Tea was storing its users’ sensitive information on Firebase, a Google-owned backend cloud storage and computing service.
Every time. With startups, it's always an unsecured Firebase or S3 bucket.
I'm certainly no web security expert, but shouldn't Tea's junior network/backend/security developers, let alone seniors, know how to secure said Firebase or S3 buckets with STARTTLS or SSL certificates? Shouldn't a company like this have some sort of compliance department?
It's a little more complex than that. If you want the app on the user device to be able to dump data directly into your online database, you have to give it access in some way. Encrypting the transmission doesn't do much if every app installation contains access credentials that can be extracted or sniffed.
Obviously there are ways around this too, but it's not just "use TLS".
I am not sure, but I read somewhere that the developer(s) used vibe coding to create the app so...
Honestly it seems like a weapon that can too easily be used for defamation
Ah nice.
Time to implement a social score. Those who rate highly have better access to social areas.
Those who rate lower are fucked for the rest of their life.
This sounds like such an amazing idea that has no shortcomings whatsoever!
Edit: /s
Why did the app had the government IDs and credit card data to begin with? The app looks like an obvious phishing scam/ Honeypot situation.
I feel that the app filled a need of women we should not ignore. But the app, both this specific app and also the overall concept, is just too rife with downsides to be workable.
So we, as men and as society need to reevaluate why women feel the need for such an app, and reinvest in the criminal justice system to hold victimizers more accountable.
It’s okay to call this app and similar Facebook groups unacceptable. But that’s not enough, we must also call for stronger protections for victims of criminal behavior.
Change the target to any other group and the outrage would be 100-10000 fold bigger.
Try it out, instead of Women rating men, try subbing in various minority groups or races.
Bonus points for the most offensive combinations.....
e.g. Russians rating Ukrainians in your area....it can get pretty bad...I can think of many worse combos.
I think the key reason this was seen as not being terribly offensive was the fact that women are disproportionately more likely than men to be on the receiving end of tons of different negative consequences when dating, thus to a degree justifying them having more of a safe space where their comfort and safety is prioritized.
However I think a lot of people are also recognizing now that such an app has lots of downsides that come as a result of that kind of structure, like false allegations being given too much legitimacy, high amounts of sensitive data storage, negative interactions being blown out of proportion, etc. I also think that this is yet another signature case of "private market solution to systemic problem" that only kind of addresses the symptoms, but not the actual causes of these issues that are rooted more in our societal standards and expectations of the genders, upbringing, depictions in media, etc.
I’m always reminded of the fact that women on dating sites rate 80% of the men as below average….
And the dating advisors who have written numerous articles about how women don’t really know or aren’t really honest with themselves about what they are looking for in a partner….
That was ONE OKCupid survey from years ago, and it also showed that women were more likely than men to message people they didn't rate as attractive.
In reality, women and men rate male facial attractiveness about the same. https://datepsychology.com/can-women-identify-an-average-face/
How many red flags do you need to collect before you get a free cat?
I think of the "bad" dates I would want to be able to warn other women of that didn't rise to the level of calling the cops. The guy who ordered triple the food and drinks I did and skipped out on the bill. The guy who flat out lied about multiple things and then got irate when I politely excused myself from the date. The MAGA weirdo who went on an unhinged rant about how I needed to submit to him because God said so. I imagine some men have comparable experiences with some anti-social women. The experiences coming to mind were not illegal, but were absolutely things I want to spare my fellow humans from.
I would prefer the dating apps themselves have some mechanism for disincentivizing anti-social behaviors. It would have to be more than a simple 5-star rating.
I wonder how it would work IRL to offer the ability to write a few sentences in response to prompts about a date. The written review is not published as-is, but is used in grouping of many reviews to give a summary about a person. Like the summary product reviews on Amazon now. "Bill's dates found he was prompt and polite. Some dates expressed discomfort at some of his political views" and "Bob's dates warn he is often late and is quick to use foul language to describe women. Multiple dates report no intention to communicate with Bob further". "Ben's dates report he has skipped out on the bill repeatedly, and sends unsolicited dick pics. Multiple dates have blocked him".
The group summary gives a buffer so the person reviewed doesn't know which specific date said what. And ensures the summary doesn't include negative comments about a person unless multiple dates of theirs independently report similar experiences.
Of course a bad actor could ditch their dating profile and start fresh any time they build up enough negative reviews to make their summary look bad. And of course the reviews and the summaries would have to be secured tighter than "Tea" is.
Wow just two days ago I see a post about how Lemmy is dominated by men and how that could become a problem, and today I see a comment section where all the incels come out of the woodwork.
"waaa somebody wants to solve a problem that has never affected me I'm the victim"
"omg what if people talk behind my back they might find out I'm an asshole? literally 1984"
"wadabout if this app was racist?!? checkmate"
I'm not saying this app is good or bad (I can definitely see the problems) but if an article about cybersecurity gets posted and this is our first reaction, makes me lose hope in Lemmy.
Edit: Responses have made very good points and I think I was off, thanks guys. I still think some of the early comments I encountered were rather reactionary
i mean...an app directly copying a black mirror episode (but almost exclusively targeting a specific demographic) does ring some very, VERY loud alarm bells...
like, this is literally the plot of nosedive.
it's a social credit system.
and none of the people even know they HAVE a score, so it's somehow even worse than the fictional scenario.
this will, absolutely, hurt innocents and it will do so by design.
"fuck them innocents!"...just because they happen to be men?
how is that anything other than misandrist?
how is that defensible?
how is doxxing, mass libel, and targeted harassment a solution to sexism and rape culture?
I'd be really interested in hearing anything about how this is supposed to help women, because i struggle to see how sowing massive, unearned distrust between men and women is going to make anyone any safer...
I'm really, REALLY glad that the GDPR would nuke this sort of nonsense from orbit...uploading pictures of strangers, for the explicit purpose of gossiping about them behind their backs, spreading awful rumors?
what. the. actual. fuck. is wrong with you people?
and i don't mean women, or men: i mean americans and their total disregard for privacy and digital safety. what the hell...
You make a valid point, this platform absolutely shits on anyone without technical knowledge, just look at the hundred or so smug replies telling you what flavor of Linux they run if you mention a problem with Windows. So, no surprise everyone is focusing on that, and not the human aspect here.
Having said that, there is a power imbalance to this that I really don't like, the accuser gets to hide behind a veil of anonymity, and the accused has their name published, and is forced to defend themselves.
Yeah, this app sucks for a variety of reasons, but holy shit the misogyny in this thread.
Thanks for looking out for us. However, I, too, am a bit concerned. This is how Facebook started. The tech industry has zero ethics. I recommend women, AND men, have a trusted safety buddy when dating. When I met my spouse, I had two people who knew where I was, the person's name, photo, employer, and where we were meeting.Do some internet stalking. If I don't call you in an hour, come looking for me. If I call, I might ask for another hour, but you get the point.
Lots of men in this thread real upset about this app pointing out how the majority men are shit
Defaming people without giving them a chance to defend themselves, talk about shit people...
Citation of course needed with that one.
The only people who will be listed on the app are people who are either deserving they've been on there or people who don't deserve to be on there but some woman in their lives has decided to inact some vengeance justified or otherwise.
It's an antisocial surveillance system for antisocial people, and creates a(n even more) antagonistic relationship between men and women.
Dating apps have been a disaster for dating, and this is perhaps the worst among them.
How does this app even work?
You sign up and then a while later, your personal information gets leaked to the public. Not sure what its other purpose is.
That's corporate social media/apps in general. Does this thing basically let people list crappy things that happened to them by specific humans?
It's basically a slander app, from what I can tell.
it seems its an app that helps women flag potential dating candidates as being dangerous or red flags.
there is the potential for doxxing that comes with that, but I can absolutely understand its use and need when not abused in that manner.
i wonder if there's the potential for a different app with more encryption and a way to prevent doxxing and abuse.
There's definitely a use case, but there's an inherent power imbalance to these products that makes sure they will always be misused. The submitters are anonymous, and it's up to the person being reported on to prove the accusations are false.
Or, they're supposed to be anonymous.
it’s up to the person being reported on to prove the accusations are false.
The person doesn't even know they're mentioned in the app.
How do you warn people about a potential dating candidate being dangerous without doxxing the potential dating candidate? "Hey, watch out for [anonymous person]" doesn't sound very useful.
This is a most excellent place for technology news and articles.
