Technology
Popsugar’s Twinning app was leaking your photo, even if you didn’t share it
If you spent anytime on the internet this holiday season, you likely saw friends and family sharing a photo matching their face with their celebrity look-alike. If they didn’t share the photo, it very likely was made publicly available anyway.
The app created by Popsugar has been inadvertently making the photos uploaded by its users publicly available via an unsecured web address where the pics were stored.
TechCrunch the data leak on Monday when it noticed an Amazon Web Services storage bucket URL in the source code of the Popsugar Twinning web app. A real-time photo stream of users uploading pics to the app was viewable when opening the AWS address in a web browser.
Popsugar has since closed the photo leak. In an email to Techcrunch, Popsugar’s VP of engineering Mike Patnode explained that “the bucket permissions weren’t set up correctly” on the app.
While the permissions issue has now been fixed on Popsugar’s end of things, many of the photos that were uploaded — shared by its users or not — are on Google image search.
The Twinning app by Popsugar was in February of this year. It recently went viral again these in December. Twinning allows users to snap a photo within the web app or upload a pic from their computer. The app then matches users with their celebrity twin and provides a shareable side-by-side image.
If you used the Twinning app and were unhappy with the photo you took or the celebrity look-alike you were matched with, you may have chosen to keep the results private. Popsugar may have accidentally made your image public anyway.
!function(f,b,e,v,n,t,s){if(f.fbq)return;n=f.fbq=function(){n.callMethod?
n.callMethod.apply(n,arguments):n.queue.push(arguments)};if(!f._fbq)f._fbq=n;
n.push=n;n.loaded=!0;n.version=’2.0′;n.queue=[];t=b.createElement(e);t.async=!0;
t.src=v;s=b.getElementsByTagName(e)[0];s.parentNode.insertBefore(t,s)}(window,
document,’script’,’https://connect.facebook.net/en_US/fbevents.js’);
fbq(‘init’, ‘1453039084979896’);
if (window._geo == ‘GB’) {
fbq(‘init’, ‘322220058389212’);
}
if (window.mashKit) {
mashKit.gdpr.trackerFactory(function() {
fbq(‘track’, “PageView”);
}).render();
}
-
Entertainment7 days ago
Election 2024: The truth about voting machine security
-
Entertainment6 days ago
Teen AI companion: How to keep your child safe
-
Entertainment6 days ago
‘Wallace and Gromit: Vengeance Most Fowl’ review: A delightful romp with an anti-AI streak
-
Entertainment5 days ago
‘Dragon Age: The Veilguard’ review: BioWare made a good game again
-
Entertainment5 days ago
Polling 101: Weighting, probability panels, recall votes, and reaching people by mail
-
Entertainment4 days ago
‘Only Murders in the Building’ Season 4 ending explained: Who killed Sazz and why?
-
Entertainment4 days ago
5 Dyson Supersonic dupes worth the hype in 2024
-
Entertainment3 days ago
When will we have 2024 election results online?