• 0 Posts
  • 175 Comments
Joined 10 months ago
cake
Cake day: January 22nd, 2024

help-circle


  • Nah, zendesk should absolutely have recognised that gaining unauthorised read access to support ticket email chains is a massive security issue. Firstly “support email chains” accounts for proportionately nearly all the data zendesk is handling, so a vulnerability there is core to the product, not at all peripheral, and secondly, who on earth is working in tech today that doesn’t know that your email is they key to all your online accounts?

    Zendesk here were blatantly either stupid or in denial and treated a bug reporter as a low life enemy instead of an asset. The kid did right by any plausible moral viewpoint.