Hacker News new | past | comments | ask | show | jobs | submit login

I am now questioning the wisdom of having shared this story, and I apologize for derailing the discussion.



It’s a relevant comment, and people evidently found it interesting.


Yours is an interesting story. And very relevant. It just isn’t applicable to one interesting aspect of the article being discussed which is that the sensitive data was sent to every user but was “hidden” by html.

But the shoot the messenger aspect of reporting vulnerabilities is also very relevant. It’s just the nature of forums like this that some things bubble up to the top and dominate the discussion. Hard to say it’s your fault for retelling a story.


It's a good story and relevant. Not your fault the internet got spun up in a totally other direction with it.


fwiw, I found it relevant. It's obviously not _exactly_ the same thing, but "sending an HTTP GET request to a URL" is similar to "viewing HTML source" in that both are totally normally things to expect from a user, so it's hard to see how either could count as "hacking".




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: