Tumblr’s ‘recommended blogs’ feature exposed user data

-
A security bug that hit Tumblr’s recommended blogs module may have exposed users’ private information, according to an open letter. Information like email addresses, passwords, IP addresses, and self-reported locations may have become exposed due to the bug if individual accounts were hit.
It’s unclear if the bug affected individual accounts, according to the open letter, but an investigation concluded that the bug “was rarely present.”
“We’ve also thoroughly investigated any way in which our community could have been affected,” the letter reads. “We found no evidence that this bug was abused, and there is nothing to suggest that unprotected account information was accessed.”
The bug was brought to Tumblr’s attention through a bug bounty program run by Oath, Tumblr’s parent company. A security researcher discovered that if a blog appeared in the recommended section of a user’s dashboard, “it was possible, using debugging software in a certain way, to view certain account information associated with the blog.”
“IN OUR VIEW, IT’S SIMPLY THE RIGHT THING TO DO.”
Tumblr’s desire to be transparent with users about security bugs and potentially compromised information comes at a time when other social media platforms are being hit with criticism. Facebook has encountered several major security flaws this year, leading to widespread concern among users as millions of accounts were affected.
“It’s our mission to provide a safe space for people to express themselves freely and form communities around things they love,” Tumblr’s open letter reads. “We feel that this bug could have affected that experience. We want to be transparent with you about it. In our view, it’s simply the right thing to do.”

Comments

Post a Comment

Popular posts from this blog

What is the best Alternatives To YouTube

-
Image
In past few years, YouTube has become the largest video platform in the world but do you think it is reasonable? A few days ago we just experienced an one-hour disconnection from YouTube, and the official has not given a clear answer why it was down so far. As a video creator like me, I can only wait forever, and then after watching YouTube take most of my results, I will earn a small amount of advertising fees to me. It is going downhill with its 10 minute time limit, suspending users for no reason and you can not get your account back. Meanwhile it is said the new copyright law will drive most of video creators away because of the high cost of copyright. I like YouTube but it won’t surprise me if it died. I am thinking that if YouTube is disconnected more and more or someday it is hacked, I need to have some alternatives to replace YouTube. So on that day,  here are the platforms you can use or visit. This list is based on real user reviews and does not contain any advertising c
Read more

The 9 best apps for your new Windows PC

-
Image
Microsoft has done a good job updating its Windows 10 operating system with useful utilities and features, but there’s still room for plenty of third-party apps. If you’ve just received a new PC over the holidays, we have some favorite Windows apps that will improve your experience — and maybe your life. TWEETEN Twitter’s default app for Windows 10 is just a web app, and it’s rather basic. Tweeten has been my favorite Windows 10 Twitter app for a while now. In short, it gives you TweetDeck on Windows by taking the web interface of TweetDeck and making it a lot more Windows 10-friendly, with some additional options so it fits well into Microsoft’s dark UI. DECENTRALIZED CUCKOO Cuckoo is a decentralized app of video platform and it's totally free. Cuckoo has a new concept named decentralization which is totally different than any other video-websites or video players. Every one can create a cuckoo channel anonymously and every channel is autonomous. All the videos can be uploa
Read more

While You Received a Piracy Warning from Your ISP, Here's What to do

-
Large numbers of Internet subscribers, mainly in the United States, have been taking to the Internet in recent months worried about piracy warnings sent to them by their ISPs. Meanwhile YouTubers in Europe are worried on the  new EU Copyright Article 13 which will effect on next Jan . Despite much discussion of these online, questions continue to be asked. So, what should users do when they receive these scary emails? Millions of Internet subscribers use their connections to download and share copyright-infringing content. It’s been going on for almost two decades already and shows no sign of stopping. We all knew and also experienced the crazy times of Torrent.  For the vast majority of users, this kind of activity has no consequences. People grab the latest movies or TV shows, for example, and then hear no more. For many, this means they simply carry on, oblivious to the fact that their unauthorized transfers are probably being monitored by someone, somewhere.  In the majority of c
Read more