Trump-Themed Dating App Found Leaking Users' Private Chats
A dating app for President Donald Trump supporters is apparently leaking its users data, including the private messages.
The app is called Donald Daters and it launched on Monday with the goal of helping politically bourgeois singles connect. "You tin can bulletin each other privately correct inside of the app," the website for it claims.
But according to French security researcher Robert Baptiste, the app launched with a major security flaw; the database that stores all the user data is actually exposed on the open cyberspace.
"Yous should non utilize this app," Baptiste said from his Twitter account, which goes by the moniker Elliot Alderson. By accessing the database, he was able to collect contour information, including names, photos, personal messages, and the digital access tokens to log into their accounts. He fifty-fifty claims to have the ability to delete the app's data.
To bear witness his point, he tweeted snapshots of the private letters he pulled from the database, in addition to user profile information. PCMag had a chance to examine a log taken from the database, and it did appear to show chats from actual users over the platform along with their contour pics.
I made a pocket-sized proof of concept to show how the database of the Donald Daters app is vulnerable. With this POC I can:
— Elliot Alderson (@fs0c131y) Oct 15, 2022
- see all private messages
- see all user info
- delete what I want: a bulletin, an user, the all database, ... pic.twitter.com/7doErhzYdY
The developers of Donald Daters did non immediately reply to a request for annotate. Just Baptiste told PCMag the app'southward database was simply misconfigured, which should brand the problem like shooting fish in a barrel to fix. By belatedly Monday, it appeared the app'southward developers had secured the database.
Fortunately, Donald Daters just launched, so there probably isn't a large number of sensitive messages to leak. But aside from the exposed database, the dating app suffers from its share of software bugs. PCMag tried it and noticed the app took several tries to register a profile business relationship. At ane indicate, the app also displayed a alarm saying that the database had "reached its peak connections limit."
Editor's notation: This story has been updated to say the database appears to take been secured.
Source: https://sea.pcmag.com/news/29930/trump-themed-dating-app-found-leaking-users-private-chats
Posted by: wilsonthictly.blogspot.com
0 Response to "Trump-Themed Dating App Found Leaking Users' Private Chats"
Post a Comment