It's always fun keeping your network inspector tab open. While looking around the O2 UK website, I found this page all about eSIMs. For some reason, it wants to know the user's phone number.
I put in a random number, and it refused to let me in.
As far as I can tell, O2 no longer have a Bug Bounty or Responsible Disclosure offering. So I'm publishing it here to let people know.
It is possible that someone could use this API to disclose a (minor) piece of personal information about you - namely whether your phone number is on O2 or not. I don't think that's particularly sensitive, but it is probably worth knowing.
Just for the record: We recommend that no one uses Gogs for anything serious. It has numerous critcal security issues. The latest one allows users to perform destructive actions in other users' repositories or access content from private repositories. And there are even more critical security issues that allow for similarly dangerous things.
@rfc2549 At first I moved from Gitea to Forgejo because I wanted to be ready for forge federation and also because I don't want to promote Gitea's corp.
Yesterday, with Forgejo's critical security fix, I saw a new reason to use Forgejo: Gitea's security team stopped cooperating with Forgejo and gave no explanation for that. This behavior from Gitea is unprofessional and I am not confident on their ability to handle security issues.
The #boycott, which also applies to Nutrients’ publisher, #MDPI, comes after repeated requests to the journal’s editors asking them to institute sound editorial practices.
You will find that many folks like me, war survivors, won't take any political sides & can see bigger picture of evil ego filled puppeteers & power hungry violent leaders as who they are - evil & heartless towards innocent citizens.
I'm upset over seeing mostly one sided support by colonial nations - including Canada. You know most of us called it the US war in Vietnam while Western media/ppl called it Vietnam War? US & colonial states fund/interfere/kill innocent ppl in war games. FUCK WAR.
Trump gripes trial is 'unfair' after judge's #GagOrder
(it was just in regards to the judge’s staff.)
After the trial wrapped up yesterday, Trump aired his #grievances in a post on his social media platform, saying the trial is “unfair” & again suggesting it was an attempt to interfere w/his presidential campaign.
#DonaldTrumpJr & #EricTrump, who signed the representation letr. & the engagement letr. for the 2021 compilation of #Trump’s statements of #financial condition, were a focus of the PM court session.
#Trump continued his attacks against #James hours before he returned to court for the 2nd day of arguments in the #civil#fraud#trial that the #NewYork AG brought against him & his company.
In 2 posts on his social platform this morning, Trump used derogatory terms to #attack James while denying any wrongdoing against allegations that he #inflated his #assets.
That included entering into #evidence a letter that #AllenWeisselberg, then the #TrumpOrganization's CFO, sent #Bender, which read, "We are #responsible for the preparation & fair presentation of the statement on financial condition in accordance with accounting principles generally accepted in the United States."
Does anyone know what has happened in this lawsuit?
👉 Puerto Rican towns sue Big Oil under RICO alleging collusion on climate denial
Puerto Rican municipalities have filed a lawsuit in federal court saying #ExxonMobil Corp, #Shell Plc, #Chevron Corp and others colluded to publicly downplay the risks of their fossil-fuel products on climate change and are #financially#responsible for damages from the devastating 2017 hurricane season, which was made worse by #global#warming.
The group of 16 municipalities filed what they called a first-of-its-kind lawsuit last week against about a dozen fossil fuel companies and others.
The towns say the companies coordinated a multibillion-dollar "#fraudulent marketing scheme" to convince consumers that fossil fuel products do not alter the climate.
That campaign ran contrary to the companies' own studies showing their products accelerate climate change, resulting in more deadly storms, the lawsuit said.
Looks like an excellent podcast recommendation v @ChristopherJM and a reminder from him why is it important:"9 years ago today, #Russian forces shot down MH17, killing all 298 people aboard. Dutch court found #Russia#responsible, convicting 3 Russians, 1 Ukrainian in absentia for roles. #Putin has repeatedly lied about the attack. But overwhelming evidence points finger straight at #Moscow"
The #pharmacy#chain in question, which is happy to give both your #prescription (and presumably #vaccination) #records to pretty much anyone who wants them, in addition to letting them see when your prescriptions are eligible for refill, order those refills, and turn on OR OFF automatic fills for your prescripts is ...
Following links on the Shoppers' site, privacy issues are directed to the Chief Privacy Officer at Loblaws, their parent corporation. #Loblaws bought #Shoppers some years ago in a megamerger.
Shoppers is, I believe, the single largest source of #Canadians' #prescriptions. So this affects a lot of Canadians.
I tried to engage in #responsible#disclosure. I emailed the person in question, twice. I have the logs from my email server showing the messages getting to them.
In the past I've found #problems in #software, problems with #websites, with bureaucratic processes, some of which were significant, but they all pale in comparison to this one.
3/13 I have reported the issue to the company; I have asked them to acknowledge and take short-term steps to close the hole. I reported it after hours, so I have not yet received a response, although maybe they should be monitoring this address out of office hours due to the nature of the system.
I will not identify the company in the meantime, providing they address this in a #reasonable amount of time.