> The developer has been given responsible disclosure and I have been informed that steps are being taken to address the security concerns.
There is still no timeline or other information about the events, which is unfortunate; I'd expect the author to document and report this in such a situation.
Valid security issues buried under unnecessary smugness and basic 'techniques' like demonstrating the unzip command. The condescending tone undermines what could have been constructive disclosure. This reads like a high schooler dunking on a first grader, I'm just glad we all learned from the technical prowess of extracting an archive. The underlying problems with exposed API keys and unrestricted database access are serious, but your arrogant presentation does a disservice to responsible disclosure.
I read it as an incredulous and increasingly pissed off person absolutely dunking on a smug person's attitude and success who has done so in a fashion they find completely unacceptable.
MrGilbert|7 months ago
thih9|7 months ago
> The developer has been given responsible disclosure and I have been informed that steps are being taken to address the security concerns.
There is still no timeline or other information about the events, which is unfortunate; I'd expect the author to document and report this in such a situation.
handfuloflight|7 months ago
rockemsockem|7 months ago
ycombinatrix|7 months ago
are you Christian Monfiston? that would explain a lot.