|
uninterrupted posted:Worth noting that these laws are extremely broad because lots of companies are uniquely vulnerable to being hacked. Secure code is hard to write and often orthogonal to quickly written or performant or simple to maintain code, and especially companies that are small or don’t have a tech focus will have tons of vulnerabilities lying out in public. There's also the issue that security is impossible to maintain without compliance of employees, most of which are thoroughly unqualified to understand what they're complying with. Hell is in fact other people.
|
# ¿ Jan 13, 2021 20:00 |
|
|
# ¿ May 13, 2024 21:46 |
|
Aramis posted:That's a heck of a leap to conclusion. The hacker did a lot more than just access an unlisted URL. They wrote a script to systematically iterate through semantically empty ids in order to discover and access resources that they knew were not meant to be public. Not to mention that applying for access to the information shows he knew access was restricted, and that anything he came up with after being rejected wasn't intended.
|
# ¿ Jan 26, 2021 16:31 |