- cross-posted to:
- technology@lemmy.zip
- cross-posted to:
- technology@lemmy.zip
Users from 4chan claim to have discovered an exposed database hosted on Google’s mobile app development platform, Firebase, belonging to the newly popular women’s dating safety app Tea. Users say they are rifling through peoples’ personal data and selfies uploaded to the app, and then posting that data online, according to screenshots, 4chan posts, and code reviewed by 404 Media.
You must log in or register to comment.
Protecting our users’ privacy and data is our highest priority. We are taking every necessary step to ensure the security of our platform
Since sensitive data was put on a public bucket, maybe they meant it was their lowest priority?
Hungry data privacy lawyers when they learned about Tea this week:
Never upload PII to social media
Your privacy is not legally protected.
Tell that to UK citizens. They have to. To be “protected”. The irony
I live in the UK and, like nearly everyone else in the UK, have never been required to do this. The only time it’s required is when accessing adult-only sites, and there are some obvious workarounds in those cases, yarr.
What are the chances of this being the main reason for the app’s existence?
Seeing as the word hack is doing a lot of heavy lifting. They didn’t bother to actually secure the data and then put it on the internet for anyone to access.
My friend came over and told me a story about this crazy date she was on. The guy love bombs her, sets her up with a massage, then in the morning, goes out and eats McDonalds alone and ghosts her. Then repeats every few weeks with love bombs.
I shared that with my discord group and someone said they know that guy too.
Im assuming that’s what Tea is for.
Wait what? How does one ghost and then repeat love bombing? Also why is eating breakfast alone remarkable? Tf is happening?
Im guessing he’s being way too pushy and overbearing, then goes no contact for two weeks, then repeats the process.
You yadda yadda yadda’ed over the best part.
No, I mentioned the bisque.
And what part is that?
What did he order at McDonald’s?
sets her up with a massage, then in the morning,
What happened between the massage and him ditching her to eat breakfast?
You don’t have to go home but you can’t stay here: https://www.literotica.com/stories
…eats McDonalds alone and ghosts her. Then repeats every few weeks with love bombs
Something something “cheat day”
I don’t quite understand the outrage in the thread. I’ve been looking through the comments, trying to see if this ever went beyond gossip and I can’t find anything.
From my understanding the app was intended to be a safe space for women to discuss dating. Relaying information about dangerous individuals, or people who cheat. I can imagine that things might have gotten slightly out of hand in regards to anonymous gossip, but is that anything compared to being doxxed? Besides, women, and men have been gossiping behind each others backs for as long as humans have existed. An anonymous app makes it significantly worse certainly, but it is what it is. This behavior is always going to exist for better or for worse. For example, people already discuss this on sites like fetlife since the risk of ending up with someone who wants to batter you for the sake of battering you is somewhat high there.
Surely we can have some sympathy for people who have had their identifications doxxed by 4chan who haven’t done anything worse than a bit of toxic gossip at most?
you’re right as far it’s intentions go. I honestly couldn’t give a rats ass about what it intended to do what I have a MASSIVE issue with is that it did the EXACT opposite of what it “intended to do.”
It didn’t provide Women with a “safe space” because women’s government issued IDs and their personal selfies were, quite literally, OUT IN THE OPEN. It opened Women who used the app to way more harm.
Their database, and i’m being extremely generous when I call it that, wasn’t even password protected. not even a simple plain text password like “password123” there was NO password. at all. period. All I would have had to do was simply see where the app sent the scanned ID’s, open a terminal, SSH into it WITHOUT A PASSWORD OR KEY, and then I now have access to the IDs of over 13,000 Women. Hell I probably wouldn’t have even had to SSH into it, probably could have opened the damn thing from a web browser.
So when the media is saying 4chan “leaked” this stuff again they’re being generous. It’s like if you were walking down the street that Tea lived on and you noticed they left their door wide open so you decided to peak your head inside and while peaking your head in you noticed a box right by the door that had thousands of IDs in it so you picked up the box and walked out. Chances are other people got to this box before 4chan did, many people probably did, it’s just that 4chan were the only ones to say “Hey I found this house with a wide open door and decided to pick up this box with all these IDs in it, neat huh?”
None of this is what I am discussing. I’m talking about the people in the thread who are saying that these people deserved this.
Are you the only one allowed to bring up points of conversation? Let them say their part
Sorry if that came off the wrong way. I more so meant it to point out what I intended in case there was a misunderstanding.
Oh I see, my apologies then
Why not address them directly?
might have gotten slightly out of hand in regards to anonymous gossip, but is that anything compared to being doxxed?
Well considering the app has profiles of guys with pics all uploaded without their consent or even awareness, and in addition to unaccountable anonymous gossip, the “pro” features include their entire background, address, phone number, etc? I’d say the doxxing app got it’s users doxxed and it’s really sort of a wash. I don’t even use facebook or post pics online and now people dumb enough to upload their ID can upload unremovable pictures of me? Cool.
Imagine if there was a site for just guys to upload pics of cheating women without their consent and shit talk them anonymously without any verification of their claims, and if they pay a fee it includes her address and phone number and criminal record. Nobody would be cool with that. This isn’t different.
I had been under the impression that 4chan had also basically died due to their own site getting hacked
It’s not like it was a complicated site, they just rebuilt it in some modern framework on the cheap.
That which has no life can never truly die (or something)
That is not dead which can eternal lie, and in strange eons even death may die.
I think?
the site got hacked and most of the admins were revealed to have .gov emails but everyone pretty much already expected that so nobody actually cared and it’s back to business as usual
most of the admins were revealed to have .gov emails
I remember reading that this was something someone just made up and was spread a bunch, but wasn’t true at all.
Oh my god that’s… So stupid, i hate this time line.
Dirty water that would behave no different if you sifted out the proteins.
This is why there should be a nationwide rule that PII data should be deleted after the users identity has been verified
There should be a time limit on all data.
A better rule is that PII data should never be used as a basis for auth/auth except by government agencies in the process of delivering legally mandated government services.
Truly impressive how little america cares about its citizens.
BUT WE HAVE FREEDUM!!!
deleted by creator
I thought 4chan shut down permanently like 2 months ago?
Nah they came back online after like 2 weeks I think?
Cancer can return after going into remission for a while.
They found someone to update the PHP version to one released this decade.
Reading these incredible comments has revealed a large piece of what was named as the reason for lemm.ee shutting down.
what was that?
Moderation.
People sign up to app intended to share personal information about others without their permission, end up having their own personal information shared without permission - the irony is impressive.
At first I was going to call bullshit because I thought you were exaggerating and being ridiculous.
Nope. That’s the app. “Anonymous” sharing of pictures and info of other people. Presumably without their permission. That’s fucked up.
Yeah. I mean, I get it. The concept of the app makes sense. And I would be that, on average, it is/would be used for good.
On the other hand, as a guy, the idea that people are out there sharing reviews of me as a person on the open internet, and I have no way of knowing this, is deeply unsettling. Like, I haven’t done anything wrong - just the whole concept feels very gross.
Especially because the app is called “tea”, like the slang term for gossip. The letter of the intention may have been good but the whole thing is toxic.
My problem is how it’s implemented.
An app where you simply post a name and a location, and then people can DM you with their experiences directly, would be a lot less invasive.
That’s terrible.
Have an upvote.
You could ask someone you know to register and share the login, it’s a flawed concept. There’s probably a bunch of partners in there who didn’t even know their boyfriend used their info to create an account to check on themselves.
Removed by mod
…
k
Bruh
I kniw right? Its pretty fucked, but sometimes belief that people, or even men, are mostly good gets you raped or crawling through a puddle of your own blood with fewer than four functioning limbs.
Cynical bitches like me though; we tend to make it out.
as a woman or woman categorized person
Can’t tell if you’re being transphobic to trans femmes or supportive to femme leaning enbies.
Well im talking about external interpretation of ones identity rather than one’s intended expression, so you figure it out. Or don’t.
I’d say that’s supportive of femme leaning enbies rather than transphobic towards trans women.
There are other things it could be. Interperet as you like.
I think it depends on people’s intent and purpose for using this service. I’m overall not a fan of someone taking and sharing pictures of me without my consent, or making claims that can’t be defended…
The group of women legitimately using it for safety is fine, in a general sense.
The group of women using it as gossip and entertainment is not.
It makes sense using it for safety, but I would worry about whether all the information on there is accurate. Most of the feedback on the app is probably negative, I doubt anyone would really post anything on Tea that’s positive about their former partner. But people like to believe they are in the right. Someone who got in a fight with their partner might post something on Tea that isn’t accurate, but makes them feel better since they can spin the story how they want, and make the other person at fault. However, unlike regular social media, the person being attacked by their partner on Tea has no idea that it happened, and no way to refute what was said. It promotes the opposite of any type of communication between partners after a fight or breakup. It promotes safety, but at the same time it promotes some toxicity in relationships. What would you think if you knew that if your got into a disagreement with your partner that you could end up posted on this app, without any way of arguing back?
Considering that “tea” is common slang for gossip I’m not convinced there was many of the
latterformer.Given that the app name is slang for gossip, you’re not convinced there were many women using it for gossip?
Thanks I fixed it
Not sure if this is ironic that the users are now less safe after using the safety app. But I still feel bad for the users. Dating is hard enough without the fear of being harmed.
I made an account on this thing to lurk, bc obviously who wouldn’t be curious? I guess I’m screwed now. Rip.
Self proclaimed “5 star man” Dennis Reynolds is the top suspect
