Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

1) I just downloaded the "The Mammographic Image Analysis Society database of digital mammograms" [0] and ran it against the tool [1] image by image. Results below, code here [2]:

  true_pos 36
  true_neg 207
  false_pos 63
  false_neg 16
  total 322
2) How is it true when the site [1] says "We will not store your data on our server. Please don't worry about any privacy issues." when you can find all analyzed mammograms under the "static" directory?

http://mammo.neuralrad.com:5300/static/mamo.jpg

http://mammo.neuralrad.com:5300/static/mammo.jpg

(trying file names at random)

[0] https://www.repository.cam.ac.uk/handle/1810/250394

[1] http://mammo.neuralrad.com:5300/upload

[2] https://github.com/gregsadetsky/mias-check



Thank you for your efforts for validation and I appreciate that. There is a script running in the background to auto clean the files in static folder every day.


You just admitted you do store images.

Also, you're serving up on http. Don't do that.


They cache images.


I think caching people's sensitive medical history in a way that is publicly accessible is worth calling out; especially as it could be trivially fixed to maintain privacy.


True, it definitely shouldn't be accessible to others.


caching is temporary storage, and as shown elsewhere, they're serving up the site on http with other user's data visible through guessing.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: