←back to thread

I hacked a dating app (and how not to treat a security researcher)

(alexschapiro.com)
560 points bearsyankees | 2 comments | 12 May 25 16:39 UTC | HN request time: 0.466s | source
Show context
michaelteter ◴[12 May 25 17:34 UTC] No.43965514[source]
Not excusing this is any way, but this app is apparently a fairly junior effort by university students. While it should make every effort to follow good security (and communication) practices, I'd not be too hard on them considering how some big VC funded "adult" companies behave when presented with similar challenges.

https://georgetownvoice.com/2025/04/06/georgetown-students-c...

replies(10): >>43965600 #>>43965723 #>>43965782 #>>43966035 #>>43966222 #>>43966281 #>>43966578 #>>43967558 #>>43968803 #>>43969670 #
tmtvl ◴[12 May 25 19:18 UTC] No.43966578[source]
I vehemently disagree. 'Well, they didn't know what they were doing, so we shouldn't judge them too harshly' is a silly thing to say. They didn't know what they were doing _and still went through with it_. That's an aggravating, not extenuating, factor in my book. Kind of like if a driver kills someone in an accident and then turns out not to have a license.
replies(6): >>43966766 #>>43967142 #>>43967680 #>>43967819 #>>43968420 #>>43969894 #
1. paulddraper ◴[13 May 25 05:44 UTC] No.43969894[source]
The difference is…this isn’t an automobile and the accident isn’t fatal.
replies(1): >>43973116 #
2. Anthony-G ◴[13 May 25 14:04 UTC] No.43973116[source]
You never know with data leaks from dating apps. A homosexual user would have to clearly state their sexual preferences and this could be dangerous for them if their local community is homophobic. Unfortunately, it’s also not uncommon for victims of “sextortion” to be driven to suicide from the stress and anxiety of being blackmailed. See also, the fallout of the Ashley Madison data breach: https://en.wikipedia.org/wiki/Ashley_Madison_data_breach