That’s a weird one – the below is an exact copy of Firefox’ about:neterror page, but it’s apparently being served by #Cloudflare (?) as a 404 page. It’s even using browser’s own scripts and styles which is rather dangerous since these could change. I fail to see the point…
Update: today #Giggle’s @email@example.com published a new statement. It’s a good first step, though for my taste it’s a bit thin on reflection of her own role in this mess. What’s still missing however is some statement on the privacy issues. Will these be fixed as well eventually?
The bad news: @firstname.lastname@example.org threatens to sue the researchers unless they let her approve the publication first. They kindly decline, as they should. And she shares that communication publicly as well, somehow assuming that it puts her in a better light?
Somehow, the email communication still happened, the right person received the report and confirmed it. So a bit later today @email@example.com started sharing the image below – without retracting any of her claims, somehow assuming that this reinforces her points.
So today she proceeded by once again attacking the researchers and criticizing journalists who were asking her about the security vulnerability, restating that it didn't exist.
And she claims that @DI_Security@twitter.com researchers publicly called her a transphobe. Not sure what this is about, I could only find a tweet by @firstname.lastname@example.org who appears to have no relation to the researchers. Judging by the way @email@example.com responded she thinks otherwise.
She says that they should have emailed technical department directly – yet from a brief look I cannot find the corresponding email address anywhere. From experience, emailing technical support about vulnerabilities is a bad idea. So Twitter is a valid way to approach a company.
From that point on, things went only downhill. @salltweets vehemently denied the existence of any security issues, claiming that the whole thing is a harassment campaign – despite not having received any details. She sent them a DM but apparently blocked the account later.
According to the researchers, they were first ignored when they attempted to report the issue. Eventually, they received a response but not the kind they hoped for. Not sure why they had to state their disagreement with @firstname.lastname@example.org’s views, but it clearly rubbed her the wrong way.
Several people from the Mozilla community felt that I’m building up a conspiracy theory here. That’s not the case, I’m actually quite certain that people are acting with good intentions. Unfortunately, that doesn’t automatically mean that we’ll be happy with the results. Updated my article:
Ouch, typo in the image – 1.81 * 10^19, not 1.81 * 10^20. Also, it's 2.9 J/s, not 29. The end result is correct, I forgot to correct a mistake for intermediate steps. ☹️
I always wonder what kind of algorithm is at work analyzing #Twitter data, taking great amounts of personal information and deducing all those bogus things about me. For most part, this is very intransparent, but at least with deduced languages it's slightly more obvious. 1/6
Software developer and security researcher, browser extensions expert. He/him
Other Mastodon account for non-technical topics: https://social.tchncs.de/@WPalant
A Mastodon instance for info/cyber security-minded people.