this post was submitted on 11 Jun 2023
33 points (100.0% liked)

Programming

17547 readers
109 users here now

Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!

Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.

Hope you enjoy the instance!

Rules

Rules

  • Follow the programming.dev instance rules
  • Keep content related to programming in some way
  • If you're posting long videos try to add in some form of tldr for those who don't want to watch videos

Wormhole

Follow the wormhole through a path of communities [email protected]



founded 2 years ago
MODERATORS
top 10 comments
sorted by: hot top controversial new old
[–] [email protected] 9 points 1 year ago

I... don't think I've ever read about the ball being dropped this hard on anything before. This is incredible.

[–] [email protected] 7 points 1 year ago

Interesting reading, thanks!

[–] [email protected] 7 points 1 year ago

Holy shit. Talk about getting owned.

[–] [email protected] 5 points 1 year ago (1 children)

Thanks for sharing. Such an interesting read. I've read many times about databases being exposed publicly, but when a company explicitly states they are using state of the art security and drag other companies through the mud... Man, that really takes the cake.

I shudder to think what it must be like to be a developer there, knowing they're lying so blatently.

[–] [email protected] 6 points 1 year ago (1 children)

In the timeline at the bottom it says:

2023-05-05: Converso asks: 'How were you able to decompile the source code of the app and what do you think should be done to protect against that in the future?'

So I think some of the devs were in way over their heads too!

[–] [email protected] 3 points 1 year ago

The fundamental problem with cryptography is that it's significantly harder to create a system that others can't crack than to create a system that you yourself can't crack.

[–] [email protected] 4 points 1 year ago

I get that building secure communication from scratch is hard, but claiming those things is just outrageous. I see absolutely nothing for them to gain for making such an app with unsubstantiated claims.

[–] [email protected] 3 points 1 year ago

In the list of features of their app, they've somehow "trademarked" Sensors Off™ and Screenshot Protect™, like they're some kinds of novel features

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago)