Conversation

Conversation

Notices

Eugen (gargron@mastodon.social)'s status on Monday, 05-Feb-2018 20:18:57 EST Eugen

wtf techcrunch https://mastodon.social/media/pcpIWTnFuk5Ghv9hUhU

In conversation Monday, 05-Feb-2018 20:18:57 EST from mastodon.social permalink
1. clacke (clacke@social.heldscal.la)'s status on Monday, 05-Feb-2018 20:38:17 EST clacke
  in reply to
  
  > Increasing reliance on open-source frameworks like React means engineering and security teams can’t just worry about their company’s own code. It has to mingle with changes to open-source projects that can cause unforeseen trouble. It’s like if the ingredients in one of your prescription drugs subtly changed, so your preferred over-the-counter pills suddenly caused a dangerous interaction.
  
  https://techcrunch.com/2018/02/05/mixpanel-passwords/
  
  Ugh. Is this writer aware that you can rely on Other People's Code without even having the freedom to view and change the source code? How is that better? Then you probably won't even discover an issue like this.
  In conversation Monday, 05-Feb-2018 20:38:17 EST from social.heldscal.la permalink
  Attachments
  1. Invalid filename.
    
    Mixpanel analytics accidentally slurped up passwords
    
    By <a href="/author/josh-constine/" title="Posts by Josh Constine" onclick="s_objectID='river_author';" rel="author">Josh Constine</a> from TechCrunch
    
    The passwords of some people using sites monitored by popular analytics provider Mixpanel were mistakenly pulled into its software. Until TechCrunch's inquiry, Mixpanel had made no public announcement about the embarrassing error beyond quietly emailing clients about the problem. Yet some need to update to a fixed Mixpanel SDK to prevent an ongoing privacy breach.

Public

Notices