It's a bad day for would-be tech watchdogs and Watch Climax Onlinegossips.
The tech industry whistleblower and survey site Blind temporarily exposed user data when it left a server functioning without password protection. That's according to TechCrunch, whose new report not only uncovered the server lapse, but also called into question Blind's claims of privacy and complete user anonymity.
SEE ALSO: Blind: The hot app where all the best Silicon Valley gossip is read right nowA South Korean company, Blind is a site that allows tech industry employees to anonymously discuss their companies with colleagues. It also regularly produces surveys about sensitive topics like workplace harassment and diversity that it then distributes to the press. Blind gained prominence when discussions on the platform exposed sexual harassment at Uber. According to TechCrunch, it just secured $10 million in a new round of funding.
Central to Blind's functioning are its claims of privacy and user anonymity. Without this assurance, employees would likely feel uncomfortable discussing their employers.
The unprotected server reportedly showed logins, messages, and interactions,"allowing anyone to read private comments and posts."
Blind responded to the report saying that the unprotected server was an isolated incident that affected users who logged in between Nov. 1 and Dec. 19. Blind said it sent a push notification to affected users within the app.
“While developing an internal tool to improve our service for our users, we became aware of an error that exposed user data,” Blind reportedly wrote.
In addition to account activity, Blind protects its users by disassociating work email addresses from accounts. Blind says that it does not store email addresses, and only creates unique tokens from emails once you sign up.
"Email verification is safe, as our patented infrastructure is set up so that all user account and activity information is completely disconnected from the email verification process," a Blind FAQ reads. "It is impossible to match your user activity to any profile or email information provided upon sign up."
Despite these claims, TechCrunch was able to view emails of Blind users who had not yet posted. The server also contained pairings of these accounts with their unique member IDs, which could reportedly allow for identification if they did post in the future. The report also showed potentially shoddy encryption work for passwords and user tokens.
The server lapse is a potentially huge breach of trust for Blind users. Blind has the potential to be an important whistle-blowing tool for an industry that certainly needs oversight. But without confidence in its security, its users, and its power, could vanish.
CORRECTION: Dec. 21, 2018, 5:16 p.m. PST
A previous version of this article stated that Blind emailed users about the breach. Blind did not email users. It sent a push notification to affected users within the Blind app.
Topics Cybersecurity
Apple is actively looking at AI search for Safari
Meta's news blackout sparks some Canadian advertisers to boycott
Recapping Dante: Canto 26, or You Can’t Go Home Again
The Dark Galleries
Contingent No More
A Photo Essay for National Library Week
How to change fitness goals on Apple Watch
The Morning News Roundup for April 25, 2014
5 Ways to Access a Locked Windows Account
How to not let body shame keep you from LGBTQ Pride 2021
Fyre Festival and Trump’s Language
AI cyberattack could figure out your password from keyboard acoustics
Wordle today: Here's the answer and hints for August 9
What Does Your Wireless Network Name Say About You?
Shop Owala's Memorial Day Sale for 30% off tumblers
Best speaker deal: Get 25% off JBL Clip 4 Bluetooth speakers at Amazon
The Oral Biography of Gabriel García Márquez
The Anniversary of the Road Atlas
NYT Connections hints and answers for May 10: Tips to solve 'Connections' #699.
The Morning News Roundup for April 25, 2014
What to do when you really want to use a group shot on TinderDOJ wants the IP addresses of 1.3 million visitors to a Trump protest websiteVery excited dad nails insane frisbee golf shot. Son doesn't care.How @YesYoureRacist became the internet's fastest tool to identify white supremacistsBiden/Harris campaign coming to Fortnite ahead of Election DayTwitter continues to label Trump's misinformation about vote count13 best tweets of the week, including Kim Kardashian roasts, Mariah Carey, and Jar Jar BingMariah Carey kicks off the holiday season, those are the rulesMale beauty blogger transforms into Emma Watson and it's uncanny'Chicago 10' tells the true story behind Aaron Sorkin's Netflix dramaDave Chappelle will host the first postThese are the top 5 U.S. Google searches ahead of Election DayAmber Heard serves sweet, sweet revenge on politician who kicked her dogs out of AustraliaDave Chappelle will host the first post'Bachelor in Paradise' inadvertently joins the impeach Trump trainTesla's 'Full SelfPeople are promising to post their nudes if Biden wins TexasThe difference in these shoes for girls and boys shows sexism is very much aliveThe best 2020 political moments from late nightAn inflatable Trump rat is waiting for the president in Manhattan Huawei unveils large language model for the automotive industry · TechNode Florasis faces another PR storm following apology · TechNode Digital torchbearer to perform at closing ceremony of 19th Asian Games · TechNode China sees livestreaming sales hit RMB 1.27 trillion in the first half of 2023 · TechNode China announces export control on graphite, a mineral crucial to EV batteries · TechNode BYD reveals price for first Yangwang premium model · TechNode US government restricts 42 Chinese enterprises over alleged support for Russia · TechNode Huawei’s intelligent automotive business unit sees management changes · TechNode Chinese automaker Geely denies plan to build factory in Indonesia · TechNode Xiaomi reportedly in talks with Brilliance, Chery over EV manufacturing · TechNode Vivo set to unveil self Chinese phone maker Oppo reportedly to restart in Great Wall Motor’s NEV sales proportion reaches 30% · TechNode Chinese tech firm Zhipu AI reportedly acquires AI startup Ling Xin Intelligence · TechNode Chinese passenger EV exports surged 107% in Sept, Tesla and BYD lead the way · TechNode TSMC's second plant in Japan may receive $6 billion subsidy · TechNode Huawei aims for 70 million smartphone shipments in 2024 · TechNode ZhipuAI raises $342 million this year led by Chinese tech majors · TechNode Shanghai Disneyland set to introduce world’s first Zootopia Starbucks invests $220 million in China's coffee market expansion · TechNode
1.9605s , 8223.75 kb
Copyright © 2025 Powered by 【Watch Climax Online】,New Knowledge Information Network