414·
9 days agoStill not Google’s fault.
- 0 Posts
- 6 Comments
Joined 2 years ago
Cake day: July 26th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
https://www.washingtonpost.com/technology/2020/02/14/google-maps-political-borders/
This is not new. Google will show citizens of a country whatever that country’s leadership wants them to see. Usually it’s related to disputed territory from wars, but has also included whiny bullshit like this.
That password reset looked to be like step four of something. So it’s a business logic bypass. Still awful of course but slightly more understandable given other ways this vulnerability could have been introduced. The cool part was detecting all the steps completely blackbox because everything was in the Javascript.
There is no excuse for issuing a valid token before mfa succeeds though. That is negligent.
As if they need to, lol. Cheese is delicious.
They really should have just had the fourth panel.
Read the article.