“DRIVERS LICENSES AND FACE PICS! GET THE FUCK IN HERE BEFORE THEY SHUT IT DOWN!” the thread read before being deleted.

Users from 4chan claim to have discovered an exposed database hosted on Google’s mobile app development platform, Firebase, belonging to the newly popular women’s dating safety app Tea. Users say they are rifling through peoples’ personal data and selfies uploaded to the app, and then posting that data online, according to screenshots, 4chan posts, and code reviewed by 404 Media.

  • troglodyke@lemmy.federate.ccEnglish
    2·
    4 hours ago

    You can pay for a 3rd party to penetration test your app, it’s good practice to do this before you launch an app, after any significant changes, and annually at a minimum.

    There are also a growing number of companies offering continuous penetration testing - basically, automated pen tests - but these are expensive and it’s difficult to convince companies that the cost is worth it

    • Thymos@discuss.tchncs.deEnglish
      1·
      2 hours ago

      Thanks, that’s good to know! If I do ever decide to release an app, I’ll definitely look into this.