It's a bad day for would-be tech watchdogs010 Archivesgossips.
The tech industry whistleblower and survey site Blind temporarily exposed user data when it left a server functioning without password protection. That's according to TechCrunch, whose new report not only uncovered the server lapse, but also called into question Blind's claims of privacy and complete user anonymity.
SEE ALSO: Blind: The hot app where all the best Silicon Valley gossip is read right nowA South Korean company, Blind is a site that allows tech industry employees to anonymously discuss their companies with colleagues. It also regularly produces surveys about sensitive topics like workplace harassment and diversity that it then distributes to the press. Blind gained prominence when discussions on the platform exposed sexual harassment at Uber. According to TechCrunch, it just secured $10 million in a new round of funding.
Central to Blind's functioning are its claims of privacy and user anonymity. Without this assurance, employees would likely feel uncomfortable discussing their employers.
The unprotected server reportedly showed logins, messages, and interactions,"allowing anyone to read private comments and posts."
Blind responded to the report saying that the unprotected server was an isolated incident that affected users who logged in between Nov. 1 and Dec. 19. Blind said it sent a push notification to affected users within the app.
“While developing an internal tool to improve our service for our users, we became aware of an error that exposed user data,” Blind reportedly wrote.
In addition to account activity, Blind protects its users by disassociating work email addresses from accounts. Blind says that it does not store email addresses, and only creates unique tokens from emails once you sign up.
"Email verification is safe, as our patented infrastructure is set up so that all user account and activity information is completely disconnected from the email verification process," a Blind FAQ reads. "It is impossible to match your user activity to any profile or email information provided upon sign up."
Despite these claims, TechCrunch was able to view emails of Blind users who had not yet posted. The server also contained pairings of these accounts with their unique member IDs, which could reportedly allow for identification if they did post in the future. The report also showed potentially shoddy encryption work for passwords and user tokens.
The server lapse is a potentially huge breach of trust for Blind users. Blind has the potential to be an important whistle-blowing tool for an industry that certainly needs oversight. But without confidence in its security, its users, and its power, could vanish.
CORRECTION: Dec. 21, 2018, 5:16 p.m. PST
A previous version of this article stated that Blind emailed users about the breach. Blind did not email users. It sent a push notification to affected users within the Blind app.
Topics Cybersecurity
Amazon Big Spring Sale 2025: Best deals under $50
SF Holding files for IPO in Hong Kong · TechNode
Xiaomi releases the CyberDog 2, a smart quadruped bio
SF Holding files for IPO in Hong Kong · TechNode
The Bose QuietComfort Ultra headphones are on sale for $100 off
Foxconn to make chip substrates for Nvidia’s HGX AI servers · TechNode
SF Express joins live commerce wave as it chases new revenue stream · TechNode
China’s Hozon to start operations at a new EV parts plant in September · TechNode
Virtual Reality: The True Cost of Admission (and Why It Doesn't Matter)
Dongfeng reveals redesigned cut
The State of PC Gaming in 2016
Tencent to launch AI model later this year, says it’s among China’s best · TechNode
Meizu 20 Pro customized version launched, features smart car key · TechNode
Xiaomi reportedly developing its own OS · TechNode
Best tablet deal: Get the Google Pixel Tablet for $120 off at Amazon
Kunlun Tech launches the first LLM
Xiaomi introduces Band 8 Pro with a larger 1.74
ByteDance’s subsidiary tests its AI robot Doubao · TechNode
NYT Connections hints and answers for April 26: Tips to solve 'Connections' #685.
Nio CEO says EV firm’s forthcoming phone is comparable with Android flagship devices · TechNode
'Rescued' surfer says he didn't need saving, but thanks anywayNow you can buy a car at your local WalmartFrustrated kid politely lets everyone know how he really feelsIf you still want an NES Classic Edition, GameStop has themMeet the new FCC chairman, harbinger of doom for net neutralityTrekkies can now wake up their Amazon Echo by saying 'computer'Now you can buy a car at your local WalmartThis city will make you face the music for breaking traffic lawsSamsung Galaxy S8 will reportedly launch in April, and LG G6 will suffer for itOscars 2017: It's a good time to be a nerdTributes flow online for muchA group of college students wants to brew beer on the moon, because why notJ.K. Rowling has an eagleMeet the new FCC chairman, harbinger of doom for net neutralityShia LaBeouf gets in fight with troll on day 3 of his 4This is what a computer thinks rum should taste like'Rescued' surfer says he didn't need saving, but thanks anywayJ.K. Rowling has an eagleHere's how you can watch the Oscar nominations live streamTwitter Inauguration Day ratings are out — but please don't add them to TV, Sean Spicer The Ad Council wants to remind everyone that patriotism is about celebrating diversity Hillary Clinton spotted living her best life at Rhode Island bookstore Google's new update will help you avoid holiday shopping crowds How Black Lives Matter activists interrupted a popular tree Star Wars is political, and it always has been 'Bleak' — Most students have trouble identifying fake news, Stanford study finds 30 gift ideas for the person in your life who knows wine is the best medicine The future of high Adverts on the Tube have been 'hacked' to spread an important message Kanye West reportedly hospitalized following concert cancellations Hotel's magical Christmas decor comes from Apple designers Kim K reportedly rushes to Kanye West's side as celebrities tweet support Chance the Rapper sends love to Kanye West after hospitalization Gay woman buys dinner for the homophobic family sitting next to her Someone brought a really polite sign to a protest Brits are already fed up with Black Friday and it's not even Friday yet Grocery shoppers get a taste of life below the poverty line in new ad campaign Kid Cudi publicly thanks collaborators and industry peers in touching letter New 'League of Legends' champion Camille revealed Trump supporters are pissed he won't pursue charges against Hillary Clinton
2.0377s , 10133.3359375 kb
Copyright © 2025 Powered by 【2010 Archives】,Openness Information Network