Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
homakov
on March 28, 2015
|
parent
|
context
|
favorite
| on:
Slack was hacked
Why wait and not use it right away? If you have read access now you can exploit now.
grey-area
on March 28, 2015
[–]
Oh I see - you mean they have read access, then trigger password reset, then use the token straight away? That does mean they'd be firing off emails which would alert users though.
homakov
on March 28, 2015
|
parent
[–]
It would. They didn't do it probably because they didn't try this trick. But they could i think.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search: