Comment by atlgator
5 days ago
Incrementing user IDs and a default password for everyone — so the real vulnerability was assuming the company had any security to disclose to in the first place.
At this point 'responsible disclosure' just means 'giving a company a head start on hiring a lawyer before you go public.'
No comments yet
Contribute on Hacker News ↗