Hacker News new | past | comments | ask | show | jobs | submit login

Kind of like the AT&T "hack" wherein just changing the url leaked other customers info.

They were still successfully prosecuted though. And AT&T received no punishment.

When a company says jump the USG asks how high.




No way...I don't remember hearing about this. You mean changing the URL from like /data/customer/1 to /data/customer/2 ? And the person who did this was prosecuted? Jeez.




Applications are open for YC Winter 2020

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: