Comment

Comment on Women Dating Safety App 'Tea' Breached, Users' IDs Posted to 4chan

sp3ctr4l@lemmy.dbzer0.com ⁨5⁩ ⁨days⁩ ago

Wow that was fast.

I did not even know this app existed untill about 8 hours ago.

Already comprimised.

source

Sort:hotnew top

jwmgregory@lemmy.dbzer0.com ⁨5⁩ ⁨days⁩ ago
if that’s truly how the leak happened then these people, in any reasonable jurisdiction, would be considered criminally negligent, at the least.

yay compsci ethics courses :D

boo courts failing to uphold the law >:(

source
- sp3ctr4l@lemmy.dbzer0.com ⁨4⁩ ⁨days⁩ ago
  Hooray two tiered legal system, huzzah!
  
  /s/s/s
  
  source
JackbyDev@programming.dev ⁨4⁩ ⁨days⁩ ago

this arguably is not even largely a hack.

While I agree in principle, I think we should still call it a hack. As in “to gain illegal access to (a computer network, system, etc.)” as Merriam-Webster puts it. It shouldn’t be legal to do do this just because the website had horrible (non-existent) security. You shouldn’t be allowed to rob a house just because the door wasn’t locked.

source
- DreamlandLividity@lemmy.world ⁨4⁩ ⁨days⁩ ago
  At which step should it turn illegal? You accessing publicly available website? If I put PII on my website and send you a link, should you go to jail for opening the link? Or how do you make the distinction, when there is literally no security and its made publicly available?
  
  source
  - JackbyDev@programming.dev ⁨4⁩ ⁨days⁩ ago
    The thing is we don’t need to come up with some absolute definition of what should and shouldn’t be illegal to talk about this case specifically. They didn’t accidentally stumble on this. They doxxed the users instead of responsibly disclosing the problem. This is extremely cut and dry.
    
    If the story here was “I mistyped something and got to a page I shouldn’t have access to, I disclosed it to the company, didn’t dox anyone by sharing the problem, and now the FBI is after me” it would be different.
    
    source
    DreamlandLividity@lemmy.world ⁨4⁩ ⁨days⁩ ago
    They were looking through publicly accessible buckets on firebase. They literally did stumble upon this by accident while going through public data. Should they have disclosed it once they realized what it was instead of spreading it? Sure, morally speaking. But I don’t see how you could write a law to make this illegal without just trampling on free speech.
    
    source
    -> View More Comments
- db2@lemmy.world ⁨4⁩ ⁨days⁩ ago
  This is more like the door was left open and the lights were on, and you took pictures of the artwork on the entryway walls and then left.
  
  source
  - JackbyDev@programming.dev ⁨4⁩ ⁨days⁩ ago
    Except it wasn’t artwork, it was driver’s licenses. You know, things you obviously shouldn’t have access to.
    
    source