• pitl@lemmy.sdf.org
    link
    fedilink
    English
    arrow-up
    8
    ·
    1 year ago

    I… don’t think I’ve ever read about the ball being dropped this hard on anything before. This is incredible.

  • Namstel@programming.dev
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    Thanks for sharing. Such an interesting read. I’ve read many times about databases being exposed publicly, but when a company explicitly states they are using state of the art security and drag other companies through the mud… Man, that really takes the cake.

    I shudder to think what it must be like to be a developer there, knowing they’re lying so blatently.

    • Threen@aussie.zoneOP
      link
      fedilink
      English
      arrow-up
      5
      ·
      1 year ago

      In the timeline at the bottom it says:

      2023-05-05: Converso asks: ‘How were you able to decompile the source code of the app and what do you think should be done to protect against that in the future?’

      So I think some of the devs were in way over their heads too!

      • Kempeth@feddit.de
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        The fundamental problem with cryptography is that it’s significantly harder to create a system that others can’t crack than to create a system that you yourself can’t crack.

  • msage@programming.dev
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    I get that building secure communication from scratch is hard, but claiming those things is just outrageous. I see absolutely nothing for them to gain for making such an app with unsubstantiated claims.

  • ActuallyRuben@actuallyruben.nl
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    In the list of features of their app, they’ve somehow “trademarked” Sensors Off™ and Screenshot Protect™, like they’re some kinds of novel features