disable view350 autoplay

src/posts/fuckstalkerware-8.md

@@ -24,7 +24,7 @@ The contact pages listed on websites operated by SpyX include Hong Kong and UK b
 
 The BOSS listing and the corporate website both feature some photos of the Gbyte office in the Bao'an District of Shenzhen, with the hiring platform even containing a 360° panoramic image of its inside. Both pages also give us additional background on the company's history: It was founded in 2022 with a focus on "mobile forensics" software for an overseas market, and they ambitiously aim for an IPO within 5–10 years. The company also boasts about 50% of their staff being allocated to R&D, which they conduct together with universities.
 
-{% view360 { src: "/img/posts/fuckstalkerware-8/pano.jpg", autoplay: true, autoplaySpeed: -0.1 } %}
+{% view360 { src: "/img/posts/fuckstalkerware-8/pano.jpg" } %}
 
 A few months after first obtaining the bit of Gbyte data, I mentioned it to a person i was working on a tangentially related story with. Within just a few hours, they came back to me having looked into Gbyte themself, and they were able to gain broader access to Gbyte's stalkerware backends. In addition to the preexisting order data, we now also had copies of all user account data and victim metadata, including plaintext passwords for the stalkerware accounts and iCloud/Google credentials for a large number of victims. None of this data was meaningfully protected by any authentication; simply knowing which API endpoints were being called was enough to get the data. Additionally, another bug granted my source full access to the stalkerware's admin dashboard.