A flash in the pan gossip app that when it functions normally is not worried about anyone's privacy / accuracy ... also doesn't care about good policies or their user's privacy.
People keep bitching about EU's GDPR but most of it is about sensible things like not storing sensitive data forever just because you can.
Nothing happens to these companies if there are no laws to keep them accountable, most companies I've worked with store everything forever because it's cheap and you never know what might become useful or what you might be able to sell to third parties later
For those who wish for the old days - "Vibe Coding" - shonky websites with shonky security, doxxing on all sides, 4chan pops back into relevance. You get your early internet redo.
Isn't this basically Peeple except gender locked to women? Peeple failed because they couldn't eliminate bias and gossip against anyone. If someone was jealous of another, for example, that person could just write false slander and claim it was real with no evidence. That would have affected the victim for jobs, dates, etc. So it was laughed at by VCs and everyone online and it shut down.
How is Tea even legal? Isn't this just a legal libel timebomb waiting to happen?
This looks like a slam book. Or that’s what girls called it when I was in high school. Basically just a place where you write mean things about people you don’t like. And those people don’t get to see it.
Providing a platform for defamation and other tortious speech is generally legally protected under §230. They still have to respond to court orders and DMCA requests, though. This is how sites like Kiwi Farms remain online. That said, commercial apps can sometimes be sued under defective product laws.
- The fact that this app exists solidifies the data that a small group of men/women do most of the dating on tinder etc while the vast majority land dates far less if none at all.
- This creates distorted market supply and demand where those small group of men/women become sought after and its only human nature in that they value their supply less than the rest.
- Toxic behavior is expected from that small group of highly attractive people that do all the dating.
- It was only a matter of time before such app would run into legal issues or attract angry individuals. Now the damage to the leaked identities will be prolonged. With the AI tech today, the extent to which a damage can be doned with the information from the leaks is unknown.
- As for the company behind Tea, they are done. They face a monumental class action lawsuit as well as ongoing individual civil/criminal cases that will arise from the leaked identities, in particular the photo of driver licenses as well as selfies, usernames, emails drastically increase the surface area for damages.
- The users of this site and those that have directly posted images, details have opened themselves up to significant liability from not only the men they have targeted but from law enforcement.
- We'll see some new laws being formed from this case. Once again, we see the hidden dangers of blindly trusting large popular platforms with sensitive data but the twist with Tea here is the defamation activity that opens up its users to both civil and criminal liability.
Is there a way, to verify if potential partner uses this app? Or if they are in "are we dating the same guy" type of group?
I take doxing, stalking, revenge porn and cyber bullying very seriously! And I would pay good money for a background check, to stay away from such people.
Would you want your own app usage available to other people? I’m going to guess not. This is a gross request, not surprised you’re using a throwaway account, as you seem to know this is a shameful thing to ask for.
- The fact that this app exists solidifies the data that a small group of men/women do most of the dating on tinder etc while the vast majority land dates far less if none at all.
- This creates distorted market supply and demand where those small group of men/women become sought after and its only human nature in that they value their supply less than the rest.
- Toxic behavior is expected from that small group of highly attractive people that do all the dating.
- It was only a matter of time before such app would run into legal issues or attract angry individuals. Now the damage to the leaked identities will be prolonged. With the AI tech today, the extent to which a damage can be done is unknown (ex. deepfake, impersonations, further doxxing).
- Tea user's driver licenses as well as selfies, usernames, emails, posts about their dates will drastically increase the surface area for lawsuits, fraud and exploitation by malicious agents.
- The users of this site and those that have directly posted images, details have opened themselves up to significant legal and criminal liability. Given these apps were probably popular in large city centers like California, NY have heavy punishment for digital harassment and privacy violations on top of the damages that can be claimed against them by the men who's information and details were posted.
- Tea is largely insulated from what the users post which means that their biggest exposure might be just neglect and failure to secure data which comes with a slap on the wrist.
Which will make it harder for Tea's userbase to claim large damages against it.
I read more details about this case and its beyond egregious. Unencrypted firebase and full public buckets. There is no hacking involved, the tokens were being used to pull data from roughly all 30,000 users of Tea and were only blocked short while ago.
Allegedly, 60GB of photos, user personal information, driver license, gps data being shared on torrent. A map of all 30,000 users tied to GPS data is being posted as well.
Given the extreme neglect to secure their data, I now believe Tea will be open to even bigger legal liability possibly criminal even.
Sad that a common response to "we might not want this app to exist" is "well, if you weren't cheating, you wouldn't have a problem with it".
Why do people want to live in a panopticon of their own creation, with random anonymous strangers morally policing, judging each other with zero consequence to them?
Don't think we'll ever learn our lesson when it comes to privacy, it will be Eternal September forever.
Maybe this is a good time to think about what policy could help discourage these horrific practices (it sounds like their storage was unprotected)
* App Store review requires a lightweight security audit / checklist on the backend protections.
* App Store CTF Kill Switch. Publisher has to share a private CTF token with Apple with a public name (e.g. /etc/apple-ctf-token ). The app store can automatically kill the app if the token is ever breached.
* Publisher is required to include their own sensitive records ( access to a high-value bank account) within their backend . Apple audits that these secrets are in the same storage as the consumer records.
112 comments
[ 3.3 ms ] story [ 94.8 ms ] threadThat seems about right.
Drivers licenses can be faked. Moreover, someone can just pretend to be someone else on this app with real drivers licenses.
The whole premise, implementation and process of Tea as a social media app is flawed, and a legal liability for the devs.
Freewalled
Nothing happens to these companies if there are no laws to keep them accountable, most companies I've worked with store everything forever because it's cheap and you never know what might become useful or what you might be able to sell to third parties later
Ugh. I’m clearly getting old. I don’t even remember the last time I went to 4chan.
But yeah please tell me how "we care about your privacy"
They have geo-mapped all the users - https://imgur.com/bRAJ2nU
Some of the users photo's are AI, which is interesting.
They got all the chat logs - https://x.com/NEElimit/status/1948766332503130562
60 Gig torrent said to be out with all the data - https://x.com/cremieuxrecueil/status/1948787086493901097 data structure - https://files.catbox.moe/c6ej81.json
For those who wish for the old days - "Vibe Coding" - shonky websites with shonky security, doxxing on all sides, 4chan pops back into relevance. You get your early internet redo.
HN 'Tea' thread discussing the ethics of the doxxing app - https://news.ycombinator.com/item?id=44682914
Apple had no issue mass censoring Parlor and others, how is an app like this able to reach #1 under all?
How is Tea even legal? Isn't this just a legal libel timebomb waiting to happen?
- The fact that this app exists solidifies the data that a small group of men/women do most of the dating on tinder etc while the vast majority land dates far less if none at all.
- This creates distorted market supply and demand where those small group of men/women become sought after and its only human nature in that they value their supply less than the rest.
- Toxic behavior is expected from that small group of highly attractive people that do all the dating.
- It was only a matter of time before such app would run into legal issues or attract angry individuals. Now the damage to the leaked identities will be prolonged. With the AI tech today, the extent to which a damage can be doned with the information from the leaks is unknown.
- As for the company behind Tea, they are done. They face a monumental class action lawsuit as well as ongoing individual civil/criminal cases that will arise from the leaked identities, in particular the photo of driver licenses as well as selfies, usernames, emails drastically increase the surface area for damages.
- The users of this site and those that have directly posted images, details have opened themselves up to significant liability from not only the men they have targeted but from law enforcement.
- We'll see some new laws being formed from this case. Once again, we see the hidden dangers of blindly trusting large popular platforms with sensitive data but the twist with Tea here is the defamation activity that opens up its users to both civil and criminal liability.
I take doxing, stalking, revenge porn and cyber bullying very seriously! And I would pay good money for a background check, to stay away from such people.
- This creates distorted market supply and demand where those small group of men/women become sought after and its only human nature in that they value their supply less than the rest.
- Toxic behavior is expected from that small group of highly attractive people that do all the dating.
- It was only a matter of time before such app would run into legal issues or attract angry individuals. Now the damage to the leaked identities will be prolonged. With the AI tech today, the extent to which a damage can be done is unknown (ex. deepfake, impersonations, further doxxing).
- Tea user's driver licenses as well as selfies, usernames, emails, posts about their dates will drastically increase the surface area for lawsuits, fraud and exploitation by malicious agents.
- The users of this site and those that have directly posted images, details have opened themselves up to significant legal and criminal liability. Given these apps were probably popular in large city centers like California, NY have heavy punishment for digital harassment and privacy violations on top of the damages that can be claimed against them by the men who's information and details were posted.
- Tea is largely insulated from what the users post which means that their biggest exposure might be just neglect and failure to secure data which comes with a slap on the wrist. Which will make it harder for Tea's userbase to claim large damages against it.
I read more details about this case and its beyond egregious. Unencrypted firebase and full public buckets. There is no hacking involved, the tokens were being used to pull data from roughly all 30,000 users of Tea and were only blocked short while ago.
Allegedly, 60GB of photos, user personal information, driver license, gps data being shared on torrent. A map of all 30,000 users tied to GPS data is being posted as well.
Given the extreme neglect to secure their data, I now believe Tea will be open to even bigger legal liability possibly criminal even.
Why do people want to live in a panopticon of their own creation, with random anonymous strangers morally policing, judging each other with zero consequence to them?
Don't think we'll ever learn our lesson when it comes to privacy, it will be Eternal September forever.
* App Store review requires a lightweight security audit / checklist on the backend protections.
* App Store CTF Kill Switch. Publisher has to share a private CTF token with Apple with a public name (e.g. /etc/apple-ctf-token ). The app store can automatically kill the app if the token is ever breached.
* Publisher is required to include their own sensitive records ( access to a high-value bank account) within their backend . Apple audits that these secrets are in the same storage as the consumer records.
Women are anonymously spilling tea about men in their cities on viral app - https://news.ycombinator.com/item?id=44682914 - July 2025 (17 comments)