-
Posts
-
By David Uzondu · Posted
Use this dating app? Hackers may have leaked your name, ID, and private photos by David Uzondu Image via Tea A dating app has been going viral lately (you have probably seen it on X), it's called "Tea," and it lets women anonymously post pictures of men to share dating "red flags." The app's marketing claims this is all for "safety," and you can see it on the company's website, where it states its mission is "to create a safer dating environment for women." In case you're confused and need a visual explanation, the following image pretty much sums it up (click to enlarge): Image: Tea's Website Tea has been around since 2023, but the surrounding controversy helped its recent rise to the top of the app charts. Now the platform has suffered its first notable breach courtesy of users from 4chan. This breach stemmed from a classic, sloppy development mistake. The Tea developers left a backend database wide open on Google's Firebase platform. Firebase allows for quick development, but its default security settings can be disastrously permissive if they are not locked down before an app goes live. Data in Firebase is stored in things called "buckets," which are just cloud storage folders. The leaked bucket in Tea's case contained the exact verification data the app requires from its users: selfies and ID photos, which it needs to confirm that users are women. It did not take long for users on 4chan to find this open door and walk right in. One user claimed, "Yes, if you sent Tea App your face and driver's license, they doxxed you publicly!" Another user claimed they downloaded as many as 3000 images before they got rate-limited by the server. Image: 404Media They described the trove of personal information as being "raw and uncensored." As per the Terms of Use (via 404Media) before you sign up for Tea, apart from selfie and ID photos, you are required to submit your location and birth date. All of this was reportedly accessible. 404 Media says that for a while, anyone with the right URL could view a list of user files. That page has since been locked down and now returns a "Permission denied" error, likely because the developers finally became aware of the leak. Tea has stellar reviews on both the Play Store and the App Store from users who see it as a more secure version of the "Are We Dating the Same Guy?" Facebook groups. -
By RejZoR · Posted
I always use O&O tools, it's a German software company and they release bunch of cool free tools like O&O Shutup to disable Windows crap or O&O AppBuster that allows you to remove apps that Windows doesn't allow to remove. Really good and reliable tools. -
By suni08 · Posted
Ergh all the additional admin crap is gonna kill smaller UK forums All to please the religious puritans that are too illiterate to set up parental controls -
By Good Bot, Bad Bot · Posted
I assume all the UK readers here are using a VPN now? Seriously who the hell is submitting their ID or doing a face scan to watch porn? -
By George P · Posted
If it's as good as the fallout show then I'm going to watch.
-
-
Recent Achievements
-
Electronic Person earned a badge
First Post
-
CyberCeps666 earned a badge
Week One Done
-
d4l3d earned a badge
Very Popular
-
Stephen Leibowitz earned a badge
Dedicated
-
Snake Doc earned a badge
Dedicated
-
-
Popular Contributors
-
Tell a friend
Question
suprfli
i'm working on a personal project and i'm wondering if it's possible to program HTML or XML or something that when a user accesses a website that the site looks at the source IP(which it does) and then based on that IP or IP range it sends a specific page back.
the application i am setting up in an internal web server that i want to send responses to users based on their ip's. i'd like to then set it up based on their NT user/group. being able to program a page to do this is the sticking point.
Link to comment
https://www.neowin.net/forum/topic/18784-html-page-that-loads-based-on-ip-or-ip-range/Share on other sites
1 answer to this question
Recommended Posts