2.10K

Kevin Montgomery

08/22/14 09:57AM

Filed to: Secret

Be wary of what you post to Secret: A hacker detailed to Wired a new way to read any individual's secrets. What's more? There have been 42 security vulnerabilities on the gossip platform discovered by the public in the past six months.

Kevin Montgomery Kevin Montgomery 08/22/14 10:14AM

Also, the exploit detailed to Wired was reported to Secret, fixed by the startup, and then they broke the fix, allowing the vulnerability to be exploited again.

But at some point in the last few weeks, as the company expanded its infrastructure, the bot detection system somehow failed, allowing Caudill and Seely to rediscover the hack, Byttow says.

crashedpc /sarcasm Kevin Montgomery 08/22/14 11:19AM

That's the kind of shit that QA is supposed to track and fix. They probably used an old version of code to do their expansion, and that's just as sloppy as digested chili.