Y
Hacker News
new
|
ask
|
show
|
jobs
by
rgj
4084 days ago
Especislly since the
real
security is that you can apparently change your email address without a validation email being sent. All they did was add CSRF protection but this still is very bad practice.