Monday, January 10, 2022

Unhelpfully secure

found on Reddit

As infuriating as this is, I understand why sites have to do it. Giving this kind of information could help attackers. 

But you know what? This is hypocritical, because the security community gives helpful info to attackers all the time in the form of vulnerability research and proof of concept attack tools. It's almost like they have no problem erring on the side of caution when it's just inconveniencing average users, but throw that caution to the wind when it might inconvenience other security folks.