No large corporation with millions of peoples sensitive information would ever have security this lax! /s

...that's intense.

Especially not Equifax.

Something something Apple.

Sometimes the illusion of security works. I assume this gate was on Yahoo's campus?

It works in the sense of making the users feel safe when they aren't?

calling Yahoo to the burn unit

Had to do it once. I was done with a demo version of a project more or less and it was suppose to ship to the client later that day. My boss came in and told me that I should implement a login with username and password. (I already had the login form, but you could just leave everything empty and click login to get passed it) There wasn't enough time to set up an actual login so he told me to just check the username and password in the client side JS before continuing to the application. I know it was just for a quick demo, but I still felt so dirty doing it..

Sounds like standard practice for demos to me. Done it countless times for presentations. You're demoing how it'll work to users, not developers

The skeleton key always works.

Goddamn Skeletons always taking our keys!

Pretty much client-side anything...

I know not much about web development yet I was able to obliterate the high scores on a javascript app by opening Chrome's debugger and changing the code to set the paddle size to 0 and the speed of the ball to way higher in the pong game you had to win as fast as possible.

There were a handful of yearly subscription to a night club in my city as rewards for the highest scores.

Still more secure than Mac OS X High Sierra.

Hey, how is your hand fitting through the internet's pipes and reaching the server side?

I can't believe i never thought of this

The apple high sierra bug visually explained

Yeah. Like the amount of websites using Google's Recaptcha without server-side validation .. its overwhelming

Rule 0 violation

Literally.

When you pass all your unit tests but didn't run any integration tests