Hacker News new | ask | show | jobs
by nwh 4893 days ago
It took two months for a response for me from their security team, and in the end their team dismissed my bug as a discrepancy in privacy settings (it isn't). For me at least, it's not really worthwhile trying to make an information leak a publicly known fact — nobody really cares.
2 comments
X-Istence 4893 days ago
I've ran into this too... their security team came back with "That's by design".

Not too long afterwards a friend of mine automated it, stuck it up on Google code and it might be fixed now ...

link
matthuggins 4893 days ago
What is the bug you submitted that they dismissed?
link
nwh 4893 days ago
Under certain conditions contact information of a friend can be extracted when it logically shouldn't be able to.
link