top | item 46493826 (no title) kichik | 1 month ago Nice chain and write-up. I don't know that I would call eval() on user input, hard coded secrets, and leaked credentials small or harmless. All of those are scary on their own. discuss order hn newest arcfour|1 month ago Yeah...and the fact that they evidently had no responsible disclosure process and ghosted the reporter...for a security product?!Big yikes. pixl97|1 month ago >.for a security productI find a lot of 'security products' put their own security at the bottom of concerns.They may actually start with that focus, but get bought up by VC that turns everything in to a profit center.
arcfour|1 month ago Yeah...and the fact that they evidently had no responsible disclosure process and ghosted the reporter...for a security product?!Big yikes. pixl97|1 month ago >.for a security productI find a lot of 'security products' put their own security at the bottom of concerns.They may actually start with that focus, but get bought up by VC that turns everything in to a profit center.
pixl97|1 month ago >.for a security productI find a lot of 'security products' put their own security at the bottom of concerns.They may actually start with that focus, but get bought up by VC that turns everything in to a profit center.
arcfour|1 month ago
Big yikes.
pixl97|1 month ago
I find a lot of 'security products' put their own security at the bottom of concerns.
They may actually start with that focus, but get bought up by VC that turns everything in to a profit center.