Hacker News new | past | comments | ask | show | jobs | submit login

The poster did contact Dropbox and was told, essentially, "it's a glitch, don't worry about it."

The poster was not told any details about "the glitch" -- we don't know if it was a one-time issue, or if it represents a deeper architectural issue. In this case, full disclosure is absolutely warranted.

Applying the most optimistic reading, Dropbox fixed the problem, so disclosure is fine. The most pessimistic would say that the problem still exists, and that disclosure will cause exposure, but will also prompt further scrutiny to the issue.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact