Thursday, July 25, 2024
25.5 C
Los Angeles

How to assess a general-purpose AI model’s reliability before it’s deployed | MIT News

Foundation models are massive deep-learning models that...

El Salvador: Rights Violations Against Children in ‘State of Emergency’

El Salvador’s state of emergency, declared in...

Vietnam: New decree on cashless payments

On 15 May 2024, the Government officially...

Privacy Breach Exposes Sensitive User Data on Friend.tech, Raising Concerns Over Unauthorized Permissions

Fraud, Bribery & CorruptionPrivacy Breach Exposes Sensitive User Data on Friend.tech, Raising Concerns Over Unauthorized Permissions

Friend.tech, a platform that allows users to tokenize their social networks, has experienced a significant privacy breach resulting in the unauthorized exposure of sensitive information for over 101,000 individuals. Here are the key details:

  • Data Exposed: Banteg, a core contributor to DeFi project Yearn Finance, published a repository of publicly available scraped data on GitHub. This data contained critical information about Friend.tech users, including wallet addresses on Coinbase’s layer-2 network Base and corresponding Twitter usernames.
  • Unauthorized Permissions: The breach revealed that over 101,000 Friend.tech users had granted the platform access to post on their behalf. This raised concerns about the extent of permissions granted by users and whether they fully understood the implications or explicitly consented.
  • API Leak: The breach was initially discovered when Spot On Chain analysts found that Friend.tech’s API had inadvertently leaked information. This allowed access to view wallets created by users, along with associated Twitter usernames.
  • Platform Explanation: Friend.tech responded by downplaying the severity of the breach, stating that the information was publicly available through their API, similar to viewing public Twitter feeds.
  • Platform Growth: Despite the privacy concerns, Friend.tech has experienced significant growth recently, attracting high-profile users and accumulating over $1.42 million in protocol fees within 24 hours. The project aims to enable crypto influencers to earn royalties from trading fees and strengthen relationships between Web3 projects, venture capitalists, and prominent figures in the crypto industry.

The breach highlights the importance of user data protection in the cryptocurrency and blockchain space, as well as the need for platforms to clearly communicate and obtain user consent regarding data sharing and permissions.

By FCCT Editorial Team

Disclaimer: The views expressed in this article are independent views solely of the author(s) expressed in their private capacity.

Check out our other content

Ad


Check out other tags:

Most Popular Articles