manuloloreal
Eugen RochkoAs much as I'd like to see Clubhouse fail it's a bit ridiculous the media is running with a "leak" of user data... It's all public profile stuff
Askan 🇪🇺@Gargron what is so bad about Clubhouse
stux⚡️@Gargron it's still a db hack lol
@stux It's not, actually
@Gargron so free open to download from their platform? link pl0x?
@stux If my understanding is correct, if you have an API token (which you can intercept from the app on your phone) you can use their search API to iterate over all users
@Gargron Hmm, that "should be" restricted right? if then it would be indeed just a "simple download" lol
@stux You could argue that there should be an upper limit of results returned by search and rate limits to slow down scraping of data but ultimately I don't see anything that would classify it as unauthorized access at all. All the information obtained is something you would see by visiting each user's profile.
@Gargron damn.. Still a big error from their side i think. It's indeed public info but now it's in such a way easy searchable and packed for attackers so to say 
I don't mind if my email is "leaked" as is but when more info is added i get more and more spooked
Григорий КлюшниковEugen, the API has been completely reverse engineered, long ago. Enough to log in from scratch, you don't even need to extract the token form the actual app. Yes, they do ban accounts that exhibit unusual behavior or make too many requests over short time periods. For that matter, they banned some of the accounts made through that Android app of mine.
Yes it's public stuff and public stuff only. I don't see why it's worthy of any excitement.
Vincent Cloutier@Gargron what do you think of having voice channels in mastodon like them? Good or bad idea?
André Koot RCX@Gargron I have my jam system up and running. Now let's see what I can do with it...
Benjamin
Wiley Quixotey@Gargron I've heard fans say the media doesn't like it because it threatens them. I don't really know but part of it just has to be the numbers of clicks titles with the word "leak" in them get
@Gargron idk anything about anything but so many of these startups seem to have huge problems,, like rate limiting??? why not have rate limiting????
ElfLord@Gargron *Eugen smirks and leans back in his chair but he leans too far and falls over crashing to the floor*