Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×
Security The Internet

Following Data Leak, HIV Dating App's Developers Threaten Infection (csoonline.com) 105

itwbennett writes: Sometime before November 29, the MongoDB housing the data of Hzone, a dating app for HIV-positive singles, was exposed to the Internet. The company, displeased with having the security incident disclosed, responded to an email notification from DataBreaches.net with this threat: "Why do you want to do this? What's your purpose? We are just a business for HIV people. If you want money from us, I believe you will be disappointed. And, I believe your illegal and stupid behavior will be notified by our HIV users and you and your concerns will be revenged by all of us. I suppose you and your family members don't want to get HIV from us? If you do, go ahead." Hzone later apologized for the threat.
This discussion has been archived. No new comments can be posted.

Following Data Leak, HIV Dating App's Developers Threaten Infection

Comments Filter:
  • by Ritz_Just_Ritz ( 883997 ) on Tuesday December 15, 2015 @11:14PM (#51127209)

    So...we've got a company that runs a business by trading on someone else's misfortune. Rather "ballsy" to go after the folks reporting the breach rather than focus on the fact that their customers are flapping in the breeze as a result of their incompetence. Replace HIV with "leprosy" or "cancer"....the result is the same.

    Sad.

    • by thechemic ( 1329333 ) on Tuesday December 15, 2015 @11:35PM (#51127281)

      Following Data Leak, "Cancer" Dating App's Developers Threaten Infection

      Ugh...

    • by ArmoredDragon ( 3450605 ) on Wednesday December 16, 2015 @12:25AM (#51127457)

      Umm...cancer typically isn't the result of incompetence. In act, 65% of the time it's completely by chance [www.cbc.ca], meaning no action you took caused it, you just got unlucky. Leprosy isn't necessarily either, in fact it can spread by somebody coughing into their hand, touching a doorknob, and you coming up later and touching that same doorknob without ever seeing that person.

      Furthermore, fulfilling an economic need isn't trading on someone else's misfortune. If it was, then restaurants would be trading on someones misfortune of being hungry.

      • by Nemyst ( 1383049 )
        The parent meant that Hzone's customers are flapping in the wind because of Hzone's incompetence at protecting their data, not that HIV/leprosy/cancer are a result of incompetence.
      • Umm...cancer typically isn't the result of incompetence. In act, 65% of the time it's completely by chance, meaning no action you took caused it,

        Your link says that 65% of the time it's caused by "random mutation", which means we don't know what caused it. Was it a cosmic ray? Something you ate? Some toxic perfume you wore? Some toxic perfume someone else wore? Something that leached into your bottled water, since all (yes, all) plastic bottles leach toxics into their contents over time? It doesn't support your assertion.

        The article is inherently misleading since we never know what caused a cancer. We can crunch the numbers but we have to rely on st

        • by afxgrin ( 208686 )

          They took stem cells and observed their behaviour. This isn't some study where they just averaged incident rates vs. environmental exposure.

          https://www.sciencemag.org/con... [sciencemag.org]

          Non-paywalled version of the full paper:

          http://www.uvm.edu/~cdanfort/c... [uvm.edu]

          • by afxgrin ( 208686 )

            The funny part is I'm reading this paper now and I don't see where they came up with this 65% number being quoted in the CBC article. It's implied they got it from the principal author but he's not quoted as saying 65%.

            • by afxgrin ( 208686 )

              Nevermind....

              "A linear correlation equal to 0.804 suggests that 65% (39% to 81%; 95% CI) of the differences in cancer risk among different tissues can be explained by the total number of stem cell divisions in those tissues."

            • That number (65%) is one of the 85% of statistics that's made up on the spot.
        • Your link says that 65% of the time it's caused by "random mutation", which means we don't know what caused it. Was it a cosmic ray? Something you ate? Some toxic perfume you wore?

          None of the above. afxgrin already answered this for you.

          Something that leached into your bottled water, since all (yes, all) plastic bottles leach toxics into their contents over time? It doesn't support your assertion.

          LOL, so now you're believing everything you read in those chain emails? Hate to piss in your cheerios, but those emails are chock full of urban myth:

          http://www.cancer.org/aboutus/... [cancer.org]

          • Something that leached into your bottled water, since all (yes, all) plastic bottles leach toxics into their contents over time? It doesn't support your assertion.

            LOL, so now you're believing everything you read in those chain emails? Hate to piss in your cheerios, but those emails are chock full of urban myth:

            And then you proceed to link something which doesn't actually speak to my assertions. It addresses one chemical. It's also from the American Cancer Society, which makes it dubious on its own. They are Big Pharma whores. Guess what? There are multiple known carcinogens commonly used in plastic drinking water bottles, and they leach into their contents [npr.org]. The government insisted that BPA was safe [jsonline.com], and we saw how much bullshit that was. Now they're insisting that BPS and the rest of of this shit is safe, and you

            • If you're going to argue that everything you don't know about is dangerous, then you shouldn't ever eat anything again. Because by your argument, you might die from eating one of the hundreds of ingredients in a raw apple (or anything else) that you've never heard of and don't know what they do. Seriously, you're entire post is one big example of a logical fallacy:

              https://en.wikipedia.org/wiki/... [wikipedia.org]

            • Oh, and pushing aside your really bad logical fallacy, as for your supposed link to cancer in water bottles, I think it's more likely that you'd get cancer from coffee. Why? Well coffee has over 36 known carcinogens in it (this includes natural/organic coffee.) KNOWN. Not this "fear of the unknown" shit you're appealing to.

    • I would say that the original response to DataBreach was probably shear ignorance. It was probably a response written by someone non-technical that doesn't understand that it wasn't DataBreach that did the deed, but rather they discovered and were notifying them.

      Look at the way the HIV site reacted. Seems pretty clear that the original response was an angry/hurt reaction and the apology likely occurred after someone technical pointed out what was actually going on.

      Admittedly, I didn't read the article, bu

      • by chipschap ( 1444407 ) on Wednesday December 16, 2015 @12:59AM (#51127563)

        I would say that the original response to DataBreach was probably shear ignorance.

        Shear ignorance ... a truly cutting remark.

      • Re: (Score:3, Interesting)

        by ls671 ( 1122017 )

        I used to send notices to site admins that seem like they had been hijacked because on the requests/packets they were sending to my site. Why else would some public school site or not profit organization site try to brake into my systems unless they have been themselves compromised.

        I stopped doing this because some site admins though I was the one hijacking them so now it is all for myself; don't try to help otherwise you may get in trouble.

        Well, it silly but I guess this is how things work...

        • by AmiMoJo ( 196126 )

          A bit OT but back in the 90s when dial-up was the norm I noticed the RX light on my modem flash every 10 seconds. I investigated and found that some random IP address was sending me pings. Back then I was using an Amiga and would respond to pings. Anyway, this annoyed me so I did a bit of port scanning on the source IP, found telnet was available and connected.

          It seemed to be some kind of router OS, not BSD or Linux anyway. I could't find much info or a list of commands, but eventually found that RESET woul

          • by ls671 ( 1122017 )

            Leave in peace ;-)

          • by ls671 ( 1122017 )

            In my area, the first Internet providers aside from the Universities(/Army) were definitely using Linux. I am still using Slackware in prod systems in 2015 but this is just me.

            This was about 10 years before banks that have said they would never go online went. It has been a turning point. After they did, it was now safe to make financial transactions using the Internet in the mind of the people.

    • by Anonymous Coward

      At least it protects people from their kind. They keep infecting people that don't have it which is how it spreads. Those infected people are infecting others. If they would stop, AIDS would die off, but instead those people decided to keep infecting others.

    • My guess this that this made by HIV infected people as a service to others with the same condition, rather than a money making activity, so I don't think we can question the motives of the people providing this service as being exploitative.

      However, they should have protected their users' information far better, given the special privacy requirements that their users have, especially in light of the recent Ashley Madison breeches. Blame is not a zero sum game, unless it's falling prey to a 0-day exploit in

    • by BigDish ( 636009 )

      You say that they run a dating site targeting HIV+ individuals like it's a bad thing. The reality is that the majority of HIV- people in the world are woefully under-educated about HIV and the ways it does (and does not) spread. This causes many HIV- people to refuse to date HIV+ people. In turn, many HIV+ people prefer to date other HIV+ people as they know their date won't reject them due to their serostatus.
      Regarding incompetence, it's not always that way. Certainly in many cases it is, but I have a

    • So...we've got a company that runs a business by trading on someone else's misfortune.

      Yeah like those bastards building wheelchairs and those god damned ambulance drivers. Get those capitalist sumbitches!!!

      ffs it would be nice to go through an entire day without some dumbass activist babbling about something they know nothing about...

  • by Anonymous Coward on Tuesday December 15, 2015 @11:20PM (#51127229)

    Somebody picked the wrong people to fuck with...

  • by turbidostato ( 878842 ) on Tuesday December 15, 2015 @11:23PM (#51127239)

    "Following Data Leak, HIV Dating App's Developers Threaten Infection"

    Does the title even parse?

    • Does the title even parse?

      Yes, but it won't make sense to you if you don't bother to read the summary. Point being that by allowing HIV patients to date each other means they won't be dating you so this site's existence means you're less likely to get infected.

      • Yes but apparently the HIV patients are also banding together to revenge-infect entire families, which is a cause for concern.
        • by Anonymous Coward

          Yes but apparently the HIV patients are also banding together to revenge-infect entire families, which is a cause for concern.

          Not really. Unless you are one of the assholes that does that stuff.

          I hope they do it. If the Internet (and computers in general) is characterized as simply, "a place of lack of consequences." This, at it's fundamental core, is wrong. Likewise, expecting it to work properly while letting people make up their own rules of behavior to use it is simply foolish.

          If you are feeling the urge to get faggy about it, perhaps you should check your own behavior.

          Maybe, someday, the guys that put bad people in c

          • by Anonymous Coward

            So.... you think it's reasonable for an HIV infected individual to infect the entire family/families of an organization that notified them of a data breach even though they did not, in fact, perpetrate the breach? Because that's what they threatened to do. Man. You're a douchebag.

    • "Following Data Leak, HIV Dating App's Developers Threaten Infection"

      Does the title even parse?

      "Following {an event}, {subject} threatens {an act}." What's the issue?

    • Oh it parses, I too thought for a moment that "Infection" was computer oriented and the title makers were being cutesy. (In rather bad taste if you ask me). Because there was NO WAY that they'd threaten infection with HIV.

      But no. It's ACTUALLY that horrible. That's a LITERAL headline. Holy shit, wtf, $[expletive-of-choice-here].

  • Some subjects are too taboo for social media. And there goes my name.Thank you Sir.
  • Obviously the guy didn't understand the "threat"... If the HIV Dating App is rendered useless, then those HIV people will land to places such as Tinder, with a higher danger that "the guy or its family members" get HIVs... But yeah, people just seem to care more about this inoffensive threat than the real threat of taking the HIVs App down... (!!)
  • by bsolar ( 1176767 ) on Wednesday December 16, 2015 @07:47AM (#51128395)
    From the article:

    No, we didn’t notify them. If you will not publish them out, nobody else would do that, right? And I believe you will not publish them out, right?"

    They assume only DataBreach has the data, which is something they actually don't know for sure. On top of that, they assume that DataBreach will not publish the data or sell it to the black market. I believe they will not, but if you are responsible for personal informations and the data gets into the hands of a third party you cannot just assume the third party will behave the way most convenient for you just because the alternative makes you unconfortable.

    • The writer at DataBreach indicated that she did not download the data set, because it contained personal information. That was in response to a comment asking if she went ahead and notified the users herself. It definitely sounds like the people running the site don't have a clue though. The week or so that it took them to secure the database was probably spent finding a person who knew how to do that.

  • by Anonymous Coward

    Umm....if that sort of threat were made, it's a legitimate death threat, and the police should arrest the morons who made it.

  • by GlobalEcho ( 26240 ) on Wednesday December 16, 2015 @09:50AM (#51128817)
    I feel for these people. Not only are they HIV positive, but they are also infected with MongoDB.
  • A meaningful apology would be immediately firing the person who sent the threat and anyone else in a position to remedy it but who chose not to.
  • Another, "fake hype/nobody cares", bennett story.

Q: How many IBM CPU's does it take to execute a job? A: Four; three to hold it down, and one to rip its head off.

Working...