
Huddle's 'highly secure' work tool exposed KPMG and BBC files - evansd
http://www.bbc.co.uk/news/technology-41969061
======
gejjaxxita
It seems from the article that security tokens were not unique and being
generated with a 20 millisecond granularity, furthermore the security tokens
were the only thing required to access files (no username etc).

If this is correct then this is astonishingly poor design and this problem was
completely predictable and obvious.

