Some of Our Sources
- Slashdot
- Simplebits
- Team Treehouse
- Just Creative
- Spoon Graphics
- Vandelay Design
- My Ink Blog
- Web Resource Source
- The Verge
- TechPowerUp
Help Webnuz
Referal links:
July 26, 2016 02:00 am
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/iQg2tAL1R8c/vines-source-code-was-accidentally-made-public-for-five-minutes
Vine's Source Code Was Accidentally Made Public For Five Minutes
An anonymous reader writes from The Register: Vine, the six-second-video-loop app acquired by Twitter in 2012, had its source code made publicly available by a bounty-hunter for everyone to see. The Register reports: "According to this post by @avicoder (Vjex at GitHub), Vine's source code was for a while available on what was supposed to be a private Docker registry. While docker.vineapp.com, hosted at Amazon, wasn't meant to be available, @avicoder found he was able to download images with a simple pull request. After that it's all too easy: the docker pull https://docker.vineapp.com:443/library/vinewww request loaded the code, and he could then open the Docker image and run it. 'I was able to see the entire source code of Vine, its API keys and third party keys and secrets. Even running the image without any parameter, [it] was letting me host a replica of Vine locally.' The code included 'API keys, third party keys and secrets,' he writes. Twitter's bounty program paid out -- $10,080 -- and the problem was fixed in March (within five minutes of him demonstrating the issue)."Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/iQg2tAL1R8c/vines-source-code-was-accidentally-made-public-for-five-minutes
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot