Because Venmo defaults to making all payments public, privacy researcher Hang Do Thi Duc was able to download and analyze 208,000,000 transactions, whose notes and other metadata revealed a wealth of personal, compromising information, including drug deals and breakups.
Venmo users tagged their transactions with revealing personal notes like "You don't love me anymore" or tree and pill emojis.
Thi Duc says that her research reveals the perils of failing to engage with "privacy by design," and points out that in addition to revealing these intimate facts, Venmo also leaks information that would be useful to stalkers, identity thieves, and other bad guys.
“The moment when I went, ‘Wow this is just unbelievable,’ is when I discovered the stories of the lovers,” Do Thi Duc told me in an email. “Just the intimacy of those conversations—this was definitely not mean to be public. But that also applies to all the stories, this information shouldn’t be that easy accessible.”
Any of these interactions could be inside jokes, but gathered over enough time, they still reveal intimate connections and slices of their lives. A lot of the transactions seem too specific, repetitive, and mundane to be one-off jokes. Like the cannabis retailer she found doing business in California, whose transactions made mentions of “weed,” “grass,” medicine,” “CBD,” “stacked kush,” and “gorilla cookie.” She could see that he made a total of 920 incoming payments in 2017.
Then there’s a food cart operator at University of California, who had 8,026 transactions in 2017, and whose customers preferred elote. The API showed who bought food, how often and at what time of day.
Public By Default [Hang Do Thi Duc]
A Privacy Researcher Uncovered a Year’s Worth of Breakups and Drug Deals Using Venmo’s Public Data [Samantha Cole/Motherboard]
Transparency reports are standard practice across the tech industry, disclosing the nature, quantity and scope of all the law enforcement requests each company receives in a given year.
In PrinTracker: Fingerprinting 3D Printers using Commodity Scanners (Scihub mirror), a paper to be presented at the ACM SIGSAC Conference on Computer and Communications Security conference in Toronto this month, a group of U Buffalo and Northeastern researchers present a model for uniquely identifying which 3D printer produced a given manufactured object, which may allow […]
A child reportedly rode through an X-ray baggage scanner last week at the Xiaolan Railway Station in South China. According to the state-owned China Global Television Network, the young’n snuck away from his father and hopped onto the conveyor belt. Apparently he is fine. As you’ll recall, earlier this year a woman in Dongguan, China […]
Speed reading isn’t just an innate skill possessed by a lucky few. Anyone can learn to speed read, and the benefits are endless. The brain can process more information than most people have time to soak up, but you can make that time now with the 2018 Award-Winning Speed Reading Bundle. The first half of […]
Sure, you could use the same old PowerPoint templates for your next business presentation. It’s not like you have bosses or investors to impress. Oh wait, you do? Time to augment that slideshow with Slideshop – the presentation tool that can individualize your pitch while saving you time. Compatible with PowerPoint, Keynote and Google Slides, […]
Multinational companies have used the no-nonsense methodologies of Six Sigma and Lean Six Sigma to oil a smooth-running operation for years. What is it? Six Sigma (and its offshoot, Lean Six Sigma) apply the principles of science to business, teaching managers to methodically target waste, maximize output and streamline the flow from producer to consumer. […]