CutCodeDown

General Technology => Development and technology news and discussion. => Topic started by: Jason Knight on 1 May 2020, 11:52:07 pm

Title: Quibi -- dirtbags and exploitation
Post by: Jason Knight on 1 May 2020, 11:52:07 pm
For those of you unfamiliar with it, Quibi is a mobile only advertising driven pay to watch video platform. From the day I first heard about it my BS alarm went off. I was asked a few months ago by a friend what I thought, and I said it set off my BS alarm and there's no way this is legit or reputable.

From the platform itself seeming to be your typical dirtbag JavaScript copypasta by people unqualified to write a single damned line of code themselves; it being web based but platform specific defeating the purpose of being web based; the market-speak double-talk; it's "pay 3 dollars more to remove ads" that seemed a bit off...

Well, I was right.

https://www.theverge.com/2020/4/30/21242470/quibi-email-verification-leaking-addresses-ad-companies-facebook-google-data-protection

(though take it with a grain of salt, that is on the Verge after all. You can tie up that grain of salt with your tweezers)

Apparently advert and description revenue isn't enough, they're selling e-mails when the verification code fires to multiple advertising services -- sent as plaintext. This is a massive privacy violation and one of the skankiest things you can do online short of adding a coin mining script.

This is an increasing problem industry-wide too, and it's interesting that so many companies are doing this more as places like California and the EU have been ramping up consumer protection laws against this very practice.

See the skeez that is Wish.com who regularly transmit user's e-mails and even CC info in the open as nothing more than base64. Because what that hive of scum and villainy needed was to be even more disreputable and untrustworthy.

This is what happens when you let marketing turds dictate security.