Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
hitko1566198dNo need to implement advanced security features, when you can just make it illegal to challenge them and prosecute whoever tries.
SortOfTested14598198dAnyone who has seen healthcare.gov would not be surprised by this.
ethernetzero2109197d@wannabe If it's something like the one they use here in Spain…
Right off the bat, it was found that any user logged in could access any case from anyone just by changing the ID in the URL, with no access control whatsoever.
This was their defense:
The system is perfectly closed and secure, as long as it's used lawfully and ethically.