- USDT(TRC-20)
- $0.0
DeepSeek is having a moment: With the release of its impressive R1 model, the AI company overtook ChatGPT (and every other app) to become the number one free app on both the iOS App Store and Google Play Store. If you gave the app a try this week, however, be warned: Your chats may have been exposed.
As reported by The Hacker News, DeepSeek left one of its online databases exposed. While the company has issued a fix, this database is a treasure trove of user information. It contains over one million lines of log streams, which includes chat history, secret keys (used to encrypt and decrypt data), backend information, and other important data.
As of this article, DeepSeek says they are continuing to investigate the issue, despite implementing a fix on Jan. 29.
It isn't clear if any parties gained access to DeepSeek's database while it was vulnerable, but the vulnerability allowed for "complete database control," as well as privilege escalation within DeepSeek's network without any authentication needed.
DeepSeek's privacy and security policies have been a point of concern as so many users flock to its service. The platform collects a lot of user data, like email addresses, IP addresses, and chat histories, but also more concerning data points, like keystroke patterns and rhythms. Why does an AI app need to not only know what I typed, but how I typed it, too? As DeepSeek is a Chinese company, it stores all user data on servers in China. As such, the company is beholden by law to share any data the Chinese government requests. These practices are among the reasons the United States government banned TikTok.
There's no evidence this has happened, but the whole situation paints a precarious picture for the popular AI startup. If you do want to try DeepSeek, or if you're already using it, it's important to keep these points in mind. Your user data may not be quite so secure with this particular company.
Full story here:
As reported by The Hacker News, DeepSeek left one of its online databases exposed. While the company has issued a fix, this database is a treasure trove of user information. It contains over one million lines of log streams, which includes chat history, secret keys (used to encrypt and decrypt data), backend information, and other important data.
As of this article, DeepSeek says they are continuing to investigate the issue, despite implementing a fix on Jan. 29.
It isn't clear if any parties gained access to DeepSeek's database while it was vulnerable, but the vulnerability allowed for "complete database control," as well as privilege escalation within DeepSeek's network without any authentication needed.
DeepSeek's privacy and security policies have been a point of concern as so many users flock to its service. The platform collects a lot of user data, like email addresses, IP addresses, and chat histories, but also more concerning data points, like keystroke patterns and rhythms. Why does an AI app need to not only know what I typed, but how I typed it, too? As DeepSeek is a Chinese company, it stores all user data on servers in China. As such, the company is beholden by law to share any data the Chinese government requests. These practices are among the reasons the United States government banned TikTok.
There's no evidence this has happened, but the whole situation paints a precarious picture for the popular AI startup. If you do want to try DeepSeek, or if you're already using it, it's important to keep these points in mind. Your user data may not be quite so secure with this particular company.
Full story here:
![[DK]](/data/avatars/s/57/57999.jpg?1720990206){kind=avatar}
