I... don't think I've ever read about the ball being dropped this hard on anything before. This is incredible.
Programming
Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!
Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.
Hope you enjoy the instance!
Rules
Rules
- Follow the programming.dev instance rules
- Keep content related to programming in some way
- If you're posting long videos try to add in some form of tldr for those who don't want to watch videos
Wormhole
Follow the wormhole through a path of communities [email protected]
Interesting reading, thanks!
Holy shit. Talk about getting owned.
Thanks for sharing. Such an interesting read. I've read many times about databases being exposed publicly, but when a company explicitly states they are using state of the art security and drag other companies through the mud... Man, that really takes the cake.
I shudder to think what it must be like to be a developer there, knowing they're lying so blatently.
In the timeline at the bottom it says:
2023-05-05: Converso asks: 'How were you able to decompile the source code of the app and what do you think should be done to protect against that in the future?'
So I think some of the devs were in way over their heads too!
The fundamental problem with cryptography is that it's significantly harder to create a system that others can't crack than to create a system that you yourself can't crack.
I get that building secure communication from scratch is hard, but claiming those things is just outrageous. I see absolutely nothing for them to gain for making such an app with unsubstantiated claims.
In the list of features of their app, they've somehow "trademarked" Sensors Off™ and Screenshot Protect™, like they're some kinds of novel features