redsand@lemmy.dbzer0.com
on 20 Aug 15:32
nextcollapse
I can’t even summarize this. I’m only half through reading and there are plain text passwords sent via emails and unauthenticated admin panels. This is crazy for a company of this size.
This is all too common for a company of this size. Bigger doesn’t mean better.
mfed1122@discuss.tchncs.de
on 20 Aug 16:23
collapse
Really incredible. This is what I imagined hacking stopped being like in 1995. I applaud Bob for having the inner fortitude to not just exploit them for infinite nuggies. The fact someone got fired for it probably contributes to why the security is so bad, corporations truly don’t deserve white hat hackers.
I applaud Bob for having the inner fortitude to not just exploit them for infinite nuggies
My literal first thought was "got dammit, why didn't I try that" (I had assumed McD would have rolled out an app with proper server-side validation and never bothered)
I do not have the inner fortitude to not exploit a giant corpo for free nuggies LMAO
I’m downloading the android SDK again. Can’t say for sure what I’m going to do with it but I can say for sure you woln’t be reading about client side validated food from me.
woln't be reading about client side validated food from me.
I'll make an attempt to call their security department to disclose a security issue to them, but if they can't hear me through my mouth full of nuggies, that's their problem ¯\(ツ)/¯
threaded - newest
I can’t even summarize this. I’m only half through reading and there are plain text passwords sent via emails and unauthenticated admin panels. This is crazy for a company of this size.
This is all too common for a company of this size. Bigger doesn’t mean better.
Really incredible. This is what I imagined hacking stopped being like in 1995. I applaud Bob for having the inner fortitude to not just exploit them for infinite nuggies. The fact someone got fired for it probably contributes to why the security is so bad, corporations truly don’t deserve white hat hackers.
My literal first thought was "got dammit, why didn't I try that" (I had assumed McD would have rolled out an app with proper server-side validation and never bothered)
I do not have the inner fortitude to not exploit a giant corpo for free nuggies LMAO
I’m downloading the android SDK again. Can’t say for sure what I’m going to do with it but I can say for sure you woln’t be reading about client side validated food from me.
I'll make an attempt to call their security department to disclose a security issue to them, but if they can't hear me through my mouth full of nuggies, that's their problem ¯\(ツ)/¯