My Photo Was Reported on Jackd When Will I Be Able to Upload

The gay dating app Jack'd, which has more than a million downloads in the Play shop, stored images that users marked 'private' and posted in 1:1 conversation sessions *on an unsecured AWS server.*

The site is HTTP-accessible.

Ars Technica beginning posted the story, and confirmed subsequently publication, with testing, that the private image leak in Jack'd has been closed.

"A full cheque of the new app is still in progress."

Extract:

Jack'd, a "gay dating and chat" application with more 1 meg downloads from the Google Play shop, has been leaving images posted by users and marked equally "private" in chat sessions open up to browsing on the Internet, potentially exposing the privacy of thousands of users. Photos were uploaded to an AWS S3 saucepan accessible over an unsecured Web connection, identified by a sequential number. By simply traversing the range of sequential values, information technology was possible to view all images uploaded by Jack'd users—public or private. Additionally, location data and other metadata almost users was accessible via the awarding's unsecured interfaces to backend data.

The upshot was that intimate, private images—including pictures of genitalia and photos that revealed information about users' identity and location—were exposed to public view. Because the images were retrieved past the awarding over an insecure Web connection, they could be intercepted by anyone monitoring network traffic, including officials in areas where homosexuality is illegal, homosexuals are persecuted, or by other malicious actors. And since location data and phone identifying data were also available, users of the application could be targeted

There'south reason to be concerned. Jack'd developer Online-Buddies Inc.'s own marketing claims that Jack'd has over 5 meg users worldwide on both iOS and Android and that it "consistently ranks amongst the peak four gay social apps in both the App Store and Google Play." The company, which launched in 2001 with the Manhunt online dating website—"a category leader in the dating infinite for over 15 years," the company claims—markets Jack'd to advertisers as "the world's largest, most culturally diverse gay dating app."

The bug is fixed in a February seven update. But the fix comes a year after the leak was first disclosed to the visitor by security researcher Oliver Hough and more than three months after Ars Technica contacted the company'due south CEO, Marking Girolamo, well-nigh the upshot. Unfortunately, this sort of delay is hardly uncommon when it comes to security disclosures, even when the set is relatively straightforward. And it points to an ongoing trouble with the widespread neglect of basic security hygiene in mobile applications.

How USB happened

USB has been with us for 26 years. At the time, the technology's co-developer Ajay Bhatt idea it would just be a "[ane-off] $twoscore million opportunity" for Intel. And without his persistence, it wouldn't accept happened at all. From IEEE Spectrum: In the early 1990s, Bhatt told his boss almost his thought of developing a… READ THE Remainder
Epic Games is buying Bandcamp

Fortnight publisher Epic Games has acquired Bandcamp, the online platform that transformed the contained music business in wonderful ways. "The products and services yous depend on aren't going anywhere, we'll continue to build Bandcamp around our artists-first revenue model," said Bandcamp co-founder/CEO Ethan Diamond in a statement. From The Verge: Ballsy describes Bandcamp as committed… READ THE Residuum
Japanese researchers invent lickable screen to display images with flavour

Researchers from Tokyo'due south Meiji University demonstrated a prototype lickable display to display images with flavor. The screen is outfitted with an array of spray cans that squirt flavoring onto a "hygienic motion picture" over the apartment screen. "The goal is to make it possible for people to have the experience of something similar eating at a… READ THE Balance
This Elicto cordless spin mop is the stuff spring cleaning dreams are fabricated of

Nosotros give thanks our sponsor for making this content possible; it is not written by the editorial staff nor does information technology necessarily reverberate its views. Your floors have seen a lot within their lifetime, from nasty spills on spaghetti night to your adorable yet dirty pets' paws running across them, twenty-four hour period in and twenty-four hour period out. And while… READ THE Residual
Get this $100 Restaurant.com gift carte for simply $18 this Female parent'due south Day

Nosotros give thanks our sponsor for making this content possible; it is not written by the editorial staff nor does it necessarily reflect its views. When you were a kiddo, who did yous think cooked all of those chickens, baked those cookies, and mixed all of those salads? It definitely wasn't the kitchen fairy, that'southward for dang… READ THE REST
This crawly mystery box is a great surprise for an unsuspecting tech lover

Sometimes, surprises can be a terrible, no good, awful thing. And it seems like, no affair how much you say you hate surprises, they still come your way either during birthdays, holidays, or when your car's check engine light comes on (the worst shock of them all, if we're being sincere). And while you're washed with the… READ THE REST