Post Awl2I6qDWiOFWc53vk by stevegio@gardenstate.social
 (DIR) More posts by stevegio@gardenstate.social
 (DIR) Post #AwhYQAwsYiheTvFNdw by stux@mstdn.social
       2025-07-31T19:02:50Z
       
       0 likes, 1 repeats
       
       With the recent #Tea app breach, one of them was an unsecured Firebase bucket where photos where stored for verificationSo bascially everyone could read/write to the bucket aka download the imagesAlso, the EXIF data was still included on these photos to make it even worse~13 000 images till 2024The second bug gave users access tp an API key that could request any data from the databaseIt's bad
       
 (DIR) Post #AwhZ4vciRV4cpAFSYC by Viss@mastodon.social
       2025-07-31T19:10:09Z
       
       0 likes, 0 repeats
       
       @stux this is the sort of shit that cloud and vibe coding enable.
       
 (DIR) Post #AwhfrndfW8QxyVNfn6 by thehole@dasforum.org
       2025-07-31T20:26:13Z
       
       0 likes, 0 repeats
       
       @stux I still wonder whether this was ignorance or on purpose.
       
 (DIR) Post #Awl2I6qDWiOFWc53vk by stevegio@gardenstate.social
       2025-08-02T11:21:37Z
       
       0 likes, 0 repeats
       
       @stux These kind of breaches are going to be common place when age verification is required by law. It’s already mandated in the UK and it’s coming to the US as well.