←back to thread

I hacked a dating app (and how not to treat a security researcher)

(alexschapiro.com)
570 points bearsyankees | 1 comments | 12 May 25 16:39 UTC | HN request time: 0.204s | source
Show context
michaelteter ◴[12 May 25 17:34 UTC] No.43965514[source]
Not excusing this is any way, but this app is apparently a fairly junior effort by university students. While it should make every effort to follow good security (and communication) practices, I'd not be too hard on them considering how some big VC funded "adult" companies behave when presented with similar challenges.

https://georgetownvoice.com/2025/04/06/georgetown-students-c...

replies(11): >>43965600 #>>43965723 #>>43965782 #>>43966035 #>>43966222 #>>43966281 #>>43966578 #>>43967558 #>>43968803 #>>43969670 #>>44028540 #
1. peterldowns ◴[12 May 25 17:41 UTC] No.43965600[source]
I hear you but if you're processing passports and sexual preferences you have to at least respond to the security researcher telling you how you're leaking them to absolutely anyone. This is a total clusterfuck and there are zero excuses for the lack of security here.