Technology
Popsugar’s Twinning app was leaking your photo, even if you didn’t share it
If you spent anytime on the internet this holiday season, you likely saw friends and family sharing a photo matching their face with their celebrity look-alike. If they didn’t share the photo, it very likely was made publicly available anyway.
The app created by Popsugar has been inadvertently making the photos uploaded by its users publicly available via an unsecured web address where the pics were stored.
TechCrunch the data leak on Monday when it noticed an Amazon Web Services storage bucket URL in the source code of the Popsugar Twinning web app. A real-time photo stream of users uploading pics to the app was viewable when opening the AWS address in a web browser.
Popsugar has since closed the photo leak. In an email to Techcrunch, Popsugar’s VP of engineering Mike Patnode explained that “the bucket permissions weren’t set up correctly” on the app.
While the permissions issue has now been fixed on Popsugar’s end of things, many of the photos that were uploaded — shared by its users or not — are on Google image search.
The Twinning app by Popsugar was in February of this year. It recently went viral again these in December. Twinning allows users to snap a photo within the web app or upload a pic from their computer. The app then matches users with their celebrity twin and provides a shareable side-by-side image.
If you used the Twinning app and were unhappy with the photo you took or the celebrity look-alike you were matched with, you may have chosen to keep the results private. Popsugar may have accidentally made your image public anyway.
!function(f,b,e,v,n,t,s){if(f.fbq)return;n=f.fbq=function(){n.callMethod?
n.callMethod.apply(n,arguments):n.queue.push(arguments)};if(!f._fbq)f._fbq=n;
n.push=n;n.loaded=!0;n.version=’2.0′;n.queue=[];t=b.createElement(e);t.async=!0;
t.src=v;s=b.getElementsByTagName(e)[0];s.parentNode.insertBefore(t,s)}(window,
document,’script’,’https://connect.facebook.net/en_US/fbevents.js’);
fbq(‘init’, ‘1453039084979896’);
if (window._geo == ‘GB’) {
fbq(‘init’, ‘322220058389212’);
}
if (window.mashKit) {
mashKit.gdpr.trackerFactory(function() {
fbq(‘track’, “PageView”);
}).render();
}
-
Entertainment6 days ago
WordPress.org’s login page demands you pledge loyalty to pineapple pizza
-
Entertainment7 days ago
Rules for blocking or going no contact after a breakup
-
Entertainment6 days ago
‘Mufasa: The Lion King’ review: Can Barry Jenkins break the Disney machine?
-
Entertainment5 days ago
OpenAI’s plan to make ChatGPT the ‘everything app’ has never been more clear
-
Entertainment4 days ago
‘The Last Showgirl’ review: Pamela Anderson leads a shattering ensemble as an aging burlesque entertainer
-
Entertainment5 days ago
How to watch NFL Christmas Gameday and Beyoncé halftime
-
Entertainment4 days ago
Polyamorous influencer breakups: What happens when hypervisible relationships end
-
Entertainment3 days ago
‘The Room Next Door’ review: Tilda Swinton and Julianne Moore are magnificent