Misc.

Thanks Quora for forcing everyone to use real name and leaking the info 👎

New dkxnkS
Dec 4

comments

Add a comment
  • Salesforce mnbjytec
    Even with all the IITians they couldn't stop this breach ... shame
    Dec 438
    • Facebook / Other
      XKLa50

      FacebookOther

      BIO
      Data scientist
      XKLa50more
      IITians are great. Heard the CS folks win all the Turing prizes and kill it at the ACM ICPC. Also think the Turing prize should be renamed the AKS prize because it's not evident to me that Turing would crack the JEE.
      Dec 4
    • New 0hedge
      IIT secret..... they have quotas for affirmative action too.
      Dec 5
    • Microsoft pm_r2i
      Chuck Norris took up acting cuz IITs didn't admit him.
      Dec 5
    • Cisco Arsie
      Dude this happened due to IITians who are mostly high on drugs. Good iitans have nothing to do with it. (I am fucking joking, before anyone gets offended)
      Dec 5
    • Facebook Wert965
      Dumb Indian bashing again. Racists can’t show up in real life.
      Dec 5
    • Amazon Huhsghs
      Even Indians bash IITs. It’s a hideous manifestation of Brahminical Patriarchy.
      Dec 5
    • Cisco Arsie
      Totally ^}^}* iit. I have worked with iit folks, problem is they never come out of the illusion that they don't know shit. Yes there are one or two smarty pants but in general that place is drug paradise for half baked engineers. Lazy lazy lazy most of all
      Dec 7
    • Sierra Wireless / Other
      ElGoogle

      Sierra WirelessOther

      BIO
      I work at sierra wireless
      ElGooglemore
      I didn't know that India is a university? Lol. And why did the Illinois institute joke get flagged? Haha.

      At sierra, we with with vendors and resellers and vars. Theyre ccnas from southeast Asia do braindumps to get certified yet need our Cisco sme's assistance in troubleshooting their Cisco gear. Even though we tell them all of the commands to run and in what sequence and why. All they know is conf t.

      Otoh the Indian people who do come to the USA are accomplished and move up the ladder quite well and have manners and are generally well liked.
      Dec 7
    • LinkedIn / Design
      salamancâ

      LinkedInDesign

      BIO
      As your leader, I encourage you from time to time, and always in a respectful manner, to question my logic
      salamancâmore
      I enjoy a good IIT joke
      (P.S. I’m also from an IIT)
      Dec 8
    • Amazon Huhsghs
      Thanks so much for letting us know you’re from IIT.
      Dec 8
  • Amazon jEEg41
    Atleast they were upfront about it within a week. I respect that.

    As a user I know that every platform can get hacked but it’s how u respond what matters the most.
    Dec 46
    • New dkxnkS
      OP
      You are supposed to do the right thing. This like a dad saying "I take care my kids", well you are supposed to take care of your kids.
      Dec 4
    • Leidos / ITIUVa67
      Nah, I'm going to venture in the opposite direction. In no way they are required to protect some of our data. They only do so to prevent public backlash
      Dec 4
    • Intel UGeJ58
      Plenty of other companies (Look at my tag) are happy to let you out in the cold without pants. The CPU bugs were hidden for over a year! That's fucked up.

      I have huge respect for any company that doesn't lie through its executive's teeth
      Dec 4
    • Amazon / ProductYori
      Due to European law they are now required to tell users within the minimum possible time needed to get a the facts, ie a week. If they don’t, they can be fined millions. There would be no point in telling EU customers without telling everyone else, which may be the real driver of this.
      Dec 4
    • Amazon jEEg41
      Ahh, now that makes sense
      Dec 4
    • Quantcast Mcbc
      Detecting a breach itself is commendable. Now the thing is to lookout as what measures they take to protect the data.
      Dec 4
  • Microsoft richardhea
    Why would anyone have an account on Quora anyway? The site is idiotically annoying.
    🍆
    Dec 44
    • Microsoft / Eng
      vuYo25

      MicrosoftEng

      PRE
      United States Marine Corps
      BIO
      I don’t pretend like my identity On blind is anonymous. No intelligent person believes that.
      vuYo25more
      Yeah stick to intelligent sources like blind and twitter
      Dec 4
    • Nutanix monk420
      I think because they have done job with SEO, and would often show up in top results. And Quora forces you to have account to see the content. Don't think they did that in past. It's a red flag for me to force people to make accounts.
      Dec 4
    • Groupon H5754
      Yep, I find threads about Kim Kardashian’s married life on FB more intellectually stimulating!
      Dec 4
    • Facebook / Eng:?
      Just add ?share=1 to the URL and you no longer need an account :)
      Dec 4
  • Google CbvQ46
    Hopefully Blind doesn't store user-id to email address mapping. If it does and the data is leaked we are all fucked!
    Dec 43
    • Facebook / Eng
      B13captain

      FacebookEng

      BIO
      New grad with 10yoe
      B13captainmore
      I bet those connections are as salted as a white people turkey breast
      Dec 4
    • Apple julB03
      I legit don’t understand, is that heavily salted or lightly salted then?
      Dec 4
    • Sierra Wireless / Other
      ElGoogle

      Sierra WirelessOther

      BIO
      I work at sierra wireless
      ElGooglemore
      And as hashed browned as the Marrakesh express!
      Dec 6
  • Uber / Eng
    @w@

    UberEng

    PRE
    Capital One
    @w@more
    I hate Quora. If I read an answer I get spammed to read other ones via email.
    Dec 41
    • Amazon / Engpoconos
      Their ML works as if it’s like an excel sheet with some ridiculously rudimentary one-to-one or one-to-many correlations lol. Super annoying.
      Dec 4
  • Sprint lxCy58
    When I register on social media sites I use my first initial of my last name and a spammy email address. Luckily this hack is not going to affect me.
    Dec 41
  • Google / MgmtLovedoo
    Moral of the story. Use your porn star name
    Dec 42
    • Sierra Wireless / Other
      ElGoogle

      Sierra WirelessOther

      BIO
      I work at sierra wireless
      ElGooglemore
      What's yours? Mine is Thiccus Discus
      Dec 6
    • Google / MgmtLovedoo
      Nice. Quick Gun Gilligan Jr here
      Dec 6
  • Salesforce
    Dje8474

    Salesforce

    BIO
    I am blind to something and you are too.
    Dje8474more
    Why thanks? It could have hurt so many people and put so many lives in danger for those who actually needed their anonymity! People have shared stories of abuse other extremely personal stuff.
    Dec 44
    • Microsoft / Eng
      BlindMod

      MicrosoftEng

      PRE
      United States Marine Corps
      BIO
      I don’t pretend like my identity is anonymous. No intelligent person believes that.
      BlindModmore
      Quora shouldn’t be used for anonymity. It’s a place where people stand behind their beliefs and willing to stake their reputation on it. Blind is for anonymity
      Dec 4
    • Salesforce
      Dje8474

      Salesforce

      BIO
      I am blind to something and you are too.
      Dje8474more
      Not everyone works in tech. Not all threads on quora are ideological or informative. A lot are anecdotal, and people asking questions about their messy personal lives.
      Dec 4
    • Microsoft / Eng
      BlindMod

      MicrosoftEng

      PRE
      United States Marine Corps
      BIO
      I don’t pretend like my identity On blind is anonymous. No intelligent person believes that.
      BlindModmore
      That’s a good point. Thanks for your opinion
      Dec 4
    • Quora / Engblaah
      Actually anonymity was not affected at all in this.
      Dec 5
  • Facebook Trbujwd
    Oh no your email address leaked. Big f*cking deal. What planet are you all on?
    Dec 43
    • Pinterest cães
      Is that how you handle your user data ?
      Dec 4
    • New dkxnkS
      OP
      We all know how Facebook handles user data so you don't need to say anything
      Dec 4
    • Sierra Wireless / Other
      ElGoogle

      Sierra WirelessOther

      BIO
      I work at sierra wireless
      ElGooglemore
      Have you ever paid Facebook as a user? They have to be able to give advertisers some access to some data.
      Dec 6
  • Keller Williams WUNd62
    Anyone know what security firm they hired?
    Dec 41
  • Uber Rocco69
    Wait till Blind gets compromised
    Dec 40
  • Uber / OtherTravesty
    Quit Quora a while back. People there always write these novels that start off with “I have a story...”. Just get to the damn point! Also the fonts on the app are ridiculously small and hard to read.
    Dec 54
    • Salesforce dhjvduczs
      How the hell do they make money?
      Dec 5
    • Sierra Wireless / Other
      ElGoogle

      Sierra WirelessOther

      BIO
      I work at sierra wireless
      ElGooglemore
      I recently changed my droids font settings back from big to normal as I was having trouble reading some text and contact names that trail off the screen. This is a problem that blackberry solved awhile back. But I've only used Androids since then, so I'm not sure if other mobile OSes have solved this problem.
      Dec 6
    • Uber / OtherTravesty
      Can’t change font size on iOS app
      Dec 6
    • Sierra Wireless / Other
      ElGoogle

      Sierra WirelessOther

      BIO
      I work at sierra wireless
      ElGooglemore
      Really? I guess you have to jailbreak to change to a custom fonts. At least, I see people all the time with those snazzy fonts that are hellish to read on an ios device. I mean, who are they trying to impress? It's just your eyesight, no one really needs that.
      Dec 7
  • Facebook #MAGA2020
    No one gives a flying fuck about Quora. It’s a failed site used by narcissist idiots to pump their ego. Mostly idiotic questions and useless answers. 90% of active user base is south Asians.

    Deleted my account on it, installed Chrome extension (greasemonkey script) that hides it from Google Search results and added an entry in hosts to point it to localhost.
    Dec 72
    • Facebook cynical.ly
      Why so salty bro?
      Dec 7
    • Salesforce
      v.T A v= u

      Salesforce

      BIO
      I am blind to something and you are too.
      v.T A v= umore
      Maga 2020?
      Dec 7
  • Reddit 5‘6 Indian
    Why are there no Quorans on blind
    Dec 51
    • Nutanix / QA
      VmWear

      NutanixQA

      PRE
      VMware, Apple, Cisco
      VmWearmore
      They get all their TC questions answered on Quora 😂
      Dec 5
  • Avalara StearnBear
    This is what they get for forcing people to sign up
    Dec 40
  • US Bank / Finance
    LkYl04

    US BankFinance

    PRE
    Goldman Sachs, JPMorgan Chase
    BIO
    There are three ways to make a living in this business. Be first, be smarter, or cheat.
    LkYl04more
    Oh no the “crypto currency influencers” with no jobs data will be released. How will the markets ever recover.
    Dec 40
  • Yelp / Eng@channel
    At some point you made a calculated decision to trade your personal information for some features from the website. Breaches will unfortunately happen. Sometimes it’s caused by negligence, but often times companies do go above and beyond to try and do the right thing security-wise for their customers/employees/partners. Maybe just don’t use the internet if you’re worried about what might happen to your personal info?
    Dec 40
  • Uber (Admin)
    An important privacy principle is to not collect information that you don't need. Names aren't really needed to give answers. They've made this worse for themselves.
    Dec 42
    • Facebook / Eng:?
      The basis of Quora is quality answers. Quality comes from having credible answerers. Showing names and credentials is a straightforward way of establishing credentials.
      Dec 4
    • Uber (Admin)
      That's one way. There are others, like meta-moderation and reputation systems built around pseudonyms. Wikipedia seems to work pretty well.
      Dec 4
  • Yahoo <>^
    Real user names are hidden in Blind
    However the name, email and phone number are sitting somewhere in Blind dB
    What if that leaked?
    Dec 41
    • Apple / EngThen
      The bigger problem is if it's connected. If they aren't connected, it shouldn't be that much of a concern.
      Dec 4
  • Sierra Wireless / Other
    ElGoogle

    Sierra WirelessOther

    BIO
    I work at sierra wireless
    ElGooglemore
    I thought you could always sign up without oauth linked with Facebook, eg: use any email address with any name. I use my real name to help my "personal brand".

    Indeed, the whole point of oauth is that no one needs your password to prove it's you.
    Dec 70
  • LinkedIn Eng155
    Anything you say here will be leaked so be careful
    Dec 70
  • PagerDuty / OtherSjzueuxh
    I’m still fake there
    Dec 40
  • Microsoft vuYo25
    They should used real names from the start.
    Dec 40
  • New / Eng////
    That's gonna teach people about giving up their details to random people on the internet.
    Dec 40
  • Deloitte uAag27
    I just put a random name in my profile, you should have done the same.
    6d0
  • Sierra Wireless / Other
    ElGoogle

    Sierra WirelessOther

    BIO
    I work at sierra wireless
    ElGooglemore
    Full post:

    Quora Security Update

    Adam D'Angelo

    We recently discovered that some user data was compromised as a result of unauthorized access to one of our systems by a malicious third party. We are working rapidly to investigate the situation further and take the appropriate steps to prevent such incidents in the future.

    We also want to be as transparent as possible without compromising our security systems or the steps we're taking, and in this post we’ll share what happened, what information was involved, what we're doing, and what you can do.

    We're very sorry for any concern or inconvenience this may cause.

    What happened

    On Friday we discovered that some user data was compromised by a third party who gained unauthorized access to one of our systems. We're still investigating the precise causes and in addition to the work being conducted by our internal security teams, we have retained a leading digital forensics and security firm to assist us. We have also notified law enforcement officials.

    While the investigation is still ongoing, we have already taken steps to contain the incident, and our efforts to protect our users and prevent this type of incident from happening in the future are our top priority as a company.

    What information was involved

    For approximately 100 million Quora users, the following information may have been compromised:

    Account information, e.g. name, email address, encrypted password (hashed using bcrypt with a salt that varies for each user), data imported from linked networks when authorized by usersPublic content and actions, e.g. questions, answers, comments, upvotesNon-public content and actions, e.g. answer requests, downvotes, direct messages (note that a low percentage of Quora users have sent or received such messages)

    Questions and answers that were written anonymously are not affected by this breach as we do not store the identities of people who post anonymous content.

    The overwhelming majority of the content accessed was already public on Quora, but the compromise of account and other private information is serious.

    What we are doing

    While our investigation continues, we're taking additional steps to improve our security:

    We’re in the process of notifying users whose data has been compromised.Out of an abundance of caution, we are logging out all Quora users who may have been affected, and, if they use a password as their authentication method, we are invalidating their passwords.We believe we’ve identified the root cause and taken steps to address the issue, although our investigation is ongoing and we’ll continue to make security improvements.

    We will continue to work both internally and with our outside experts to gain a full understanding of what happened and take any further action as needed.

    What you can do

    We’ve included more detailed information about more specific questions you may have in our help center, which you can find here.

    If you were affected, we will update you with relevant details via email.

    While the passwords were encrypted (hashed using bcrypt with a salt that varies for each user), it is generally a best practice not to reuse the same password across multiple services, and we recommend that people change their passwords if they are doing so.

    Conclusion

    It is our responsibility to make sure things like this don’t happen, and we failed to meet that responsibility. We recognize that in order to maintain user trust, we need to work very hard to make sure this does not happen again. There’s little hope of sharing and growing the world’s knowledge if those doing so cannot feel safe and secure, and cannot trust that their information will remain private. We are continuing to work very hard to remedy the situation, and we hope over time to prove that we are worthy of your trust.
    Dec 70
  • Booz Allen Hamilton Cisa 101
    Tough
    Dec 70
  • My quora name is Fack Off
    Dec 60
  • Nordstrom FRwA63
    Oppss
    Dec 40
  • Booz Allen Hamilton Cisa 101
    Gap in following proper procedures just like Marriott smh
    Dec 40

Download the app for more exclusive content.