Jump to content

Not again! Another website used by foreigners in Thailand suffers massive data breach


snoop1130

Recommended Posts

Yes, it is possible to change a userID in a URL (which should not be displayed anyway) and retrieve another users data. I've done it under controlled conditions. But only if the developer has neglected security considerations and validation routines when the web site was created, which is the point that Mr Barrow was trying to make. Of course, most web developers worth their salt would never allow this to happen so there are still some places free in the world's jails.

 

My original point was that if he did this then it would be legally defined as hacking i.e. gaining unauthorised access to a system or data.

  • Thanks 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.





×
×
  • Create New...