Hacker News new | ask | show | jobs
by Cpoll 5 days ago
The argument here is that the AI is a glorified input page. The input field asks for your username and email and sends it to a backend function. Such an input page is working as intended.

The problem is when the backend function doesn't verify that the email matches the username.
4 comments
dgoldstein0 5 days ago
Why on earth would the backend function even take an email?

Or perhaps said different: use the submitted info to identify the account; send any sensitive messages (recovery codes, password resets whatever) to only the contact info on file. If the chat bot can send such email it should do so via an API that sends only to contact info on file for the associated account and not to an email that's provided by the bot.

link
duskwuff 5 days ago
> Why on earth would the backend function even take an email?

In principle, it could be designed to do so to handle cases where a new email address has been confirmed out of band, e.g. for an account representing a company or a political office. But that's a relatively unusual situation, not something you'd want to be available to every user writing in. (Even if you had an all-human support department, this sort of functionality would only be available to a select few agents.)

link
Cpoll 5 days ago
Some sites do this to prevent password recovery spam; you need to provide two pieces of information. Ideally not telling the client if they wrote the wrong email, that'd be a security issue of its own.
link
Polizeiposaune 5 days ago
When such systems are hooked up to a web page they often will ask which contact should receive the reset code

(Pick one:

"send text to number ending in -1234"

"send text to number ending in -5678"

"send email to jo......th@gmail.com" )

link
jgalt212 5 days ago
Fair enough. Never trust client-submitted browser form, but always trust LLM-submitted form.
link
lou1306 5 days ago
If the backend function was so poorly coded to allow such a gargantuan security hole, then it is an even worse problem. Basically Meta is throwing its own engineers under the bus so that its AI chatbot can save face. Scary stuff.

Unless the backend was _also_ vibe-coded, in which case it is still an AI problem.

link
oenton 5 days ago
Okay, I hear you. I do. From a technical viewpoint, that may very well be how their systems are implemented. But this still doesn't answer the question of why the fuck this matters to these states' AGs and the people they represent.
link