Hacker News new | comments | ask | show | jobs | submit login

The ability to traverse the full content of a OneDrive account starting with a short URL and in some cases /upload malware to them/ which gets synced back to the user's computers is shocking. Even more shocking is that Microsoft apparently declared this to be as designed, not a security bug. That's some terrible software design.

As a developer who helped out with QA one of the most annoying things was reporting bugs and then getting into a debate about wether or not it was a bug as it was working as designed with the functionality was clearly terrible/broken.

It's like pushing rope. Then to really get the party started, throw in some "business analysts" and "scrum masters".

I thought the same, I thought it was just going to redirect to a standard login page.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact