https://techcrunch.com/2020/04/16/clearview-source-code-lapse/
By Zack Whittaker
TechCrunch
April 16, 2020
Since it exploded onto the scene in January after a newspaper exposé, Clearview
AI quickly became one of the most elusive, secretive and reviled companies in
the tech startup scene.
The controversial facial recognition startup allows its law enforcement users
to take a picture of a person, upload it and match it against its alleged
database of 3 billion images, which the company scraped from public social
media profiles.
But for a time, a misconfigured server exposed the company’s internal files,
apps and source code for anyone on the internet to find.
Mossab Hussein, chief security officer at Dubai-based cybersecurity firm
SpiderSilk, found the repository storing Clearview’s source code. Although the
repository was protected with a password, a misconfigured setting allowed
anyone to register as a new user to log in to the system storing the code.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
