parsonsisconsulting

Parsons Software Security Consulting Blog

Secret To Launch A Bug Bounty Program As Soon As Today

leave a comment »

TechCrunch

Today, for a brief time, a post on the secret sharing app Secret and an image on Twitter caused a twinge in the cockles of every user’s heart. The image appeared to indicate that your email — and therefore your identity — could be tied to your Secret posts.

Given that the vast majority of posts on Secret are stuff that would end up being really, really awkward to explain to friends and employers, that’s a genuine concern.

Twitter denizen Barce was one of the first to share a screenshot publicly that showed your own email (but not that of any other user) being passed as part of the stream of data from the app’s internal API.

cdv_photo_001

The fact is that there was a very remote possibility of this being a problem in the long run — as it required that the ‘sniffer’ own the network that the device was…

View original post 276 more words

Written by mparsons1980

February 13, 2014 at 4:47 am

Posted in Uncategorized

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: