View Single Post
Old 05-27-2019, 08:05   #2
Guerrilla Chief
Hand's Avatar
Join Date: Dec 2010
Location: Georgia
Posts: 864
Originally Posted by Golf1echo View Post
Apparently this information was on an unsecured Microsoft Cloud ... seems like they should be included culpability as well.
I'm curious why you think this way. The cloud is infrastructure and virtualized hardware provided to users to do whatever they want to. This is 100% directly the fault of developers who didn't implement per-request authorization on FAF's web site. There are plenty of tools and plenty of consulting firms who specialized in analyzing web sites for security flaws. FAF did not do their due diligence in hardening their site. This exact same scenario would be present had they hosted their site on AWS or cheap web site
"I'm going trick or treating at an all women's college dressed as a safe space." - Divemaster

"Fuck that - man up - kick over the podium, piss on the teleprompter, wave your dick at the TV cameras and drop the mic' as you walk off the stage. " - the QP formerly known as BillyLBach
Hand is offline   Reply With Quote