DeepSeek iOS app sends data unencrypted to ByteDance-controlled servers
-
This post did not contain any content.
-
T [email protected] shared this topic
-
[email protected]replied to [email protected] last edited by
Absolutely "shocked" I tell you.
-
[email protected]replied to [email protected] last edited by
No shit?
-
[email protected]replied to [email protected] last edited by
The hell? Thereβs no reason to use plain HTTP instead of HTTPS.
And symmetric encryption is wildly irresponsible as well.
-
[email protected]replied to [email protected] last edited by
Fucking duh
-
[email protected]replied to [email protected] last edited by
Not for s second do I believe this was a accidental oversight.
I am sure they had very good reasons, all alligned with their actual interests with no thought spared to even consider consequences for small fish users.
-
[email protected]replied to [email protected] last edited by
Volcengine is aΒ platform of cloud services released by Bytedance in 2021 to help enterprises with digital transformation. Bytedance connection to China is well established. Sensitive data or data effective for fingerprinting and tracking are in bold.
So they use a Chinese CDN or hosting?
-
[email protected]replied to [email protected] last edited by
its nice of them not to encrypt it at least. it can get harvested along the way!
-
[email protected]replied to [email protected] last edited by
-
[email protected]replied to [email protected] last edited by
Ah, the ol' Blahaj Pik-a-choo
-
[email protected]replied to [email protected] last edited by
-
[email protected]replied to [email protected] last edited by
Do you understand what youβre commenting on or just commenting hoping itβs funny?
-
[email protected]replied to [email protected] last edited by
This is dumb.
Even if you encrypt network traffic, the receiving server still knows what you're doing. All it does is prevent third parties from snooping.
Usually.
-
[email protected]replied to [email protected] last edited by
i just can't think of any. like the article says, i fully expected the app to send data to china. but even if you are maliciously spying on users, why would you send the stolen data on unsecured channels? so that everyone in the path takes advantage of the data your wanted to steal?
-
[email protected]replied to [email protected] last edited by
Yes, so not only are they doing something shady, they're doing something shady and exposing your data to anyone wanting to snoop it. What's dumb about criticising the latter part?
-
[email protected]replied to [email protected] last edited by
Depends on how much traffic you're talking about. Encrypting/decrypting isn't free.
-
[email protected]replied to [email protected] last edited by
Itβs trivial compared to the compute they dedicate to AI models. Like, not even a rounding error.
-
[email protected]replied to [email protected] last edited by
The fact that anyone thinks they have any semblance of privacy when typing into an online AI chatbot is saddening.
Of course anything you type into a externally hosted AI is going to be harvested and sold.
But sure, in this case you are also potentially exposing your queries to your ISP or someone listening on your local network too.
-
[email protected]replied to [email protected] last edited by
οΈοΈ
π«¦
-
[email protected]replied to [email protected] last edited by
Regardless of the downstream server, you should expect the interim traffic to be encrypted in transit
