Friday, 16th March 2007
Chris Shiflett: My Amazon Anniversary. Chris Shiflett discloses an unfixed CSRF vulnerability in Amazon’s 1-Click feature that lets an attacker add items to your shopping basket—after reporting the vulnerability to Amazon a year ago!
The best reason to always build out APIs for your product is that it makes it easier for the rest of the world to extend your product or service rather than start competitors.