|
|
|
|
|
|
by pushpop
2554 days ago
|
|
|
It seems to me there are two solutions to this problem: * remove the ability for 3rd parties to abuse their automatic powers (ie disable their ability to inject JavaScript) * or have a human manually vet every creative The problem here is you neither want to control their access nor take responsibility for monitoring their access. So the blame equally lies with yourselves for not managing an easily exploitable vector of attack. If this were any other system, eg VPN, security professionals would tear you a new asshole and point out just how irresponsible your lack of management is. You’re only excuse here is greed and frankly I’m disgusted. |
|
|
I'm not sure who you think I am or why you're accusing me but none of this is down to a single person.