Avatar

brie

brie@programming.dev
Joined
0 posts • 43 comments
Direct message

Let me guess, you signed an NDA, and won’t tell anyone which brands had badly configured access control in their web apps?

Each red flag is okay, but all together is rather strange. It’s kinda classic to say that pajeets write shitty code.

permalink
report
parent
reply

Notice a few red flags. 1) they were contacted before the system was rolled out. Before anyone else could look for bugs 2) it is reported by techcrunch and is trending tech news 3) the exploits are rudimentary 90s era mistakes that even LLMs don’t make these days

So it’s likely that they paid McDonald’s India to pretend to have horrible practices. $240 is another tactic to appear good and trustworthy. That brings traffic to their blue team company site, effective advertising. Standard fakery that security faggots utilize to spread the FUD to create demand for their services.

permalink
report
parent
reply