|
|
|
|
|
|
by Bartweiss
2801 days ago
|
|
|
Interesting, thanks. I had only followed general-consumption reports here, and hadn't seen that the attack involved obtaining a token that allowed the attacker to authenticate as the user, and I didn't realize that the API included support for pulling search history data. Given that, I understand much better why this was a disaster from the beginning, and why people are so mistrustful of the rolling "and also this..." disclosures. |
|
|