您现在的位置是:時尚 >>正文
【】
時尚42571人已围观
简介It's a bad day for would-be tech watchdogs and gossips.The tech industry whistleblower and survey si ...
It's a bad day for would-be tech watchdogs and gossips.
The tech industry whistleblower and survey site Blind temporarily exposed user data when it left a server functioning without password protection. That's according to TechCrunch, whose new report not only uncovered the server lapse, but also called into question Blind's claims of privacy and complete user anonymity.
SEE ALSO:Blind: The hot app where all the best Silicon Valley gossip is read right nowA South Korean company, Blind is a site that allows tech industry employees to anonymously discuss their companies with colleagues. It also regularly produces surveys about sensitive topics like workplace harassment and diversity that it then distributes to the press. Blind gained prominence when discussions on the platform exposed sexual harassment at Uber. According to TechCrunch, it just secured $10 million in a new round of funding.
Central to Blind's functioning are its claims of privacy and user anonymity. Without this assurance, employees would likely feel uncomfortable discussing their employers.

The unprotected server reportedly showed logins, messages, and interactions,"allowing anyone to read private comments and posts."
Blind responded to the report saying that the unprotected server was an isolated incident that affected users who logged in between Nov. 1 and Dec. 19. Blind said it sent a push notification to affected users within the app.
“While developing an internal tool to improve our service for our users, we became aware of an error that exposed user data,” Blind reportedly wrote.
In addition to account activity, Blind protects its users by disassociating work email addresses from accounts. Blind says that it does not store email addresses, and only creates unique tokens from emails once you sign up.
"Email verification is safe, as our patented infrastructure is set up so that all user account and activity information is completely disconnected from the email verification process," a Blind FAQ reads. "It is impossible to match your user activity to any profile or email information provided upon sign up."
Despite these claims, TechCrunch was able to view emails of Blind users who had not yet posted. The server also contained pairings of these accounts with their unique member IDs, which could reportedly allow for identification if they did post in the future. The report also showed potentially shoddy encryption work for passwords and user tokens.
The server lapse is a potentially huge breach of trust for Blind users. Blind has the potential to be an important whistle-blowing tool for an industry that certainly needs oversight. But without confidence in its security, its users, and its power, could vanish.
CORRECTION: Dec. 21, 2018, 5:16 p.m. PST
A previous version of this article stated that Blind emailed users about the breach. Blind did not email users. It sent a push notification to affected users within the Blind app.
Featured Video For You
Apple's new 'Apple Park' spaceship campus will open in April
TopicsCybersecurity
Tags:
转载:欢迎各位朋友分享到网络,但转载请说明文章出处“夫榮妻貴網”。http://new.maomao321.com/news/91a3999869.html
相关文章
Pole vaulter claims his penis is not to blame
時尚Following the cringeworthy moment in which pole vaulter Hiroki Ogita's penis grazed the bar and he f ...
【時尚】
阅读更多關節扭傷熱敷還是冷敷
時尚關節部位在被扭傷以後是必須要記住冷敷 ,這個時候如果是熱敷會出現適得其反的效果,還要注意在冷敷的時候不要讓冰塊直接接觸到自己的皮膚,這是會讓皮膚出現凍傷的反應,等到冰敷好以後就要讓自己受傷的患處得到充分 ...
【時尚】
阅读更多勃起後容易疲軟怎麽治療
時尚勃起後容易疲軟是什麽原因?首先,這種情況被認為是腎虛的典型表現,需要積極和詳細的檢查。確認診斷後 ,可以積極進行藥物治療 ,以達到良好的治療效果 。此外,還需要調整心態,不要有太大的心理壓力 。然後記得多鍛煉 ...
【時尚】
阅读更多