this post was submitted on 22 Apr 2025
-1 points (40.0% liked)

Privacy

737 readers
2 users here now

founded 2 years ago
MODERATORS
Niemand@sopuli.xyz
-1
Packets To The Party: How DeepSeek Funnels Data To Beijing -- (Opinion) (www.news18.com)
submitted 2 days ago by Hotznplotzn to c/privacy@sopuli.xyz
2 comments fedilink hide all child comments
 

cross-posted from: https://lemmy.sdf.org/post/33122696

[...]

The first rupture appeared on January 29 when cloud security firm Wiz stumbled upon an exposed ClickHouse database tagged “ds‑log‑prod‑001". Anyone with a browser could have accessed more than a million log lines: raw chat history, API keys, and even internal service tokens. Wiz engineers demonstrated that with two clicks they could seize “full database control", inject malicious code and pivot into the rest of DeepSeek’s infrastructure.

A week later mobile forensics specialists at NowSecure published a parallel autopsy of the iOS build. Their findings read like a checklist of everything Apple’s security team tells developers not to do: hard‑coded encryption keys, deprecated 3DES ciphers and App Transport Security switched off globally, allowing chats to travel unencrypted. The company urged enterprises to ban the app outright. However, DeepSeek’s parentage turned out to be even more troubling.

Corporate registries in Zhejiang and the Cayman Islands show the chatbot is a wholly owned offshoot of High‑Flyer Quant, a hedge fund founded in 2016 by the 38‑year‑old trader and CEO of Deepseek, Liang Wenfeng. Reuters reporting confirms that High‑Flyer pivoted from equity markets to artificial intelligence research in 2023, building two super‑computing clusters stuffed with Nvidia A100 processors before US export controls came into force.

[...]

Sources say the Computer Emergency Response Team of India (CERT‑In) is preparing a broader advisory under the new Digital Personal Data Protection Act that could push local app stores to delist the software if it fails a security audit. Other democracies have gone further: Italy, Australia and Taiwan have banned DeepSeek from public‑sector systems, with Taipei warning of “systemic espionage risk".

[...]

High‑Flyer Quant’s pitch decks boast of “harvesting alternative data at planetary scale". If every trade idea whispered into DeepSeek ends up in a Hangzhou warehouse, the company enjoys a real‑time map of market sentiment unavailable to Wall Street — and unpoliced by the Securities and Exchange Commission. For American fund managers and Indian startups alike, using the chatbot could be tantamount to CC‑ing a rival on every brainstorming session.

[...]

you are viewing a single comment's thread
view the rest of the comments
[–] LWD@lemm.ee 2 points 2 days ago (1 children)

tl;dr "This article is bad and you should feel bad"

[–] Hotznplotzn 0 points 1 day ago

@LWD@lemm.ee

Your whataboutery and insults don't get better if you change the instance.