This is a pretty good laundry list of things you shouldn’t return in an api and why. I’m sure it will be instructive to folks.
What’s a bit scary is that depending on abstraction (ORM / service layer), it could be as simple as the difference of returning User instead of UserResponse.
The engineers could have easily known better and it was a bad autocomplete / model choice with tests that only asserted the needed fields were there.
It’s easy to bash the devs on how egregious this was, but depending on the system very little might need to “go wrong” for this to happen.
Curious what kinds of strategies other folks use to protect against this.
Annotations / lint rules for using models with sensitive data? Tests that check and fail on fields that shouldn’t be there? Comprehensive / sensitive tests for checking for sensitive fields?
You obviously have to be aware that this could be an issue, and extrapolating from some of the code quality found on other parts of the site[0], I don't think they've got the awareness to proactively deal with that sort of thing.
The website is a $50 social media clone from CodeCanyon. It's written in PHP and uses MySQLiDB. Additional features were added by programmers on Upwork.
That API is a result of ineptitude, but the disclosure is just so full of spin and lies, they're unable to honestly say what was actually leaked without deliberate ommission with only some lose implication to cover their ass.
Nearly half of the words in this rather pathetic disclosure are a dramatic grandstand against... I don't really know to be honest.
> As the CEO of Spoutible, I accept full responsibility for this incident. Since our inception, we have faced an unparalleled barrage of attacks aimed at undermining our community. Yet, it is the spirit of our community that fortifies us against these assaults. The timing of this incident, coinciding with our anniversary, is a stark reminder of the hurdles we face. However, let this moment not weaken us but instead solidify our resolve.
> We stand united, more determined than ever, to uphold our commitment to providing a secure and inclusive platform. For every voice that seeks refuge, for every story that demands to be heard, Spoutible will remain a bastion of safety and solidarity. We will persist, unwavering in our dedication to champion the voices of the marginalized.
All those poor Spoutible users fighting on the beaches, in the fields and on the streets... oh wait, it's some kind of social media platform.
I assume this a year old? Pretty sure this site had a similar issue reported when it initially got introduced. The owner then leaked the personal info over the initial reporter and reported it to his employer etc. Nasty guy this owner of Spoutible.
