

Huge Security Concern with Tsu (New Social Network 7MM Investment) - jancoast

So you guys probably have heard something about Tsu.co by now, the social network that has recently received 7 million in funding, which pays it&#x27;s users a portion of the ad money it receives based on independent viewership much like the revenue sharing model you see with Youtube. Anyway you can find out all about it at http:&#x2F;&#x2F;tsu.co&#x2F;faq, since their main site is horrible at explaining anything about the actual project.<p>Anyway here&#x27;s the fun part...<p>So I decided to try it out, feel free to register using the &quot;invite link&quot; below (it&#x27;s invite only right now), just don&#x27;t use a password you use for anything else...
http:&#x2F;&#x2F;tsu.co&#x2F;dragmecom<p>Here&#x27;s why...<p>Take a look when you&#x27;re registering, notice how there&#x27;s no SSL? Haha you guessed it, all of their information throughout the entire site is completely unencrypted. That means all passwords, emails, user addresses, etc. are unencrypted and visible to anyone and everyone.<p>You don&#x27;t need to be a security expert to know this, it&#x27;s almost text book knowledge for anyone who has ever interfaced with the web on a technical level. Soooooo my fellow hacker news friends, enjoy this new found information.<p>Maybe one of you might be so encouraged to post, &quot;I love good security&quot; via the founder&#x27;s account. I tried to email the staff about the concern but still haven&#x27;t received a response, maybe you all can &quot;encourage&quot; them to expedite patching this crucial security concern, and protect their users.<p>Happy cracking! :)
======
luking
Register [https://www.tsu.co/Beeriscure](https://www.tsu.co/Beeriscure)

------
minimaxir
This is a weak attempt at reverse psychology to promote your startup.

------
jsanto
Anyway if you need an invite to try it out:
[http://www.tsu.co/jsanto](http://www.tsu.co/jsanto)

------
MrBra
Thanks for the heads up, it can't be something that big (at least based on
funding) dedicates such poor attention to security... it's really a bit weird.

~~~
minimaxir
Don't act like this isn't your startup:
[https://news.ycombinator.com/item?id=8499841](https://news.ycombinator.com/item?id=8499841)

EDIT: May have been premature, but it is still suspicious.

~~~
jancoast
What're you talking about?

[http://www.sfgate.com/entertainment/article/Upstart-
social-n...](http://www.sfgate.com/entertainment/article/Upstart-social-
networks-may-fall-on-their-face-5845435.php)

^ Sebastian Sobczak is the founder, you're an idiot if you think I'd be
posting security issues with my own startup.

Educate yourself.

