Strypey
phildini
der.hans
Strypey and 10 others boosted

Oh I see the absurdly, negligently insecure Tea app is now getting the "hackers hacked" treatment, so that it can comfortably deflect blame to some unspecified scary hackers?

Cool, cool.

takes out a bullhorn

📢 Tea kept drivers license photos of thousands of women in an unprotected Google Firebase storage bucket.

📢 Centering "hackers" means helping let those responsible for the horrendous negligence at Tea off the hook.

👏 There is no "hack", only other people's negligence.

#InfoSec #Tea

Sean Tilley
Sean Tilley liked this activity

Oh I see the absurdly, negligently insecure Tea app is now getting the "hackers hacked" treatment, so that it can comfortably deflect blame to some unspecified scary hackers?

Cool, cool.

takes out a bullhorn

📢 Tea kept drivers license photos of thousands of women in an unprotected Google Firebase storage bucket.

📢 Centering "hackers" means helping let those responsible for the horrendous negligence at Tea off the hook.

👏 There is no "hack", only other people's negligence.

#InfoSec #Tea

Oh I see the absurdly, negligently insecure Tea app is now getting the "hackers hacked" treatment, so that it can comfortably deflect blame to some unspecified scary hackers?

Cool, cool.

takes out a bullhorn

📢 Tea kept drivers license photos of thousands of women in an unprotected Google Firebase storage bucket.

📢 Centering "hackers" means helping let those responsible for the horrendous negligence at Tea off the hook.

👏 There is no "hack", only other people's negligence.

#InfoSec #Tea

Interesting read…

𝙂𝙤𝙤𝙜𝙡𝙚 𝙞𝙨 𝙩𝙧𝙖𝙘𝙠𝙞𝙣𝙜 𝙮𝙤𝙪 (𝙚𝙫𝙚𝙣 𝙬𝙝𝙚𝙣 𝙮𝙤𝙪 𝙪𝙨𝙚 𝘿𝙪𝙘𝙠𝘿𝙪𝙘𝙠𝙂𝙤)

https://www.simpleanalytics.com/blog/google-is-tracking-you-even-when-you-use-duck-duck-go

#google #tracking#privacy #InfoSec #security#tech #technology#BigTech#BigBrother

Interesting read…

𝙂𝙤𝙤𝙜𝙡𝙚 𝙞𝙨 𝙩𝙧𝙖𝙘𝙠𝙞𝙣𝙜 𝙮𝙤𝙪 (𝙚𝙫𝙚𝙣 𝙬𝙝𝙚𝙣 𝙮𝙤𝙪 𝙪𝙨𝙚 𝘿𝙪𝙘𝙠𝘿𝙪𝙘𝙠𝙂𝙤)

https://www.simpleanalytics.com/blog/google-is-tracking-you-even-when-you-use-duck-duck-go

#google #tracking#privacy #InfoSec #security#tech #technology#BigTech#BigBrother

As part of the investigation, I have looked closely at Telegram's protocol and analyzed packet captures provided by IStories.

I have also done some packet captures of my own.

I dive into the nitty-gritty technical details of what I found and how I found it on my blog:

Telegram is indistinguishable from an FSB honeypot
https://rys.io/en/179.html

Yes, my packet captures and a small Python library I wrote in the process are all published along.

#Telegram #InfoSec #Privacy #Surveillance #Russia

As part of the investigation, I have looked closely at Telegram's protocol and analyzed packet captures provided by IStories.

I have also done some packet captures of my own.

I dive into the nitty-gritty technical details of what I found and how I found it on my blog:

Telegram is indistinguishable from an FSB honeypot
https://rys.io/en/179.html

Yes, my packet captures and a small Python library I wrote in the process are all published along.

#Telegram #InfoSec #Privacy #Surveillance #Russia

Remarkable investigation into Telegram by IStories (in Russian):
https://www.istories.media/stories/2025/06/10/kak-telegram-svyazan-s-fsb/

English version by OCCRP:
http://www.occrp.org/en/investigation/telegram-the-fsb-and-the-man-in-the-middle

tl;dr:

👉 Telegram uses a single company with ties to the Russian FSB as their sole infrastructure provider, globally.

👉 Combined with a cleartext device identifier Telegram's protocol requires to be prepended to all encrypted messages, this allows for global surveillance of Telegram users.

I am quoted in this story.

#Telegram #InfoSec #Privacy