this post was submitted on 05 Jul 2024
736 points (99.2% liked)

Technology

60086 readers
5161 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] kitnaht 0 points 5 months ago* (last edited 5 months ago) (3 children)

Hint -- by manipulating or exploiting its code

Which I am explaining, they...did...not...do...

They did nothing to the code. They didn't break the code, they didn't cause the code to do anything it wasn't designed to do. They did not exploit any code. They used an API endpoint that was in the open. For its intended purpose, to verify phone numbers. The api verified phone numbers, they verified phone numbers with the api. The only thing they did here...was they did verification on a lot of phone numbers.

[–] Guest_User 4 points 5 months ago

They absolutely exploited unintended functionality. If this was intended, they wouldn't have added rate limiting and locked down the api after. It was clear to say this was certainly not an intended use of the api.

In a video game for example, if there is a an item that caused excessive lagging just by placing the item. Placing a lot of them with the intent to lag the game would be an exploit. They only used items sanctioned by the game, but for unintended reasons and they would likely be banned for exploitation.

[–] [email protected] 2 points 5 months ago

You're arguing with someone who was agreeing with you 😑

[–] NateNate60 0 points 5 months ago

You are correct, I replied to the wrong comment