welcome
About us
Newsletter
News Widget
Media Inquiries

Summary

Raw App Security Lapse

This is a U.S. news story, published by TechCrunch, that relates primarily to TechCrunch news.

U.S. news

For more U.S. news, you can click here:

more U.S. news

celebrity news

For more celebrity news, you can click here:

more celebrity news

TechCrunch news

For more news from TechCrunch, you can click here:

more news from TechCrunch

About the Otherweb

Otherweb, Inc is a public benefit corporation, dedicated to improving the quality of news people consume. We are non-partisan, junk-free, and ad-free. We use artificial intelligence (AI) to remove junk from your news feed, and allow you to select the best entertainment news, business news, world news, and much more. If you like celebrity news, you might also like this article about

app Raw

. We are dedicated to bringing you the highest-quality news, junk-free and ad-free, about your favorite topics. Please come every day to read the latest Raw app news, Android device news, celebrity news, and other high-quality news about any topic that interests you. We are working hard to create the best news aggregator on the web, and to put you in control of your news feed - whether you choose to read the latest news through our website, our news app, or our daily newsletter - all free!

Raw app users
TechCrunch

TechCrunch

Entertainment

Entertainment

Exclusive: Dating app Raw exposed users' location data and personal information

TechCrunch
Summary
Nutrition label

81% Informative

A security lapse at dating app Raw publicly exposed the personal data and private locations data of its users.

The exposed data included users’ display names, dates of birth, dating and sexual preferences.

TechCrunch discovered the bug on Wednesday during a brief test of the app.

Raw fixed the data exposure on Wednesday , shortly after TechCrunch contacted the company with details of the bug.

As such, IDOR bugs can be exploited with ease and in some cases enumerated, allowing access to record after record of user data. U.S. cybersecurity agency CISA has long warned of the risks that IDOR bugs present, including the ability to access typically sensitive data “at scale.” As part of its Secure By Design initiative, CISA said in a 2023 advisory that developers should ensure their apps perform proper authentication and authorization checks. Since Raw fixed the bug, the exposed server no longer returns user data in the browser..

VR Score

78

Informative language

74

Neutral language

72

Article tone

informal

Language

English

Language complexity

64

Offensive language

not offensive

Hate speech

not hateful

Attention-grabbing headline

not detected

Known propaganda techniques

not detected

Time-value

short-lived

External references

4

https://www.fastcompany.com/91295715/a-new-wearable-from-dating-app-raw-promises-to-track-your-partners-emotions-in-real-timehttps://www.cisa.gov/news-events/cybersecurity-advisories/aa23-208ahttps://www.theverge.com/wearables/657475/raw-ring-wearables-emotion-tracking-smart-ringhttps://www.cisa.gov/securebydesign

Source diversity

3

www.fastcompany.comwww.cisa.govwww.theverge.com

Affiliate links

no affiliate links

Read full article