this post was submitted on 30 Jul 2025
56 points (100.0% liked)

Privacy

2054 readers
102 users here now

Icon base by Lorc under CC BY 3.0 with modifications to add a gradient

founded 2 years ago
MODERATORS
Ategon@programming.dev
danielintempesta@programming.dev
56
Tea app leak worsens with second database exposing user chats (www.bleepingcomputer.com)
submitted 3 days ago by Blaze@piefed.zip to c/privacy@programming.dev
4 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[โ€“] InvalidName2@lemmy.zip 10 points 3 days ago (1 children)

I'm kind of curious about this, admittedly out of naivety and ignorance.

The company posted a bunch of files (images in this case) to a publicly accessible file storage bucket and apparently with guessable / iterable naming conventions and no access restrictions in place. Suddenly they decided that was an oopsie, so that somehow makes it illegal to have accessed the images? Were the "hackers" supposed to infer the intended permissions and adhere to that instead of what was actually implemented? Is the crime that the images were shared after the company changed its mind and updated the file permissions on their server?

[โ€“] topherclay@lemmy.world 6 points 3 days ago

My understanding is that the laws about getting in trouble for accessing something on a computer are basically "if they didn't intend for your to access it and you access it then that's all that is needed for you to get in trouble."

It's basically right up to the line of making a hyperlink that says "oops this was a mistake to hyperlink this, please don't click on this link we did not intend for this to be linked" and if you click that link then you are illegally hacking.

People in Florida got in trouble for accessing COVID data that was just "hidden" in the non-displayed html of some government webpage. The way they "hacked" the data was by pressing Ctrl+U to view the source of the public page.