their names are dark clouds. You don’t have to have heard their names, but your Internet service must have been on their vulnerability list,

"I went to Lily net for a blind date."."

"how did you get it? Did you find it?"

"I found their bug."."

September 6th, dating site Lily network, a data security vulnerability involving millions of users, was discovered by a hacker.

and the general hacker movie in the plot is different, hacker Croxy did not pick up the encrypted phone for ransom, but write down the beginning of the script, the security issues submitted to a cloud called vulnerability platform.

and Lily nets did not alarm, but two days after the announcement of vulnerabilities identified problems exist, began to repair. Without accident, the security of the information that threatens tens of thousands of users will be resolved in a matter of days, and dark clouds will announce specific vulnerabilities in October.

"in fact, most of the vulnerabilities can take a week to solve, but we give 45 days."…… Some client software, such as browsers and website building systems, will give 90 days to allow vendors full time to fix bugs." Meng Zhuo, founder of the dark platform, told curiosity daily. These vulnerabilities are announced in order to test ideas back to the community, so that other Internet security practitioners also learn.

on the dark cloud platform, similar things happen hundreds of times every day. In the last 15 days alone, 1940 new vulnerabilities have been added to the dark clouds. And these exposure holes are likely to affect your life:

in September this year, Joyoung smart bean milk machine vulnerability was exposed. Because of a design and control flaw, anyone can control any Joyoung soymilk machine. On the day the vulnerability was submitted, Joyoung had access to the situation and confirmed the restoration.

July 2014, Alibaba has also exposed serious vulnerabilities in the clouds, people only need to search engine, do not even have the account number and password, you can directly access the Alipay user account balances, transaction records, delivery address, name, mobile phone number and other sensitive information. Alibaba learned that after the matter, but also to find loopholes in the white hat hackers 50 thousand yuan reward.

"black clouds", and "white hat" are Chinese Internet security incidents can not be wrapped around the word.


since its inception in 2010, the cloud platform vulnerability list page, vulnerabilities have more than 70 thousand. Companies involved in addition to Tencent, Alibaba, Baidu, millet, Lenovo and other scientific and technological enterprises, as well as a number of domestic banks, financial institutions, and even local government website security issues.