My journey into security analysis started with YikYak, a social media app, exposing post GPS locations. I initially only was looking at YikYak to create a python package for interacting with their API but their API was exposing the locations of each post, allowing a potential bad actor to track the movements of users based on their posting activity.
As much as I’m dissapointed in the lack of security around protecting user’s data, I’m glad I discovered it because it made me start my security blog on The Response Times and help protect user data from malicious actors.
I really enjoy doing this kind of work, although it can be frustrating at times is interesting to me and combines a lot of interests of mine. I’d like to spend more time working on this kind of analysis, but finding targets to analyze is difficult.Back to Home