Greg Cohoon (drmellow) wrote,
Greg Cohoon
drmellow

PocketLJ is not being cool.

This is so NOT COOL. It seems that since I've installed pocketlj, pretty much anyone using it can post as me. See this thread as an example of a thread which was started by someone posing as me.

As a software developer, I know mistakes and bugs happen. But this is a pretty nasty security hole. Especially since the documentation went to lengths to assure me that something like this could not happen. I hope they fix it soon. In the mean time, I may have to disable my LJ to prevent "LJ identity theft."

Edit: It appears to be fixed now. See the discussion in pocketlj for the blow-by-blow commentary.
Subscribe
  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 2 comments