652
stop over engineering (programming.dev)
you are viewing a single comment's thread
view the rest of the comments
[-] user224@lemmy.sdf.org 121 points 4 days ago

Stop over-engineering shit, just do everything client-side like McDonald's: https://bobdahacker.com/blog/mcdonalds-security-vulnerabilities

[-] passepartout@feddit.org 122 points 4 days ago

My friend who helped me research the OAuth vulnerabilities was let go for "security concerns from corporate"

Good old shooting the messenger.

[-] ZoteTheMighty@lemmy.zip 17 points 4 days ago

I mean, they were an employee who was exploring security vulnerabilities with a non-employee who has a blog. I would have fired them too.

[-] passepartout@feddit.org 17 points 4 days ago

It is indeed a very risky move without a lot to gain for him personally. But I could guess McDonald's would have forced him to ignore it and shut up about it if he disclosed this to the higher ups himself, in which case I would have gladly left myself instead.

this post was submitted on 03 Oct 2025
652 points (100.0% liked)

Programmer Humor

26762 readers
2521 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 2 years ago
MODERATORS