife through that network—but for many early Match users, the site was their first foray into online flirtation.

"To be honest, in the early days there was a sense of magic about it, for me at least, and I suspect for other people too, because it was so new and untested," recalls Andrew Gerngross, who joined the site a few months after its launch.

Gerngross, who's now a professional screenwriter, was then working as a software developer in New York. He met a number of women through the site, including his first wife, and still remembers the sheer novelty of browsing the site and connecting with strangers through the web.

"It was the first time I'd actually emailed with someone where I didn't have some professional association or technical interest in sharing something," he says. "This was the first personal thing I'd done on the Internet, and there was some excitement about that."

But that novelty also had many early web surfers apprehensive about posting their profiles online for strangers to see, says Electric Classifieds founder Gary Kremen.

"People were super worried, especially women, about safety and security and anonymity," he says. "The idea of putting out their wants and desires at the time was really alien to all genders."

Kremen and Maier realized early on that the site's success would depend on appealing to women who, according to a Georgia Tech online survey cited in early company literature, made up as little as 10% of the web's 1995 user base.

"We thought that if we got the women, men would follow—women are the scarce resource on the Internet," she says. "For the most part, we were heterosexually focused, although we did have men seeking men and women seeking women."

At a time when computer magazines were advertising dial-up singles chat services with names like Sexy Modem and Fantasia Services Unlimited, Match promoted itself as safe, anonymous, and friendly.

"Match.com has always tried to keep it clean," says Anne Wayman, who worked for Match as an editor and copywriter. "[Kremen] understood that—it had to be as clean as you could keep it, given the technology."

Match gave its members anonymous email addresses that forwarded to their real accounts—a big deal before throwaway webmail accounts were widespread—and emphasized that potential matches wouldn't be alerted when you browsed their profiles.

"I had a couple of bad experiences when I went through the personal ads in the newspaper, so for me, that was a real benefit to doing online dating, because I thought it would be safer," recalls Simone Cox, a Bay Area technical writer who joined the service as a beta tester in its first year. "For me, being anonymous was very, very important, and that was one of the reasons why I decided to do the online dating thing in the first place."

Maier made the site's design as welcoming to women as possible. She vetoed a proposed revenue model where users paid per message.

"For women, and women understand this, it seems like you're putting a price on them, it seems like you're trying to buy them," she says. The site also rejected a profile question Maier thought few women would want to answer.

"I said, 'No, we're not going to ask people's weight, forget it—we're trying to attract women, that's such a turnoff,'" she recalls. Instead, "we're going to have body type."

From the site's early days, Maier—who now advises and mentors women new in business and technology—also appeared frequently in the media discussing Match's safety features and decrying the harassment women faced elsewhere online.

"On some services, simply identifying yourself as a woman is the virtual equivalent of walking into a cowboy bar wearing a Wonderbra, boots, and not much else," she wrote in an opinion piece published in the Washington Post in 1995.

The company quickly worked to court the press, capitalizing on the public's quick fascination with online dating and looking to dispel the notion that the service was limited to lonely nerds and weirdos. ("Turn on your computer, dial in to the Internet, and you're ready to hook up with desperate singles all over the world," wrote a business writer for Florida's Bradenton Herald in one early story about the site.)

Maier and public relations director Trish McDermott appeared on national talk shows and newscasts, as did some of the service's successful early couples and more telegenic users. And when the site introduced a membership fee a few months in, McDermott says she still gave free accounts to journalists covering the site.

"It was very, very common for these reporters to meet someone on Match and fall in love, or at least have a serious romance going on," McDermott wrote Fast Company in an email, though she says she doesn't recall any names. "This is one of the ways we built such a strong and positive relationship with journalists."

Scaling Intimacy

Match also ran its own newsletter in which it shared online dating insights from staff and members, including everything from crafting the perfect profile to exploring cybersex. "I had my 1st CYBERSEX experience in the late 70s when the INTERNET was called ARPANET, and I did it on a TTY terminal," began an anonymous letter in one such discussion.

McDermott, who wrote the newsletter's advice column, recalls getting plenty of ordinary etiquette questions from early members: They wanted to know when it's okay not to answer a message, and how long to go before meeting face-to-face or talking on the phone, and whether it's acceptable to send an email instead of making a phone call after meeting in person.

"Really, the early users of Match were the people who were sort of inventing those protocols: what worked and didn't work," she says.

And the newsletter gave them a place to discuss and compare their experiences, even if many of their real-life friends weren't yet dating online. Match wasn't just promoting itself in those early days—it was promoting the legitimacy of the entire nascent industry.

"We had to evangelize for online dating—not just evangelize for Match.com," says Maier. "We were building a market for this."

At the same time, Match's developers were working to stay ahead of a rapidly evolving web. Competing browsers still behaved quite differently, so Match's servers had to detect what software users were running, and send code tailored to work on their machines, says Kremen. And the differences weren't minor: Some browsers didn't support cookies to track who was logged in, and some couldn't even handle images, he says.

When the site launched, it wasn't even clear the web would win out over then-competing systems like Gopher, or that it wouldn't be eclipsed by some technology yet to be invented.

"I had an intuition that the web was going to be one solution," he says. "It turned out to be the only solution."

And most early users didn't have any digital pictures of themselves—Wayman recalls she hadn't even seen a digitized photo until she started working at Match, since she used a text-only network on her home DOS machine—so they'd snail mail or fax snapshots to Match, or need help finding a place to scan them in.

"People didn't have scanners—they had to go to Kinko's," Kremen says. "We built this thing with a database of Kinko's and scanners, so people could get their pictures in."

Plenty of early users only had Internet access at work, which meant Match's servers would see a traffic spike every day after lunchtime, he says.

"I did not have Internet at home, because that was unheard of, at least by me," says Cox, who started a job at Netscape shortly after joining Match. "I was lucky enough, because I worked in high tech—that's another reason that I was able to get involved with it, because at least I had Internet access at work."

Cox is still single, though she says she had a good time on the site—aside from a few matches who weren't quite as advertised when they met up in person—and met a few men she's still friendly with. At the time she joined, most of the men she encountered on the site were also working in technology, she says.

"I figured out that the men that I would meet would have to at least know what a computer was or have a connection to the Internet, so that would weed out a lot of undesirables," she says.

The web soon grew rapidly, of course, and, as the public grew more comfortable with what it had to offer, so did Match. By the end of 1996, more than 100,000 users had registered for the site, which would be acquired the following year by e-commerce firm CUC International. CUC would soon merge with Hospitality Franchise Systems, the parent of hotel chains Days Inn and Ramada, to form Cendant Corp. And after an accounting scandal, Cendant sold Match for about $50 million to Ticketmaster Online-City Search, a predecessor of IAC.

By then, the site had signed up more than 1.8 million total users. Much of the early stigma attached to online dating had dissolved, particularly after the 1998 romantic comedy You've Got Mail, in which Tom Hanks and Meg Ryan get digitally acquainted, says McDermott.

"I think that changed the discourse about online dating to something positive, and that sort of scary belief that you were going to meet a creepy stalker-type person started to dissolve when you saw that the Meg Ryans of the world might be the people you'd be meeting," she says.

By 2000, Match was respectable enough to join Princess Cruises in a multiday millennial Valentine's celebration in Fort Lauderdale, where other romantic icons of the time, like romance novel cover model Fabio, Love Boat star Gavin MacLeod, and Dating Game host Jim Lange were all on hand to inaugurate the cruise line's newest ship.

"Men were running around dressed like Cupid shooting pretend arrows," recalls McDermott. Also onboard: 50 couples who had connected on Match but had never met in person, there to be collectively introduced for the first time in what was billed as the World's Largest Floating First Date.

"Some people, the chemistry, you just saw the love happen, and with some of them, there was zip," recalls McDermott. "In those three days, some of them started getting interested in other people."

The site also began to actively expand abroad, and found that just as You've Got Mail helped normalize online dating in the U.S., another contemporary comedy paved the way in much of Europe.

"By far, the most fascinating thing that we figured out, and we figured out totally by accident, is that in countries where there was syndication of the show Sex and the City, we had immediate adoption of our model," says Joe Cohen, who ran the site's international operations from 2001 through 2006. "We literally got a map of where Sex and the City was in syndication, and that was one of our criteria for where we launched."

The show didn't mention Match, but Cohen believes it helped pave the way for American-style dating in the countries where it aired, making online coupling services more relatable. Even in London, where he was based, Cohen said people were initially skeptical of the service when he first started at the company, though its popularity soon grew.

"They literally said, that's like prostitution," he says. "They looked at me like the face people get when they smell a fart."

In the U.S., meanwhile, the number of dating sites expanded rapidly in the 2000s, with ads promoting newer sites like eHarmony, PlentyOfFish, and Zoosk becoming common sights online and off. Niche dating sites also took off, with services from ChristianMingle to Veggie Date targeting specific interests, religions, and racial groups looking to find likeminded people, and by 2013, the Pew Research Center reported that about 40% of online dating customers had used such a specialized service.

Love In The Time Of Tinder

Yagan, who's now the head of the Match Group, which includes IAC's dating sites and a few other online properties, entered the field in 2004 as a cofounder of OkCupid. That site, which eschewed paid memberships in favor of advertising and paired users based on their responses to quirky questions, was widely hailed as a younger, hipper alternative to Match and other old-guard dating sites like eHarmony.

"Match.com had lost some of its coolness—it was not the cool site to be on," recalls Gerngross, who returned for a bit to online dating after a divorce in the early 2000s. "It had gotten a bit middle-of-the-road."

While at OkCupid, Yagan and his cofounders took frequent potshots at Match, still the industry leader, in media appearances. "Overthrowing Match.com is our job,"he told the Harvard student newspaper in 2009, in a story published on Valentine's Day. In 2011, IAC acquired OKCupid for about $50 million, and in 2012, the company appointed Yagan to head the entire Match division.

"You poke fun as competitors, of course, and you get in, and you realize there's a lot more happening under the surface than you probably realized as an outsider," Yagan now says of the erstwhile rivalry.

Part of Match's strength lies in its paid membership model, which filters for users who are serious about finding companionship, he says.

"The point of paying isn't just the money—it's the signal of intent," he says. "It's important to me that Match still gets that signal from its user, so that we can provide that high-intent community."

Still, Yagan points out that the service has been updated under his watch, making the jump from desktop to mobile.

"When I took over at Match, we didn't have an iPhone app, and that was in 2012," he says.

As of last year, the site has an updated iOS app with swipe-to-like and proximity-based features similar to Tinder—another Match Group property that's arguably upstaged both Match and OkCupid in recent years. (Between launching in 2012 and 2014, Tinder signed up about 50 million users, according to a source in thisNew York Times story.)

This April, almost exactly two decades after users first logged on to Match with their dial-up modems and Netscape Navigator, the company released an Apple Watch app that lets users review and message their matches with the tap of a wrist.

By now, more than 125 million people have registered for Match, including 20 million who've used it through their mobile devices, the company says.

"It was time for an online dating service that could keep things clean enough and be nimble enough, we'd call it today, to scale," says Wayman, the former Match editor. "Nobody was using that term—but we scaled."

As the debate over online ad blocking heats up with the arrival of iOS 9, experts say the biggest casualties of the online ad war may be small publishers and bloggers with few alternative revenue streams to pursue.

Tools that filter out online ads have grown significantly in popularity over the past few years, as Web users have gotten fed up with ads that even industry insiders acknowledge have become more intrusive and bandwidth-intensive. And after Apple's update last month to its mobile operating system, which supported apps that filter ads and other unwanted content on the mobile Web, publishers and advertising networks are increasingly concerned about the effect of ad-free browsing on their revenue. (Apple didn't reply to an emailed request for comment.)

"As an industry, we have created content that is too often not differentiated or valued; ads that are too often interruptive, slow, unaesthetic, or unsafe," wrote Alia Lamborghini, the senior vice president of North American sales at mobile ad marketplace Millennial Media, in an email to Fast Company. "Consumers have increasingly adopted ad blockers to take control of their experience, and this is leading to a real threat to the entire publisher ecosystem."

But the cost of ad blocking doesn't fall equally on all digital creators and publishers, experts say. Larger publishers often see additional revenue from offline sources or product sales, and they're more likely to distribute their content through ad-supported mobile apps, where ad-blocking software mostly doesn't reach. But smaller websites and individual bloggers that rely on advertising to pay the bills often have few alternative ways to fund their sites.

"The big dilemma is for independent publishers who are not huge multibillion-dollar media companies such as Google, Facebook, and so on," says Vlad Stesin, cofounder and vice president of product at ad tech firm AdGear.

While processing micropayments—small transactions of a few cents at a time, roughly equivalent to what advertisers might pay—has long been a dream of Web entrepreneurs, today's infrastructure still doesn't provide a way for small publishers to efficiently charge their readers in lieu of posting ads, says Stesin.

"Advertising today is still the most viable form of micropayment for content," he says.

But with no way to charge readers by the article, and ad revenue in decline thanks to blocking software, some small publishers will have no choice but to cut back or even cease publication.

Payments And Performance

Peter Symmes, the publisher of a woodworking blog and YouTube channel called The Cedar Workshop, announced plans last month to remove ads from the site. A decline in ad revenue he attributed to ad-blocking software made them no longer worthwhile, he wrote.

"When the Cedar Workshop YouTube channel started, in 2013, the supporting Blog generated about $8.00 to $13.00/month,"Symmes wrote. "Now, I'm lucky to get 1 cent/month. For that measly amount, it's not even worth it."

But with site hosting still costing $10 per month, that loss of revenue will mean posting videos every two weeks, rather than every week, and a more restricted set of projects, he wrote on the blog.

Another blogger, Adam Roberts of cooking site The Amateur Gourmet, wrote in a March post that the ad network he relied on to fund the site had drastically cut its payout rate after their contract expired. Roberts says the network suggested he make up the difference with sponsored posts—a funding used by plenty of large publications—but he didn't feel comfortable adding so many to the blog.

"The sponsored posts didn't sit well with me because I'd built up my audience over eleven years by building trust with my readers; and the more that I tried to sell them things, using that same trust (and seemingly taking advantage of it), the more that I felt like I'd lost my blog's integrity," he wrote in an email to Fast Company. "At the end of the day I had to decide, 'How many of these sponsored posts can I do before people start to think of me like a used car salesman?'"

He's since taken a job as a television writer, and shifted his blogging to a personal, ad-free blog, he says.

"It's actually getting me back to my blogging roots, where I would just do it so that I could connect with an audience," he wrote. "It's a nice feeling."

For some sites, ad-blocking tools, which generally work by detecting and filtering out scripts and other files used to display ads and track users from site to site, can also interfere with browsers when false positives lead them to block necessary code, says Peter Imburg, the founder and CEO of Elfster, an online Secret Santa coordinating service.

"We would get contacted sometimes, by people like, 'Hey, your site doesn't work—I'm trying to do whatever I do on Elfster and it just doesn't work,'" says Imburg, who also spoke about the issue last month at the Internet Advertising Bureau's MIXX Conference. "When we'd do a screenshare session or something here, we'd say, 'Oh, what's this here,' and they'd turn off the ad-blocking software and it would start working."

Imburg says Elfster doesn't deliberately track how many users visit the site with ads blocked, though he says the company has noticed that display ad revenue's stayed roughly the same as visitor numbers have gone up. The company's moving away from a traditional ad-driven model, thanks to additional revenue sources like e-commerce affiliate links. The recent iOS changes are unlikely to make a difference, since Elfster already banned ads from its mobile site to avoid performance slowdown, he says.

Those performance issues are a big part of what motivates users to install ad-blocking software in the first place. Online advertisers are willing to pay a premium for ads with higher "viewability," meaning that publishers can guarantee that the ads are in a Web user's field of vision for a given amount of time. That, in turn, has led to the growth of content like interstitial ads that block out the entire page, and auto-playing videos, says Harry Kargman, the founder and CEO of mobile ad platform Kargo.

"What we found is the unintended consequence of viewability for us today is that it encourages more interstitial types of inventory," says Kargman. "Interstitial is not a great consumer experience—it's something that pops up that interrupts you from viewing your content and that you have to 'X' out of to get out of."

Advertising vendors have also set up increasingly sophisticated marketplace environments, where advertisers bid in real time for the right to show ads to users based on their perceived demographics, but that complexity can lead to longer page-load times. It also leads to ads that seem to follow users around the Web—a scenario that's common enough to be the subject of a joke in The Onion this week, and is often seen as intrusive.

Opting Out

"There's no opportunity for disclosure, negotiation, or reconsideration," developer Marco Arment wrote in an August blog post in defense of ad blocking. "By following any link, you unwittingly opt into whatever the target site, and any number of embedded scripts from other sites and tracking networks, wants to collect, track, analyze, and sell about you."

Not long after that post, Arment went on to release an iOS ad-blocking app called Peace, which became for a time the bestselling paid app in the App Store. But within a couple days of its release, Arment pulled the app, expressing concern about the potential harm done to publishers by ad-blocking tools.

"Achieving this much success with Peace just doesn't feel good, which I didn't anticipate, but probably should have," he wrote. "Ad blockers come with an important asterisk: while they do benefit a ton of people in major ways, they also hurt some, including many who don't deserve the hit."

And that hurt could fall disproportionately on small entrepreneurs and independent publishers who rely on ads to make a living.

"The display ad revenue was really central to getting Elfster to where it is today," says Imburg. "I think for new businesses and aspiring entrepreneurs, that ad-blocker [software] could make that a lot harder."

Related: History of Apple in Under 3 Minutes

Bitcoin prices have risen dramatically over the past month, but international regulators and bitcoin exchange operators warn that one investment opportunity involving the digital currency is likely too good to be true.

A website called MMM Global tells would-be investors that they can earn "100% per month" by participating in a "global fund of mutual aid," exchanging bitcoin for an MMM-specific virtual currency called mavro effectively stored on deposit at extraordinary interest rates.

Mavro takes its name from MMM founder Sergey Mavrodi, who previously served time in Russian prison for fraud after leading an investment company that lost investors millions of dollars in the 1990s. That firm, also called MMM, is now widely derided as a Ponzi scheme, where investors' extraordinary returns came from the funds supplied by new members rather than actual growth.

Critics say the current iteration of MMM may operate in the same manner: Technically, according to MMM's website, customers' initial mavro is awarded when they "provide assistance to another participant" by transferring bitcoin, and cashing out accumulated mavro for bitcoin is merely a request for such assistance.

MMM's been the subject of an investor warning by the CEO of Chinese bitcoin exchange BTCC and come under government investigation in Indonesia and South Africa.

"The National Consumer Commission [is] currently conducting a preliminary investigation into the practices of nine suspected pyramid schemes, including MMM," a spokesman for that South African agency wrote in an email to Fast Company. "The outcomes of the investigation will advise on whether the scheme's practices are legal or not."

MMM didn't reply to an emailed request for comment, and a representative replied to a live chat inquiry with what appeared to be a scripted invitation to invest.

MMM participants, meanwhile, have aggressively promoted the investment through social media, taking advantage of policies that give additional mavro to investors who advertise MMM through various "web-tasks" and those who bring in new participants through an affiliate program.

"But nobody force [sic] the members of the Community to invite new participants," according to the MMM website. "But at the same time, understanding that MMM network can't exist without development and participants' encouragement in the form of referral bonuses motivate many people to take an active position."

Facebook has blocked the MMM Global site for spamming, according to a Facebook spokesperson, but the investment is still the subject of a steady stream of posts to Twitter and YouTube, where an official MMM channel has collected more than 800 investor testimonials boasting of their high returns.

Mavrodi himself posts weekly updates to the YouTube channel in Russian with English subtitles, typically reassuring potential participants their money is safe.

"Here is the news," he said in his most recent update. "Well, there's only one piece of news: Everything is wonderful and great. The System is evolving very rapidly. The participants are happy and content. You can see it from the Letters of Happiness. In other words, all is simply perfect."

Social media's been increasingly harnessed in recent times by controversial multilevel marketing companies and possible pyramid schemes, says William Keep, the dean of The College of New Jersey's School of Business who's written frequently about the subject.

"The multilevel marketing companies certainly have been very active on Facebook," says Keep, pointing at Vemma Nutrition Company, a marketing company that was popular among college students until it was deemed an "illegal pyramid scheme" by the Federal Trade Commission earlier this year. "Social media is a place where fairly quickly one can develop a sort of sense of connectivity, however artificial that might be."

The original MMM convinced millions of Russians to invest through whimsical television ads that showed working class Russians enjoying extraordinary returns from their investments. The fund ultimately collapsed amid reports that MMM was under investigation. Mavrodi has always maintained MMM was essentially sabotaged by corrupt officials and the banking industry: He even ran successfully for a seat in Russia's legislature on a platform that included trying to recover his investors' funds, though he was ultimately removed from office by his fellow lawmakers.

In 2011, after Mavrodi's release from prison, he launched a second version of MMM in Russia, which also soon shuttered. MMM Global, the current iteration, launched last year, seeking participants from around the world and promising to bring about a "financial apocalypse" that will make ordinary people free from financial tyranny and banks obsolete.

"It's not that dissimilar from the message that Vemma was conveying to college students," says Keep. ""In other words, the world's kind of gone to hell, and implicitly you kind of have to take care of yourself, and fortunately here there's an organization that's real and genuine that will help you do that."

Using bitcoin rather than traditional currency has the potential to make the current MMM harder for authorities to shut down or even audit, suggests Tamar Frankel, a Boston University law professor and author of the book The Ponzi Scheme Puzzle: A History and Analysis of Con Artists and Victims.

Doing it this way, Frankel says, MMM can "escape the money controls established by government."

Bitcoin's purely digital nature and relative anonymity have made it the currency of choice for some illegal transactions, from drug sales on darknet markets like Silk Road and its successors to electronic blackmail operations where valuable data is encrypted by malware and effectively held for ransom. But the currency, which has increased more than 60% in value against the dollar in the past month, has also been touted as a way to easily transfer funds around the world without dealing with banking delays and wire transfer fees.

"In their transactions MMM participants operate with BITCOINS," explains the MMM Global site. "It is the best possible way to organize smooth transfers between participants from different countries."

How smooth these transfers actually are remains to be seen.

As America cruised into the 1990s, phones were no longer just for calling friends and family. Startups were harnessing new technology to turn them into tools for checking sports scores and playing fantasy football, listening to music, and connecting with their favorite celebrities. Pay-by-the-minute hotline numbers were on their way to becoming a billion-dollar industry—and giving millions of people their first taste of information and entertainment on demand.

"You could call a 900 number and enter an area code and get weather or flight information," says Rick Parkhill, who founded the industry publication InfoText in 1988. "When you think about it, in the late '80s, there was no way to find out what the weather was in California if you were in New York, unless you called somebody, or turned the television on and waited for something to happen."

And to a remarkable degree, the early-'90s offerings from 900 numbers, which were funded by per-minute charges automatically added to callers' phone bills, anticipated the services that would later be delivered through the Internet. Before FanDuel and Yahoo Sports, there was phone-tree fantasy football from Pigskin Playoff. Long before there was Yik Yak, there were party lines offering pay-by-the-minute anonymous, and frequently raunchy, voice chat. And nearly two decades before there was Twitter, there were hotlines offering daily recorded updates from pop culture icons of the day, from Hulk Hogan to Will Smith and Warrant to Vanilla Ice.

"This was so wild to people—that you could pick up the phone and hear a star like Will Smith on the phone, telling you things that were going on in his life," says Cory Eisner, who was the vice president of sales and marketing at Phone Programs Inc., which operated celebrity and other hotlines.

The company's hotline featuring Smith—then known as the Fresh Prince—and DJ Jazzy Jeff is said to have brought in more than 2.5 million calls from fans looking to hear the duo's updates describing parties they'd attended and life on tour.

"Will and Jeff were traveling, of course, touring around, so we had a producer that worked with us, an audio producer, he would travel to wherever they might be," says Eisner. Other celebrities promoting music, movies, and TV shows would visit Phone Programs' New York office to record material for their 900 numbers, or phone in messages from the road.

"We would actually have some artists and celebrities who would call and we would record them, almost like how you would record your home answering system," says Eisner. "It had to be timely—it had to be, 'Wow, I just heard from him today, and I just saw him on Good Morning America.'"

Music lovers could stream new music over the phone, thanks to services offered through industry magazines like Spin and Vibe. That let readers hear music reviewed in the magazines, which could be a challenge if they didn't live near a well-stocked record store, says Jonathan Pernick, who was business development and marketing director at Spin in 1990.

"They could read the words and these descriptions from the writer, but they didn't have the ability to go out and listen to it," says Pernick, who now teaches at Florida International University. But once the hotline launched, they could hear selections from each reviewed album at the touch of a button.

"Each album would have, let's say, a certain code, and then a person was able to go in and type in the code," he says. "Press 1 for De La Soul."

At the time, the magazine used a 900-number provider in New York's northern suburbs, and Pernick would drive copies of the CDs reviewed in the magazine upstate from Spin's Manhattan offices so they could be ripped and streamed. As he recalls, the magazine and the 900-number operator split the proceeds from the service—and back then, the record labels were willing to let their music be streamed for free.

"From what I remember, the record labels loved it," he says. "I don't remember [that] we were going through any type of licensing at the time."

A few years later, Spin worked with Music Access, a company started with the explicit goal of making obscure music more accessible through telephone streaming, according to its founder, Bar Lockwood.

"It was really my way to promote music that I didn't think was ever going to get a way in the United States to be heard," says Lockwood, who previously worked for the nonprofit World Music Institute.

While the 900-number industry exploded in volume in the late '80s and early '90s—The Washington Post reported at the time that the number of such hotlines rose 83%, to 2,950, in the first half of 1990 alone—premium calling services actually date back at least to the 1970s, says Eisner. Back then, the services were locally run by the regional arms of the phone company, in conjunction with providers like Phone Programs. The company worked with New York Telephone to run a pay-per-call Dial-a-Joke service, featuring daily quips recorded by comedians like Henny Youngman and Phyllis Diller.

"The phone company would promote it as kind of have a break in your day, a little comedic relief," says Eisner. "It would almost be like old-time radio. We would produce these messages in our studio, and it would go for a minute or so depending on which line you were doing."

National prepaid numbers, using 900 as a kind of virtual area code to let them be dialed from anywhere in the U.S., got their first major test in 1980, during a presidential debate between Jimmy Carter and Ronald Reagan. ABC and AT&T operated a call-in poll, letting viewers dial one number if they thought Carter was winning the debate, and another if they thought Reagan was doing better.

Having two numbers was necessary at the time, since many viewers at the time would still have been using rotary phones. Until touch-tone phones became prominent a few years later, modern phone menus—as in, press 1 for Carter, press 2 for Reagan—just didn't exist, says Parkhill.

"There was a real revolution in the information business that began in the mid-'80s with touch-tone telephones," he says. "It seems so rudimentary today, but when you think about the world that we lived in, and people with rotary telephones, you couldn't access your bank account information."

Around the same time, as part of the breakup of the AT&T telephone monopoly, the telephone giant and its regional former affiliates were required to stop directly offering pay-per-call "information systems," creating an opportunity for new companies to enter the business. By 1991, New York magazine reported the 900-number business was pulling in $975 million per year, and Parkhill's InfoText magazine was hosting an annual industry convention where innovators were honored with Golden Phone awards.

While many Golden Phones went to big-name brands—1991 award recipients included Dow Jones's JournalPhone on-demand stock quote system and a Phone Jeopardy game with questions recorded by Alex Trebek—startups were also pouring into the 900-number field.

Character actor D.C. Douglas, who has since appeared in TV shows like NCIS and The Bold and the Beautiful, worked for a 900 number called The Party Tracker in 1993, doing everything from recording goofy TV commercials to visiting nightclubs listed on the service, which reviewed and listed events at venues around Los Angeles.

"I found an answering hardware/software IVR package that had a GUI—perfect for a Mac person," he wrote in an email to Fast Company. "I recorded and edited the reviews along with my girlfriend at the time."

And Lockwood, who now works in computer security, says she started the Music Access streaming service out of her Brooklyn apartment, where she installed hefty phone-switching equipment and a T1 phone line, and lived for a time on a struggling founder's budget.

"I literally starved for this," she says. "I remember one weekend on Friday night, I had in front of me a single scone—a scone, like you would have on Sunday morning—and that had to last me until Monday morning, when I would get the check from Spin."

Guides for entrepreneurs looking to make money in the 900-number industry even appeared on bookstore shelves—Douglas says literature he and The Party Tracker team consulted was accurate as to revenue estimates. The only problem was he and his colleagues accidentally used predictions intended for national services for what was strictly a local business, so they were never able to turn a profit.

And established players like Phone Programs learned to tell quickly if new hotlines were a hit, says Eisner.

""It was pretty much instant," he says. "If you came with an idea, and you marketed it, you could find out within a day or two if you had a winner, because you're judging it on the number of phone calls that were coming in."

By the mid-'90s, the industry had come to develop a seedy reputation, thanks to a proliferation of sexually oriented services. Pay-per-minute phone sex lines were arguably the first convenient, on-demand pornographic service, something that was then shocking to much of the public, says Eisner.

"That type of entertainment was generally focused on either those cheap little movie theaters or people selling video tapes on the black market or from somebody's trunk, so when this happened, it sort of became national news, and the media jumped on it," he says.

The industry had no good way to prevent underage callers from calling adult hotlines, or from calling any other 900 numbers without their parents' permission. News reports and regulatory hearings—and even a Simpsons plotline—began to focus on kids calling sex lines or running up massive phone bills listening to updates from their favorite celebrities.

By 1991, the Federal Communications Commission began to regulate the industry, ultimately requiring that customers be able to block 900 services from their phones and forbidding phone companies from disconnecting phones when customers refused to pay for premium services charged to their accounts. The ensuing controversy scared celebrities and big brands away from the industry, says Eisner.

"The outrage started, and it fueled an entire backlash, and it was always associated with those three digits," he says. "'900' became equated with sex, and it destroyed an industry."

At the same time, online services like CompuServe, AOL and the Web itself were beginning to provide alternative ways to get information and entertainment on demand. Online interfaces and content would soon surpass anything that was available through a phone tree, with services like Spin's over-the-phone music streaming going from cutting edge to obsolete in just a few years.

"For today's standards, it was horrible, but to be able to do that in 1990, it was amazing," says Pernick.

In a study released last month, secure data management firms Kroll Ontrack and Blancco Technology Group found that in a set of used hard drives bought online, nearly half came with data left behind by previous owners.

And it wasn't that those previous owners didn't care about the information left on the disks, the companies said. In fact, 75% of the drives with data still on them showed signs users had attempted to wipe the drives, but didn't succeed at fully erasing their contents.

"One of the more glaring discoveries from our study is that most people attempt in some way or another to delete their data from electronic equipment," Blancco IT security consultant Paul Henry said in a statement when the study was released. "But while those deletion methods are common and seem reliable, they aren't always effective at removing data permanently, and they don't comply with regulatory standards."

In some ways, the study's findings only underscore what's been known for some time: Users on the computer forensics site Forensics Wiki have compiled a list of more than a dozen studies and news reports documenting similar results—hard drives sold with data, often including potentially sensitive information like medical records, still on them—dating back to 2003. One researcher who's developed cryptographic approaches for guaranteeing discarded data becomes truly inaccessible says she first began that line of research around the time of the Microsoft antitrust trial in the late 1990s.

"What happened was, while I was at Sun [Microsystems], the CEO happened to be in my office right when Microsoft had been in the news getting embarrassed by old emails that they thought had been deleted that could be recovered from backup," recalls Radia Perlman, now an industry fellow at storage giant EMC. "He mumbled something about, 'It would be really good to make sure that data you want gone is really gone.'"

And even as information continues to be exposed through discarded hard drives, the explosive growth in mobile computing, cloud data storage, and the Internet of Things have led to more avenues for imperfectly deleted data to make its way into the wrong hands. The study by Blancco and Kroll found more than a third of a sample of used mobile devices had residual data on them, and Blancco Technology Group CEO Pat Clawson says he's even found personal data unwittingly left behind after being synced to the dashboard computers of rental cars.

"I just rented one recently," he says, "and I've got 'Randy's contacts on Randy's iPhone' right there on the screen."

Part of the problem, Clawson says, is that the tech industry hasn't always made it easy for users to figure out how to delete their information, and hasn't made clear the difference between secure erasure techniques—where data is actually overwritten on a storage device multiple times to render it truly unrecoverable—and quicker modes of deletion where disk space is merely marked as reusable.

"People think their data's been destroyed, and really all you're doing is removing the table of contents," says Clawson, whose company makes secure data erasure tools. "The rest of the chapters of the book are sitting there waiting to be discovered."

Still, Clawson says, companies and individuals alike are becoming more aware of the need to reliably purge information, partially due to high-profile data breaches like Ashley Madison's, and partially due to stricter government and industry standards, like HIPAA and the credit card processing PCI standards. For many companies, that means looking closely at how they handle data both internally and on computers in external and cloud-based data centers.

"When you're dealing with cloud or virtual environments, you're reaching down and first erasing the virtual," he says. "The long-term disposition of the physical storage medium needs to be addressed as well."

Secure deletion is something that can be addressed in companies' agreements with cloud and storage vendors, says Clawson, and vendors do increasingly offer such guarantees.

In fact, says Rand Wacker, the vice president of enterprise product at the file-sharing company Box, some companies see a move to secure cloud storage and file-sharing tool as an improvement on pre-existing, ad hoc ways of managing data.

"It's really interesting talking to many of these risk and compliance officers in organizations—they actually see the cloud as an opportunity to help centralize and get more control of it," Wacker says. "It's been such a challenge for them knowing that content is just sprawled across laptops and network drives and all these different places."

Box, which offers HIPAA-compliant storage for health data and is certified compliant with the ISO 27001 international data security standard, encrypts customer files and scrubs every copy of them from its servers on deletion, he says.

"Every last instance of a file—these are the encrypted instances— are scrubbed from the Box servers and all of the distributed storage of that file," Wackersays.

Of course, that only addresses copies of the data stored in Box, so customers still need to decide what to do about data that might be stored elsewhere, like in offsite backups.

And for particularly sensitive data, companies can use other security tools to make sure they know where each copy of the information lies. They can, for instance, use tools that need to grab a decryption key from a central server before they can decrypt and work with data, says Paula Long, the CEO of DataGravity, a New Hampshire company that sells storage servers with built-in data tracking and security capability. "The problem is, the more secure you want to make it, the more complex and cumbersome it gets for anybody to use the data," she says, and there's no way to build a completely foolproof security system.

Modern storage systems like Box's cloud network or DataGravity's servers can help companies track where files are copied, when they're stored in filesystem snapshots and backups and when they're accessed in an unusual way that might indicate a breach. But they generally can't track where data goes once it's allowed to leave secure systems, so companies need to be vigilant about using third-party systems with the levels of security guarantees they want.

"Part of that has to really deal with your security posture, your risk tolerance," says Clawson.

Fast-moving startups might transfer data to third-party systems without thinking too deeply about exactly how that data's being stored, but if they later decide to get more vigilant, even the most sophisticated security systems will have difficulty figuring out where all those files and records have gone.

"You can't track anything that happened in the past," says Long, "because we weren't there to capture the history."

Imagine being locked in a roomful of strangers, where the only exit has been hidden by a raving mad scientist who's muttering half-incomprehensible clues under his breath. It sounds like the start of a horror movie—but for customers in hundreds of "escape rooms" around the country, it's just another fun night out.

The rooms pull paying participants into scenarios they'd otherwise only see in Hollywood movies and video games and challenge players to work together to unravel carefully plotted mysteries and find their way out of the space within a limited amount of time. To make their way through the door, participants might have to uncover hidden keys or play particular tunes on makeshift instruments or anything else the escape room creators have been able to think up.

In October 2013, Victor Blake created what he says was New York City's first escape room as a weekend popup.

"The first pop-up was literally stuff we could fit in the back of a cab," recalls Blake. "There was nothing technically elaborate about it. There was nothing you couldn't replicate by going to a thrift store by spending a couple of hundred bucks."

Now, just two years later, Blake's company Escape the Room runs escape rooms at 10 locations around the country, and has plans in the works for seven more. A fan-submitted directory of escape rooms now lists hundreds of events around the country. People in the industry say the field has not only grown competitive, but has professionalized. Escape room operators are quickly looking to adapt practices and even personnel from the worlds of film, theater, and software development—and to develop techniques and storytelling conventions for their own new medium.

"Now, for better or worse, we have entire teams of people" designing the games, says Blake. "We have engineers that work for Disney, and they consult for us."

Like video games—which have for decades offered virtual puzzles similar to the codes, hidden keys, and mysterious objects now found in escape rooms—the rooms require a mix of storytelling, design, and engineering. But while video games allow developers to digitally encode and limit the rules of play through precisely crafted lines of code—and fix bugs with the push of an update—escape room creators effectively have to encode the rules of play into real-world, three-dimensional objects. Every conceivably interactive feature of every object in one of escape room Puzzah's rooms in Denver is effectively part of the puzzle's player interface—whether the designers intend it that way or not. This can get complicated when players bring human variance into the room.

For example, "Sometimes [people] will come into our game rooms, and they will bring screwdrivers in their pockets, and they start undoing things," says Derek Anderson, the cofounder of Puzzah. "We don't want that to happen."

"We're sensitive about making sure we do things like use obscure screw heads," says Anderson. "We make sure there's nothing that people can interact with except what we want them to interact with."

The company generally builds its rooms as sets of discrete "subgames" that players effectively interact with in sequence, he says, which make the games easier to beta test (beta testers are usually previous customers or friends of the game operators). Modularization means those individual parts can then be fabricated by the game designers on their own, before they're integrated into a larger puzzle. Each subgame can also be beta tested on its own to make sure it is comprehensible and enjoyable for players—and resilient enough to withstand attention from the most enthusiastic audiences.

"Once you have 11-year-olds bashing around on it for six months, the story kind of changes," Anderson says of the beta tests.

As groups of players struggle with puzzles or race through a room, the escape room's software can cue additional voice-recorded clues on speakers in the space to help players along, or introduce additional puzzles along the way. Players actions are also automatically logged for later analysis, he says, using sensors built into all the devices players interact with.

"At every point in all of our games, we [are] able to see where you are, what you're doing and what you're working on," says Anderson. "We [are] able to essentially program clues that are fed to you immersively—or scale them back if you don't need them."

The rooms aren't just conveyor belts of puzzles, though—they're also stories, with plots and characters, either portrayed by recorded voices and movies or by live actors.

"We have our actors who are in character and costume—they create a context for people, and I think that immersive element really gets them into the spirit of the game," says Chris Ricard, a cofounder of SmartyPantz, which operates escape rooms in Vancouver and Edmonton. "And then they're really looking to solve the mystery and get out of the rooms at whatever cost."

From its start in July 2014, SmartyPantz has relied on professionals from Vancouver's strong film industry and has developed rooms by thinking first about overarching themes and stories, then about the puzzles that go into them, says Ricard.

"The first person I connected with, he's a propmaster, but he also likes putting together haunted houses, so he has a very creative mind," says Ricard. "We worked with him on developing a number of ideas—sort of conceptual ideas for room themes."

In Vancouver, where the company opened its doors to the public in March, rooms vary not only in difficulty but in terms of storyline and degree of explicit content. A Cold War-themed room called "Spies & Lies" is advertised as "family friendly" and tricky, but not too scary—while a haunted house room is scary but not too difficult.

"It's just a factor of, some people aren't interested in scary stuff, so we have a variety of room concepts that appeal to a wide audience," he says.

Generally, making sure escape rooms work as coherent stories is critical to their success, says Escape the Room's Blake. "The hard part of about writing any of these games—it's not any individual puzzle," he says. "It's getting it to work together in a way that's like any book or movie."

Escape the Room now prototypes and beta tests its rooms in a 15,000-sq.-ft. warehouse in New Orleans, another city with a native film industry. The tests uncover overly difficult or fragile prototype puzzles that need to be fixed for production—but they can also reveal when a plot just isn't engaging enough to the audience, says Blake.

"Sometimes it falls flat, and it really sucks, like [if] you get to the end of a movie, and it's like, that's it?" he says. "You can kind of see the disappointment in their face."

As the escape room industry matures and moves toward bigger budgets, it may well see some consolidation. That's what has already happened in much of Asia, where the rooms first appeared, says Anderson. He estimates the number of room operators in heavily saturated Singapore has shrunk by about a third over the past two years.

"The biggest players right there are multinationals that are hitting all of East Asia," he says.

The Asian market has also seen the rise of wholesale vendors, mostly operating out of China, that offer pre-built, ready-to-install puzzle components, he says.

"If you want to have a touch-these-paintings-to-open-the-door puzzle, they'll sell you all the components all wired up," he says. "You just insert your picture into the frame, and you're good to go."

Even if Asia's industry trends come to the U.S., Anderson says he's optimistic his company's technological sophistication will still set it apart.

And, says Blake, there will likely always be room for innovative small-scale operators—people who decide to put together one-off pop-up events when the opportunity presents itself.

"There will be guys like us who have teams of technologists," Blake says. "Then there'll be the guy who finds like the awesome nuclear missile silo in the middle of Iowa and just does it on weekends."

Not long ago, a team from Columbia University set out to build an automated Twitter bot in a place with no Internet access—part of a 12-hour class for people with no prior programming experience. They held the class at New York's Rikers Island in an ongoing effort by Columbia's Center for Justice to provide educational programs for young people incarcerated at the jail complex. Teenage inmates worked alongside Columbia students to learn the basics of Python, put together tweets about their personal experiences, and contributed code to Rikers Story Bot, which randomly selects and posts a tweet from the group every day.

"A good portion of the code that made it into the bot was written in that class," says Dennis Tenen, a software engineer turned English professor and one of the course instructors.

Since Rikers doesn't provide Internet access to inmates, the instructors couldn't stick to a standard coding school curriculum. The class relied a lot more on physical materials than most introductory programming classes. For example, instructors brought in printed tweets—including tweets by musicians Drake and Meek Mill, and from President Obama and the New York City Department of Correction—for students to study before they wrote their own. And with fewer computers than students, the classes included physical demonstrations of programming tasks, like looping and sorting papers.

"Everybody kind of gets into it, and really what they're learning is the basics of algorithmic thinking and the basics of control structure," says Tenen.

The goal wasn't to turn the students into professional-grade programmers in just a few classes, Tenen emphasizes, but to introduce them to the basics of programming and reasoning about algorithms and code.

"It's really to give people a taste, to get people excited about coding, in hopes that when they come out, they continue," says Tenen.

Each member of the class also got a title, like developer or editor, that they'd be able to use on a job or school application, he says. And when they did sit down at the computer, Tenen says the Rikers inmates were often more willing to experiment than the slightly older Columbia students.

"In many ways, they seemed like kids that were just very eager to learn to put into this system where their voices weren't being heard," says Thomas Brown III, a Columbia senior who participated in the class.

They learned to use the IPython interactive development environment to scour built-in documentation and experiment with how the language works.

"You frequently can kind of take a string object and press down [in the IDE] and see all the methods attached to that string object, and then just try them," says Tenen. "You see string.capitalize and go, 'hmm, what does that do?' And you have to actually try it—and once you try it, that kind of experimentation encourages learning."

Having an explicit goal—building the Twitter bot—helped the class focus its limited time quickly on learning to do concrete tasks, instead of getting bogged down in abstract discussions of syntax and algorithms.

"Instead of speaking abstractly about programming, we right away talked about strings, and how there's 140 characters, so you have to check for length," says Tenen. "That specific thing was understandable to the students."

And focusing on personal storytelling helped keep the students engaged, and helped the students from Rikers connect with those from Columbia.

"We had a young man in our group that was a poet, so every time we would come into the group he would bring all these thoughts and ideas that he had been [cogitating] on over the rest of the week that he wanted to share with the world," Brown recalls.

It took a couple of sessions, but the two groups found they had a lot to discuss, especially since some of the Rikers inmates grew up near Columbia's Upper Manhattan campus.

Tenen says the students would ask each other things like: What's your favorite burrito? "Those were kind of the most special moments—just seeing people talk to each other candidly about whatever, about the weather, about food, about just daily frustrations."

The group focused on writing tweets around a few hashtags, such as #RikersIsntHome, says Cameron Rasmussen, a Center for Justice program director who worked on the project.

"It's using the hashtag as an overarching story that they could write to," he says.

The writing assignments had their own unique challenges too, with some of the participants behind bars and subject to jail censorship—but the students generally kept their messages work- and prison-appropriate, he says.

"I think there is a real issue of censorship, and we talk about that openly," says Rasmussen. "We want to develop their critical thinking skills and their critical observation skills, but we also can't be outwardly saying horrible things about the Department of Corrections."

The Center for Justice has previously taught other hands-on classes for young people at the jail through its Justice-in-Education Initiative, including a music production class and one helping students develop a business plan, he says.

The program isn't the first behind-bars programming class—California's San Quentin and Folsom state prisons host a six-month coding boot camp, and the Montana Department of Corrections recently announced it's working on a plan to teach programming to inmates. One challenge at Rikers, though, is that the inmate population is relatively transient, since the jail only holds prisoners awaiting trial or serving short sentences, which makes it hard to offer more in-depth classes.

"There's not a stable culture—it's people coming in and out all the time," says Tenen. "How to do education in that environment is a challenge in itself."

The Center for Justice hasn't stayed in touch with the inmates in the class but hopes to be able to do so with future groups, says Rasmussen. The group plans to hold a second coding class this December, potentially focusing on interacting with the couple of hundred followers the Story Bot has acquired—and on acquiring more.

"Some of them are prominent lawyers, some of them are prominent activists," Tenen says of the Story Bot's followers. "For the next iteration of this workshop, that would be a fun thing to think about: Who would they want to follow? Who would they want to respond to?"

In the wake of the Paris and San Bernardino terror attacks, a long-simmering debate over the security risks of terrorists using encryption has come to a boil. Speaking before Congress last week, FBI Director James Comey reiterated warnings that popular encrypted communication apps are making it difficult for law enforcement officials to monitor suspected criminals and terrorists.

"There's no doubt that the use of encryption is part of terrorist tradecraft now because they understand the problems we have getting court orders to be effective when they're using these mobile messaging apps that are end-to-end encrypted," Comey told the Senate Judiciary Committee on Wednesday. "We see them talking about it all over the world—it is a feature, especially, of ISIL's tradecraft."

One suspect in the May shooting in Garland, Tex., where two men opened fire outside a controversial exhibit featuring cartoons of the Prophet Muhammad, had exchanged encrypted messages with a suspected terrorist overseas prior to the shooting, Comey told the committee. The Islamic State, also known as ISIL or ISIS, has reportedly taken credit for the shooting.

"He exchanged 109 messages with an overseas terrorist," Comey said of the alleged gunman. "We have no idea what he said, because those messages were encrypted."

The FBI director stopped short of calling for legislation to mandate that creators of encryption software provide ways for the government to decode data as it's stored on disk or transmitted across the Internet, citing a decision by the Obama Administration this fall not to seek such a law.

But Comey did reiterate calls for the software industry to work with law enforcement on solutions to the problem, the latest in a continual back-and-forth between officials and tech companies like Apple and Google, as well as specialized security firms, who've said any government backdoor to decode encrypted data will leave their customers vulnerable to hackers.

"The government doesn't want a backdoor—the government hopes to get to a point where if a judge issues an order, the company figures out a way to supply that information to the judge, and figures out on its own what would be the best way to do that," Comey said. "The government shouldn't be telling people how to operate their systems."

Historically, authorities have been able to get court orders letting them access suspects' communications. The Communications Assistance for Law Enforcement Act requires phone companies, including voice-over-IP providers, to cooperate with court-ordered wiretaps, and other laws govern other media, like postal mail and email. And when messages are sent unencrypted, as they historically have been, officials can simply copy them as they pass through the communications system.

But when messages are sent with software providing end-to-end encryption, or files are stored on a hard disk or cloud system after being encrypted with a password, ordinary eavesdropping isn't enough, since the data looks like random noise without a valid decryption key. And the app makers and Internet providers involved simply don't have access to the keys.

"On devices running iOS 8 and later versions, your personal data is placed under the protection of your passcode," Apple tells customers. "For all devices running iOS 8 and later versions, Apple will not perform iOS data extractions in response to government search warrants because the files to be extracted are protected by an encryption key that is tied to the user's passcode, which Apple does not possess."

While software makers might be able to provide the government with backdoor-access to encrypted data, they've generally argued that doing so is a bad idea: it would defeat the purpose of the encryption software and leave their customers and their private information vulnerable to hackers who discover the backdoor.

"Encryption is really part of everyone's daily life whether or not they know it, and creating backdoors in something that protects everybody from bad actors is not a good idea," says Chris Hopfensperger, policy director at BSA - The Software Alliance, an industry group formerly called the Business Software Alliance.

Any backdoors would themselves be another tool for terrorists and criminals to exploit to gain access to sensitive information, argues Miller Newton, the CEO of data encryption firm PKWARE.

"I think that we have to strengthen our national security and one way to actually strengthen our security is to strengthen encryption and actually make its use more widespread, so that we do actually protect our national assets and infrastructure and commerce and everything that comes with it," he says. "When I talk about strengthening encryption, it's really about giving control of the sensitive information to the people and companies and agencies that own it, so that if they encrypt it at the source and they maintain the encryption key, it's up to them whether or not it makes sense to turn that key over to anybody."

In some cases courts have ordered users to turn over their encryption passwords, though such requests wouldn't work in a traditional wiretap scenario, since they'd naturally let the targets know they're being monitored.

And even if the government were to require backdoors in commercial encryption software, there's no reason criminals and terrorists wouldn't simply switch to using alternatives developed overseas or existing open source tools, experts argue.

"If you say let's weaken it, then the criminals won't use it—they'll use something else," says Newton, citing reports the Islamic State may be developing its own encrypted messaging app. "If you outlaw encryption, I promise you, only outlaws will have encryption."

Still, some members of Congress have hinted they may push for limits on encryption tools, even in the absence of pressure from the Obama Administration.

"I'm going to seek legislation if nobody else is," Sen. Dianne Feinstein, D-Calif., said in Wednesday's hearing. Feinstein and Sen. Richard Burr, R-N.C., have previously said they're exploring options for such legislation, though both their representatives declined to comment on specifics this week.

In the meantime, Comey told the Senate committee that law enforcement officials are gathering more data on how encryption has hampered their investigations and have been having productive conversations with tech companies about the situation.

Still, privacy groups like the Electronic Frontier Foundation have argued any compromise that allows government access to data will inevitably weaken privacy and data security. Neither law enforcement nor industry officials have been forthcoming about the nature of their discussions, citing the need for security.

"Law enforcement doesn't want to divulge what they are doing to keep us safe, and companies don't want their systems targeted, so it's better to have those talks out of the spotlight," says Hopfensperger.

During Tuesday night's Republican presidential debate, candidate and former Hewlett Packard CEO Carly Fiorina proudly recalled getting a phone call from the National Security Agency shortly after the Sept. 11, 2001, terrorist attacks.

"They needed help," she said. "I gave them help."

What kind of help did HP provide? Shipments of computer equipment that Fiorina quickly routed to the NSA's headquarters at Fort Meade, Maryland, which was apparently needed to beef up the agency's controversial surveillance operations after the terrorist attacks. According to a September Yahoo! News report, former NSA director Michael Hayden has confirmed the servers were used for Stellar Wind, part of the agency's post-9/11 efforts to monitor email, phone calls, and other communications.

Shortly after Fiorina's debate statement, which was part of a push for greater private-sector involvement in the fight on terrorism, Bloomberg View columnist Josh Rogin posted a Tweet stating that HP indirectly sold millions of dollars in equipment to Iran under Fiorina's watch. The company has always maintained that the sales to Iran took place without HP's knowledge and were not illegal, despite international sanctions against Iran, since they went through several intermediaries, and that HP ended its relationship with a Dubai company involved in the shipments when it learned of the transactions.

Presidential candidate Carly Fiorina claimed in Tuesday night's Republican presidential debate that the Obama Administration hasn't asked big tech companies for help circumventing encryption in fighting terrorism—but the FBI and other federal agencies have done just that several times.

Fiorina, the former CEO of Hewlett Packard, said the private sector's assistance is required to access terrorist communications and devise tools to understand what they find. Even in the case of the 2013 Boston Marathon bombing, in which investigators had some prior suspicions about the Tsarnaev brothers and had access to communication "metadata," they still used "the wrong algorithm" and failed to uncover the plot, she said.

The comments echo statements Fiorina made earlier this week to the conservative website Breitbart News, saying the government needs the help of Silicon Valley to "work around" encryption, asserting that such security measures are needed to keep information safe.

FBI Director James Comey recently reiterated calls for big companies like Apple and Google to help officials decipher encrypted messages and stored data on cell phones and other devices.

Tech companies have effectively declined to do so, saying any government "back door" could be used to circumvent security measures and steal user data.

"Apple has never worked with any government agency from any country to create a 'back door' in any of our products or services," the company says. "We have also never allowed any government access to our servers. And we never will."

A judge in Brazil has ordered cell phone carriers to block access to the calling and texting service WhatsApp for 48 hours beginning early Thursday morning, after the company reportedly failed to respond to a court order in a drug-trafficking case earlier this year. Later in the day, the Sao Paolo high court ruled that service should be restored after just 12 hours of outage, citing "constitutional principles" and the services "millions of affected users."

WhatsApp, which was acquired by Facebook for $22 billion last year, was the most downloaded app last year in Brazil, the world's fourth-largest smartphone market. Many poorer Brazilians depend exclusively on the service for their day-to-day communications; in total, the service has more than 100 million users in Brazil, according to a post by Facebook CEO Mark Zuckerberg earlier today.

"I am stunned that our efforts to protect people's data would result in such an extreme decision by a single judge to punish every person in Brazil who uses WhatsApp," Zuckerberg wrote. He called it a "sad day for Brazil."

Still, Brazilian phone companies who've seen WhatsApp's Internet-based talk-and-text service cut into their revenue may be only too happy to comply with the order. Amos Genish, the president of leading Brazilian phone company Vivo, denounced the wildly popular talk-and-text app as "pure piracy" earlier this year.

WhatsApp recently introduced a free calling service, which works on users' data plans but is far cheaper than carrier-based voice calling. The service's popularity has actually contributed to a reduction in the number of active mobile lines in Brazil, according to the English-language Rio Times. It's enabled Brazilian users to switch from juggling multiple SIM cards from multiple carriers in search of the best calling deals to simply using cheaper data plans for talking and texting.

Rival encrypted-messaging app Telegram reports more than 1.5 million Brazilian users have signed up for its service since WhatsApp has been blocked.

"1.500.000 and counting, SMS-Gateways overloading," the company tweeted, referring to the computers it uses to text activation codes to new customers. "Hang on, your codes are coming! We've got all hands on deck to accommodate the crazy load."

It's estimated that 62% of Brazilian Internet users aged between 16 and 64 use WhatsApp each month, according to GlobalWebIndex. WhatsApp is considered the world's most popular messaging service, with more than 900 million active users globally.

Zuckerberg's statement, posted to Facebook in English and Portuguese, said Facebook Messenger is still available in Brazil.

The service began encrypting messages sent between its users in November last year, making it impossible for third parties including hackers and governments to access them. The details of the underlying court case, said to be a drug-trafficking related case in São Paulo state, are under seal.

"This is really shocking, and illegal," Ronaldo Lemos, the director of the Institute for Technology and Society of Rio de Janeiro, told the Wall Street Journal. "What puzzles me is that one single court can exercise that kind of power, and that the telecommunications companies didn't fight against it. It shows how fragile the Brazilian Internet is."

The decision appears to be an about-face after Marco Civil, a groundbreaking Internet "Bill of Rights" approved last year by President Dilma Rousseff, as a response to the Snowden revelations that the NSA was spying on Brazil. The landmark bill, Brazil's first Internet legislation, was intended to protect net neutrality, privacy, and freedom of speech.

A security researcher who discovered vulnerabilities in an Instagram server apparently traded barbs this week with Instagram parent Facebook's chief security officer over whether his explorations of the system's weaknesses went beyond ethical limits.

Researcher Wesley Wineberg said in a blog post that, despite efforts to work within a Facebook bug bounty program that allows outside security researchers to investigate holes in Facebook systems, the company threatened him with legal action and even contacted the CEO of a company where he does contract work.

"If the company I worked for was not as understanding of security research I could have easily lost my job over this," Wineberg wrote.

In a Thursday post of his own, Facebook chief security officer Alex Stamos wrote that some action Wineberg took in downloading data accessible through the vulnerabilities "was not ethical behavior" and that contacting the company was essentially a last resort effort to make sure Wineberg didn't release potentially sensitive data.

"There was direct communication with Wes where we specifically asked him not to do this," Stamos wrote in a follow-up comment. "Finding somebody responsible who could mediate was the least aggressive of several possible next steps."

The episode seemed to highlight the potential complexities of bug bounty programs, the increasingly popular arrangements where tech companies offer rewards to outside researchers who discover and report security holes in their systems. Facebook alone has paid out millions of dollars through its program since 2011, and bug bounty programs are run by an industry-spanning list of companies from Google to United Airlines.

Wineberg—who has apparently successfully participated in other companies' bug bounty programs—wrote that he sought to comply with Facebook's bug bounty policies, which require participants to "make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of our service."

But Facebook says that his explorations into company systems and downloads of proprietary data went beyond the program's rules.

"We are strong advocates of the security researcher community and have built positive relationships with thousands of people through our bug bounty program," a Facebook spokesperson wrote in an email to Fast Company. "These interactions must include trust, however, and that includes reporting the details of bugs that are found and not using them to access private information in an unauthorized manner. In this case, the researcher intentionally withheld bugs and information from our team and went far beyond the guidelines of our program to pull private, non-user data from internal systems."

According to accounts by both Wineberg and Stamos, Wineberg initially discovered an Instagram server was running a Web-accessible administrative console with vulnerabilities that could let hackers run arbitrary commands on the machine. He reported the danger to Facebook, which ultimately offered him a $2,500 reward through the bounty program.

"Up to this point, everything Wes had done was appropriate, ethical, and in the scope of our program," wrote Stamos.

After reporting the security hole, Wineberg, who wasn't immediately available for comment, wrote that he used the access it provided to search for additional weaknesses in the system. He found credentials for a database on the server and used those credentials to download usernames and encrypted passwords for a Web-accessible administrative tool running on the machine.

Using an open source password-cracking program on his own computer, Wineberg discovered that several of the passwords were "extremely weak"—some were the same as the account username, and some were common default passwords like "password" and "changeme." Wineberg reported the weak passwords to Facebook as well.

He also soon discovered a configuration file with access credentials for an account on Amazon's Simple Storage Service, which he used to access what appeared to be a set of "deployment scripts" stored on the Amazon cloud system. He also downloaded an older stored version of the same data, which contained additional credentials letting him access other S3 repositories, known as buckets.

"There appeared to be a lot of potentially sensitive content, but a lot of it was just more versioned tar archives of tools and web applications," he wrote. "I queued up several buckets to download, and went to bed for the night."

Wineberg wrote that he avoided downloading what appeared to be user data, in an effort to comply with the bounty program's privacy rules, but that he accessed a variety of apparently sensitive company data, ranging from Instagram source code to credentials for additional cloud services.

"To say that I had gained access to basically all of Instagram's secret key material would probably be a fair statement," he wrote. "With the keys I obtained, I could now easily impersonate Instagram, or impersonate any valid user or staff member."

According to his timeline, Wineberg didn't immediately report the files he was able to access with the S3 credentials. While he discovered and tested the credentials on Oct. 24, he didn't file a related report until Dec. 1— only after he says Facebook rejected his bug bounty claim relating to the weak passwords, citing a breach of user privacy.

"As a researcher on the Facebook program, the expectation is that you report a vulnerability as soon as you find it," Wineberg says Facebook told him in one email. "We discourage escalating or trying to escalate access as doing so might make your report ineligible for a bounty."

Wineberg argued those expectations aren't in Facebook's published bug bounty rules. Still, the rules do similarly ask researchers to "let us know right away" when a bug is found and "not interact with other accounts without the consent of their owners"—phrasing which seems designed with end user accounts in mind but might also apply to the employee accounts with weak passwords and Facebook's own S3 accounts.

When Facebook filed a third report, with the leaked S3 credentials, Facebook appears to have taken it as a sign he was continuing to disregard their guidelines.

"The downloading of files from S3 was an unnecessary exfiltration and a violation of a warning we explicitly gave him," Stamos wrote. "I really didn't want him setting a precedent that you could download an arbitrary amount of data and call it legit."

Wineberg has since said he's deleted the data, according to security publication Threatpost, and Facebook says it's changed the S3 credentials.

One place where Wineberg and Stamos seem to agree: that the incident shouldn't have a chilling effect on mutually beneficial relationship bug bounties have brought to security researchers and tech companies.

Facebook says it will take steps to respond to researchers' reports quicker and make its guidelines more explicit.

"We successfully handle hundreds of reports per day, but I don't think we triaged the reports on this issue quickly enough," Stamos wrote. "We will also look at making our policies more explicit and will be working to make sure we are clearer about what we consider ethical behavior."

Data on more than 3 million users of HelloKitty.com and other sites related to the popular character was exposed to the Internet through an insecure database, Austin-based security researcher Chris Vickery reported this weekend.

Vickery, who has recently uncovered millions of accounts' worth of potentially sensitive user data stored in publicly accessible databases at insurance claim management software company Systema Software, security software maker Kromtech, and HIV-positive dating app Hzone, says the database includes users' names, emails, encoded birthdates, passwords, and other information.

He says he discovered the cache of Hello Kitty data through Shodan, a search engine for Internet-enabled devices that's popular with hackers and security researchers for its index of openly accessible data other than ordinary websites. The database came up in a search for publicly accessible databases created with the popular MongoDB platform, he says. While it wasn't labeled as belonging to Sanrio, the company behind Hello Kitty, its ties to the Hello Kitty sites were apparent from the data, he says.

"The Hello Kitty database isn't marked as Hello Kitty," he says. "It goes by another name that I'm not sharing right now."

The database appears to no longer be accessible, he says.

"The alleged security breach of the SanrioTown site is currently under investigation," the company said in a statement Monday afternoon, referring to an official forum site said to be involved in the breach. "Information will be made available once confirmed."

Shodan cofounder John Matherly wrote last week in a blog post that the search engine indexed more than 35,000 publicly accessible MongoDB instances, warning that many may be unintentionally available thanks to misconfigured servers. And common tools make accessing those databases almost as simple as opening a Google spreadsheet.

Vickery says he has reported approximately two dozen vulnerable sites to their owners this year, including a database at Kromtech that exposed data on roughly 13 million users of its security tool MacKeeper. In that case, Kromtech said there was no sign the data was accessed by anyone beside Vickery, but Vickery says he generally assumes he's not the only one able to find such vulnerable databases.

"My theory is that in most of these cases it has been compromised, and the companies just aren't watching logs or aren't willing to admit it," he says. "If I'm coming across it, I'm pretty sure somebody else is coming across it."

In the current breach, he advises Hello Kitty fans to change their passwords anywhere they may have used the same credentials.

"If you've reused that password, change it anywhere else you've used it," he says.

Even though the passwords were stored in encrypted form, they could still potentially be cracked by determined hackers. Though, as the leak indicates, it's clear plenty of personal data is accessible with no password at all—something privacy advocates say needs to change.

"I think at this point, it would be appropriate for federal regulators who enforce data security to issue guidances or news releases that even more businesses and entities might see and act upon to secure their databases," wrote the anonymous editor of DataBreaches.net, which has worked to publicize many of Vickery's discoveries, in an email to Fast Company. "Until then, you can reasonably expect that Chris will just keep finding these leaks and turning them over to the media, and that entities will incur the costs of incident response and hits to their reputation."

Google is planning a new messaging app and a host of artificial intelligence-powered services that will be accessible through it, according to a report in the Wall Street Journal.

Nick Fox, the company's VP for communication products, is said to be leading the effort, as Google's existing Hangouts and Messenger apps are seen to be lagging behind rival offerings from Facebook, Apple, and new competitors like Telegram.

And while Google already offers Google Now, with voice-powered search and organizer features similar to Apple's Siri, Microsoft's Cortana and Amazon's Echo, other competitors are also moving to integrate AI assistants into text-based messaging apps. Just as phone calls have given way to chats and Slack sessions, conversations with Siri and her competitors seem destined to transition to tapped texts.

Facebook has begun to test a personal assistant called M, which is integrated into its Messenger app, and an app called Luka now offers restaurant searches and reservations through a text-style interface or old-fashioned SMS.

Google, with its strength in artificial intelligence, has begun developing an AI engine that learns human language by analyzing movie dialogue, the Wall Street Journal reports. The company is also likely to create an AI app store, letting third-party developers integrate their own robot assistants into the app, just as they can in apps like Telegram and Slack, according to the paper.

Indian telecom regulators have reportedly halted Facebook's "Free Basics" mobile Internet service, formerly known asInternet.org, over net neutrality concerns.

The controversial program allows mobile customers free access to a limited set of Internet services, including certain online shopping, employment and health sites, Wikipedia and, naturally, Facebook itself. While Facebook has said the program offers limited Internet access to more than 1 billion people, those who might otherwise have none, it's come under fire from net neutrality activists and others in the industry who say it limits users to a walled garden populated solely by Facebook's partners.

The Telecom Regulatory Authority of India has asked Reliance Communications, Facebook's Indian telecom partner, to halt the service until it can weigh in on the net neutrality issues involved, according to a report in The Times of India Wednesday.

Facebook urged users to contact the telecom authority in support of the program this week, though the company took some criticism after reportedly accidentally extending the request to users outside of India and after some users said it was too easy to accidentally sign a Facebook online petition.

Facebook has said the outreach to overseas users was a mistake, and that it takes proper precautions to make sure nobody is credited as signing the petition accidentally.

The Free Basics program was reportedly criticized by a committee from India's telecom ministry earlier this year.

"Collaborations between telecom service providers and content providers that enable such gatekeeping role to be played by any entity should be actively discouraged," the committee wrote in a July report, according to The Times of India.

A group within India'sparliament is also said to be studying the issue.

As researchers uncover more about two vulnerabilities recently patched in some Juniper Networks firewalls, the security community continues to speculate about who inserted what Juniper called "unauthorized code" into the company's firewall operating system ScreenOS.

Security experts suggested that one of the security holes in particular, which Juniper warns could allow eavesdroppers to decrypt VPN traffic to some of its NetScreen firewalls, could be the work of the National Security Agency or another spy agency overseas.

"There is no way to detect that this vulnerability was exploited," Juniper cautioned.

The company indicated it has no evidence that either that weakness, or a second vulnerability introducing a secret password that allows anyone to remotely take control of the firewalls, has actually been used. U.S. law enforcement agencies have reportedly joined Juniper in investigating how the code came to be in the firewalls, which are used by big companies and government agencies to secure their networks, Reuters reported Tuesday.

Still, the news of the vulnerabilities comes at a time when the U.S. tech industry is particularly jittery about both the risks of hacks by skilled attackers abroad and a push by domestic officials to create ways for the government to access encrypted communications. Days after Juniper's announcement of the security holes, rival Cisco announced that it had undertaken a precautionary review of its own code—and reiterated that the company has a firm "no backdoor" policy.

"Our development practices specifically prohibit any intentional behaviors or product features designed to allow unauthorized device or network access, exposure of sensitive device information, or a bypass of security features or restrictions," wrote Anthony Grieco, the head of Cisco's Trust Strategy Office, on a company blog.

While Juniper has been tight-lipped about the details of the two vulnerabilities since announcing their existence and releasing a fix on Friday, researchers reverse-engineering the patches have determined the VPN issue relates to an algorithm used to create randomized encryption keys. The algorithm, called Dual_EC_DRBG, was developed by the National Institute of Standards and Technology with help from the NSA. Reports in 2013, based on materials leaked by Edward Snowden, suggested the agency had inserted a backdoor letting it predict random numbers generated by the routine and decode messages they're used to encrypt.

Juniper has said that its use of the algorithm isn't vulnerable to that hack, and the company apparently uses different values for a particular algorithm parameter, known as Q, than that recommended in the NSA-influenced standard, according to a Tuesday blog post by Matthew Green, an assistant professor of Computer Science at Johns Hopkins University. Cryptographers have discovered that eavesdroppers who can control the value of Q can potentially break codes using keys generated with the algorithm, Green wrote.

And, Green wrote, Friday's patch changes the value of Q used in recent versions of Juniper's code to one used in earlier versions of the operating system—suggesting the more recent Q value may have made the algorithm vulnerable. And, he argues, the company has never explained the origin of either value, forcing customers to trust the now-restored parameter is secure.

"The optimistic view is that they recognized the vulnerability of Dual EC and tried to mitigate it by generating their own parameters," he wrote in an email to Fast Company. "Of course, the concern with this is that anyone who generates their own Q could also generate it maliciously, and give the resulting secrets to a surveillance agency. Without some proof that Juniper's Q value was generated safely, we can't really distinguish the two cases."

A Juniper spokesperson declined to comment Tuesday.

The second vulnerability, where a secret password could grant administrative access to the firewalls, also seemed to highlight the speed with which the keys to hidden backdoors could be disseminated across the Internet. Ronald Prins, the CTO of Dutch security firm Fox-IT, tweeted that his company had determined the hidden password merely six hours after Juniper's announcement.

"Patch now," he urged readers.

By Tuesday, the password—which appears to have been chosen to resemble an error message formatting template string in order to blend in with surrounding code—was widely disseminated across the Internet and was even available for sale on T-shirts riffing on its resemblance to the name of Art of War author Sun Tzu.

Chipotle Mexican Grill is introducing a new food safety program amid reports that a series of food poisoning outbreaks have driven customers away.

A Reuters/Ipsos poll released Tuesday showed that nearly a quarter of Americans who have heard of the outbreaks are eating less at the Mexican chain's more than 1,900 locations. But the company says its new safety program will put it "at the forefront of food safety practices" in the industry.

"While it is never possible to completely eliminate all risk, this program eliminates or mitigates risk to a level near zero, and will establish Chipotle as the industry leader in this area," said Mansour Samadpour, CEO of IEH Laboratories and Consulting Group, in a statement. IEH designed the new program with Chipotle.

The restaurant says it plans to introduce DNA testing of ingredients to look for contamination and take additional steps to kill any bacteria in food. Onions will be immersed in boiling water, chicken will be marinated in sealable bags, and cilantro will be added to still-hot rice to kill any germs, according to an Associated Press report.

Other ingredients like cheese and tomatoes will arrive at restaurants already chopped or shredded, the AP reported—a seeming about-face from previous efforts by the company, which is known for preparing fresh, healthy food on-site in the interest of taste.

About 50 people fell ill in a nine-state outbreak of E. coli tied to the restaurants in October, and the Centers for Disease Control and Prevention has opened an investigation into a second possible outbreak in November. In an apparently unrelated outbreak, dozens of Boston College students fell ill with norovirus after dining at a Chipotle location.

The October outbreak shut dozens of restaurants and caused November sales to fall about 16%, according to the AP. The company's stock is trading just below $500, well off summer highs above $750 per share.

The Google-owned robotics company Boston Dynamics delivered a unique holiday greeting this week: a video of the company's robots pulling a (human) Santa in a sleigh.

The company develops robots for the military, Sony, and other users, and showcases a variety of human- and animal-inspired robots across its website, from jumping sand fleas to a sprinting WildCat that's actually shaped a bit more like a buffalo.

The reindeer robots featured in the video appear to be variations on the company's canine-inspired Spot robots, which are designed for navigating indoor and outdoor terrain.

There's something a little spooky about this, in a year when several prominent researchers began seriously questioning whether artificial intelligence might one day pose a real threat to humanity. But these reindeer are tame compared to some other robotic Christmas creations.

Remember these Santa-bots from Doctor Who?

Or this Santa from Futurama?

How about Jack Skellington from Nightmare Before Christmas?

But the scariest Santa of all? We can't even post the image, you'll have to look for yourself.

A new Massachusetts Institute of Technology project could soon bring much greater flexibility to cloud data sharing—potentially helping companies analyze consumer data without giving employees access to individual customers' personal information or letting loan applicants submit data for automated underwriting without ever sharing their information with a human being.

Consumers could even be able to sell access to their own data for research purposes without having to worry about it leaking across the Internet or showing up in unexpected hands.

The Enigma project, created by MIT grad student Guy Zyskind and blockchain entrepreneur Oz Nathan, with help from MIT Prof. Alex Pentland, could enable a marketplace where users can sell the rights to use encrypted data in bulk computations and statistics without giving raw access to the underlying data itself. The group says the project will launch a beta test in the near future.

"With guaranteed privacy, autonomous control and increased security, consumers will sell access to their data," the creators suggest in the white paper. "For example, a pharmaceutical company looking for patients for clinical trials can scan genomic databases for candidates. The marketplace would eliminate tremendous amounts of friction, lower costs for customer acquisition and offer a new income stream for consumers."

Through a cryptographic technique called secure multiparty computation, data can be split between different servers so no one machine can extract the underlying information, but the nodes can still work together to compute authorized functions on the data.

"Data is split between different nodes, and they compute functions together without leaking information to other nodes," the team wrote in a white paper. "Specifically, no single party ever has access to data in its entirety; instead, every party has a meaningless (i.e., seemingly random) piece of it."

Access to the data would be controlled by a blockchain—a shared ledger similar to the one that powers bitcoin and other cryptographic currencies. Users could effectively add to the chain cryptographically signed permission slips giving other users rights to access their stored data in particular ways.

Companies might also be able to use Enigma to store corporate data or information about consumer habits, using the permissions system to let employees or partners analyze the records in bulk without the risk of individual data points being leaked.

Even banks could specify loan underwriting rules in terms of computations to be executed by automated scripts on encrypted, user-provided data, so applicants would never actually have to share their financial details with another human, the team says.

"Users can take loans, deposit cryptocurrencies or buy investment products with the autonomous control of the blockchain, without publicly revealing their financial situation," the Enigma creators write.

[via Bitcoin Magazine]

YouTube says that T-Mobile is throttling traffic to YouTube as part of the mobile provider's new "Binge On" video streaming program—even though YouTube isn't part of the program, according to the Wall Street Journal.

The program offers unlimited access to participating video services—including Netflix and HBO NOW and Hulu—that doesn't count toward users' monthly data plans. But the streams are limited to what T-Mobile calls "DVD quality," and YouTube says that even though it's not participating in the program, bandwidth to its site is also being limited by the wireless carrier, according to the Journal.

The Federal Communications Commission sent an inquiry last week to AT&T, Comcast, and T-Mobile about whether their plans to exempt certain video services from data caps fit in line with the net neutrality rules the FCC announced in February. Still, while FCC Chairman Tom Wheeler has said the commission would be "keeping an eye on" the Binge On program, he has stopped short of calling it a neutrality violation, even praising the offering it as "highly innovative and highly competitive."

T-Mobile also offers a similar program for music, including unlimited streaming of services like Pandora, Spotify, and Apple Music.

On Tuesday, the Internet Association, an industry group that includes Google as well as other video providers like Netflix, Amazon, and Yahoo, criticized T-Mobile's apparent video throttling and praised the FCC for looking into the matter.

"Reducing data charges for entire classes of applications can be legitimate and benefit consumers, so long as clear notice and choice is provided to service providers and consumers," the group said in a statement. "However, a reasonably designed zero-rating program does not include the throttling of traffic for services or consumers that do not participate."