(alexschapiro.com)

560 points bearsyankees | 1 comments | 12 May 25 16:39 UTC | HN request time: 0.214s | source

Show context

michaelteter ◴[12 May 25 17:34 UTC] No.43965514[source]▶

Not excusing this is any way, but this app is apparently a fairly junior effort by university students. While it should make every effort to follow good security (and communication) practices, I'd not be too hard on them considering how some big VC funded "adult" companies behave when presented with similar challenges.

https://georgetownvoice.com/2025/04/06/georgetown-students-c...

replies(10): >>43965600 #>>43965723 #>>43965782 #>>43966035 #>>43966222 #>>43966281 #>>43966578 #>>43967558 #>>43968803 #>>43969670 #

tmtvl ◴[12 May 25 19:18 UTC] No.43966578[source]▶

>>43965514 #

I vehemently disagree. 'Well, they didn't know what they were doing, so we shouldn't judge them too harshly' is a silly thing to say. They didn't know what they were doing _and still went through with it_. That's an aggravating, not extenuating, factor in my book. Kind of like if a driver kills someone in an accident and then turns out not to have a license.

replies(6): >>43966766 #>>43967142 #>>43967680 #>>43967819 #>>43968420 #>>43969894 #

dmitrygr ◴[12 May 25 19:40 UTC] No.43966766[source]▶

>>43966578 #

+1: if you cannot do security, you have no business making dating apps. The kind of data those collect can ruin lives overnight. This is not a theory, here is a recent example: https://www.bbc.com/news/articles/c74nlgyv7r4o

replies(5): >>43966987 #>>43967081 #>>43967592 #>>43969837 #>>43970711 #

1. steeeeeve ◴[12 May 25 21:23 UTC] No.43967592[source]▶

>>43966766 #

I would agree with you. Dating app data might not be legally protected like some PII out there, but there are easily foreseeable bad consequences from compromised dating app data of any kind. Security should be accounted for from the very beginning.

↑

I hacked a dating app (and how not to treat a security researcher)