• Categories
  • Archives

READ: Elliot Alderson Tweets Thread Showing How He ‘Got Access to the 63red Database and Obtained all the Details of Their Users’

"FBI Notified."
maga coding, maga app, 63red

Bill Clark/CQ Roll Call via Getty Images, @fs0c131y/Twitter

The designer of a new app for reviewing MAGA-friendly businesses had a total meltdown on Tuesday after an internet researcher discovered major security flaws in the app’s coding.

“63red Safe works like a conservative Yelp,” The Daily Beast reported on Monday. “Instead of reviewing the lighting and ambience, though, the site’s users rate restaurants and other businesses on a series of four questions, including whether the restaurant’s owners make political social-media posts and whether they allow customers to carry weapons.”

Within hours after the launch, a French security researcher with the moniker “Elliot Alderson” (a reference to Mr. Robot) was able to gain access to the backend of the app, which was completely unsecured, leaving users’ data at risk.

In a nutshell, Alderson was able to see that 4,466 people had signed up because no login credentials were needed to snoop around.

Alderson advised against using the app until the security features were upgraded. “ In order to , you can start by learn how to code an application,” he tweeted.

In response, 63red Safe’s founder, Scott Wallace, said in a statement on Tuesday that he takes security “very seriously” and has “already taken action to additionally protect our data.”

And then came the victim card.

“As we have seen across the United States, conservatives particularly have come under attack for their political beliefs — verbally, physically, and electronically,” Wallace wrote. “This is unacceptable in a free society, and we will take every action to stop it, and assist our users in that as well.”

Oy.

Wallace said that he notified the FBI about the “politically-motivated attack” with the hope that “this perpetrator will be brought to justice, and we will pursue this matter, and all other attacks, failed or otherwise, to the utmost extent of the law.”

Unfortunately for Wallace, this was a huge overreaction.

“I can understand 63red is angry but I’m here to help them, not the opposite,” Alderson told Gizmodo.

Alderson’s discovery was not a crime, nor did he steal any data or mess with the site’s digital infrastructure. All he did was point out vulnerabilities in the coding.

“Let’s hope FBI educates the folks at @63red about how this really works,” tweeted hacker Kate Moussouris.

Wallace and 63red Safe were savagely mocked for calling the feds on someone who was trying to make their online safe space safer.

Triggered much?

Load more...

Page 1 of 2
First | Prev | 1 | 2 | Next | Last
View All

Tags:

  • Brandon Gage

    Political Writer

    Brandon began his writing career in a hospital bed in July, 2017. His mission is to provide insight ... keep reading

55 Shares