I don’t normally tune-in to the Unjected show. It turns out that the same day I published Lessons from Alt-Tech Failures, the same security researcher from 2022 just confirmed that Unjected is still insecure. What moved me to comment on this further is the fact that not only is Unjected an exemplary example of how NOT to run a website, but also how not to respond to a security incident.
My principal concern here is not merely a vulnerable website, but the misleading way in which the hosts of the Unjected Show, including the founder, downplay and dismiss serious concerns in yesterday’s Episode #58. It’s staggering that those running a company arguably within the larger “Freedom Movement” would have the audacity to publicly demonstrate how little they care about their user’s privacy. With deflection and dismissive remarks, It’s frustrating to imagine how this could be taken seriously at all.
I have no desire to be allied with those who don’t seriously recognize the grave top-down threats that individuals face in cyberspace. I can’t tolerate those who arrogantly use the threat of state surveillance as an excuse to absolve potentially disclosing people’s private information to everyone. This has been a long-running frustration I’ve had with people within the so-called “Freedom Movement”. As frustrating it is for a company well-regarded by people within this space acting this way is, it is even more demoralizing that people tolerate it.
Questions for Unjected
You claim you have done many penetration tests and have a team to resolve such issues, why didn’t you find this issue before?
Had you found other vulnerabilities before? What went wrong and how did you resolve it?
How important is protecting your user’s personal information to you?
What measures have you taken that demonstrate this?
I apologize for the somewhat raw video rant. It’s too frustrating to interact with for too long. It’s tragic to me how little people have learned about personal privacy and security since 2020. In some ways I feel responsible. Maybe I should have spent more time on big tech sites like YouTube/Facebook/Rumble to try to get the word out. I haven’t because my principal goal here has been to walk the walk, and learn the right way forward. It is incredibly disheartening to see people be put at risk due to apathy and opportunism. I hope that if nothing else this can be a warning that not all is right.
How Stupid Do They Think You Are?