you just, you just can’t call in a $50m investigation into someone *view sourcing* something. you just can’t!
-
-
Replying to @DanielleFong @seatripper1
or if you can, it’s just hilarious. it’s just so emblematic of how government is screwed up
1 reply 0 retweets 0 likes -
Replying to @DanielleFong
You're absolutely right, it is ridiculous. But it's truly how government works. If you are aware of security vulnerabilities, the safe/ethical thing to do is reach out to an agency and tell them. Everything else is... problematic.
2 replies 0 retweets 0 likes -
Replying to @seatripper1
i don’t know the details of what the journalist did.
1 reply 0 retweets 0 likes -
Replying to @DanielleFong
Does not matter. Laws are not drafted to humor your process, however easy or difficult it might be. They are about *permission.* There is no honorable explanation for lmao, I have your SSNs, suckers.
2 replies 0 retweets 0 likes -
Replying to @seatripper1
i mean what argues against the usual white hat explanation; i just am reporting a vulnerability, i’m not saying i hold this info *as blackmail*, i’m just being a good citizen and *telling you what information of your citizens it at risk?* i have no idea, is this what they did?
1 reply 0 retweets 0 likes -
Replying to @DanielleFong
Here's a scenario for you. You leave for work in the morning. Your car is parked on the street in front of your house. You start it and remember your coffee is on the kitchen counter and run in to grab it.
1 reply 0 retweets 0 likes -
Replying to @seatripper1 @DanielleFong
I'm walking down the street and see your car running there. I get in, take it for a joy ride, show it to all my friends. Folks tell me I have stolen it. I say, why, it was just there in a public space, easy to get to. Finders keepers, right?
2 replies 0 retweets 0 likes -
Replying to @seatripper1
this is a little more like publishing something than leaving a physical object
1 reply 0 retweets 0 likes -
Replying to @DanielleFong
It is the use of something that is not yours. They did not post their social security numbers on a blog. They trusted them to a third party who did not anticipate their property being used this way.
2 replies 0 retweets 0 likes
fundamentally I think malicious intent is needed to be proven to have this attitude. if i were a friend asked to look at this website for ideas, i would have view sourced it. if i came across a 9 digit number in plaintext it might have immediately alarmed me as potentially ssn’s.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
