Sex club for bi women, some closeted, put all their risqué full-body "audition" photos in a publicly accessible folder

Originally published at: http://boingboing.net/2017/01/27/sex-club-for-closeted-bi-women.html

3 Likes

At first I wondered how anyone could make this kind of mistake, but then I remembered I know someone who has a WP blog with a publicly accessible image upload folder.

So I guess it does happen.

3 Likes

Man, how lazy does a sysadmin have to be to take a few weeks to edit an htaccess file according to someone’s instructions?

6 Likes

Damn Cory that is some hard core click bait.

13 Likes

In B4 “Pics or it didn’t happen.”

7 Likes

It’s a new twist on the old Ashley Madison gig. The site’s membership is a dozen bots and a million frustrated guys.

8 Likes

It’s always good to check that you aren’t forwarding fake, inaccurate or sensationalist news when copying someone else’s story, or to simply follow basic protocol for anyone claiming to be a news organization and contact the subject of the story you are copying, so you don’t unwittingly promote stories that are thin on fact and big on sensationalism and outdated. A temporary glitch with the Skirt Club’s website was fixed Jan 3 but,unfortunately, the authors of the Vice story didn’t bother to check and remained unreachable. These stories are now being dealt with by media lawyers in Berlin.

I think Occam’s Razor says that they were intentionally providing access to these pictures for other people.

Thanks, but I think you’re responding to the wrong person.

1 Like

we can tell the laywers have been contacted. who else could spin “a serious security misconfiguration resulting in a breech of all your customers private photos, potentially outing them” with “temporary glitch”. It was’t a glitch at all, it was a misconfiguration, a basic enough one that it reveals that no security audit was ever done on the site, a site containing private sensitive data.

Also, VICE wasn’t reachable? VICE is “anyone claiming to be a news organization”? They are a major news organization, and easily reachable. They are actively updating the story on their site, and even today noted that you pulled your site.

I realize you are trying to get out front of a potentially disastrous liability case, but being dishonest about it is going to shoot you in the foot when they are establishing negligence.

12 Likes

To be properly secure your outgoing content (possibly containing big heavy images) has to go through your VM (php or python). Thats a heavy load on your server, but its really the only way to ensure that your security model is applied to that content. Apache doesn’t really help us with per session security.

I don’t care to belong to any club that would have Groucho Marx as a member.

Even if he wears a skirt.

2 Likes

TBH, it’s the first I’ve heard of this club, but if the “audition” shots meant that some applicants were rejected on the basis of their appearance then this sounds a lot more like another mean girls clique than anything sex-postivite and liberating.

4 Likes

this is fantastically accurate as advice, but isn’t a refutation of a single thing in the story or headline. That’s just shade throwing/ concern driving trollies.

Clearly you are not an interested party with insider information and an agenda. I trust that your degree of personal involvement has not biased your point of view at all.

And chuckled about by dweebs across the pond, too.

Because it’s chuckleworthy. Not because data got leaked, but because it’s always funny when pretentious people (Skirt Club? check out that font!!) make utterly common mistakes. It’s not funny in any way that I’d bother setting up or seeking out, but it is worth a chuckle. Is it news to you that people who behave in exclusive ways get chuckled at when they get mad that their sand castles got breached by the tide?

You can assume we’re all jealous and prudes if it helps with the sting of the other more important consequences, to the users, becayse in terms of serving the users of the site, you’re not going to improve the situation by blaming the media for covering the mistake inaccurately. You’re only going to cover your own ego, to yourself alone, with that sort of thing.

Whoever made the mistake should show some humility, but shocking shocking shocking - someone came by to say the people covering the mistake should tbe the ones shamed into humility.

Classic projection. I hope you can help the actual people impacted by this breach @Lilly4, but this isn’t how you do that.

4 Likes

This topic was automatically closed after 5 days. New replies are no longer allowed.