Hacker News new | ask | show | jobs
by fc417fc802 147 days ago
> an API that should probably be better secured.

I think the API is secured? The entire premise is that a volunteer creates an account and uploads ADS-B telemetry. Detecting falsified data is a separate matter.
1 comments
darthwalsh 147 days ago
Sounds like authentication is working great, but their authorization design may be flawed.
link
filleduchaos 147 days ago
How is it flawed? That is the nature of crowdsourcing.
link