I can hack into your team's private Forum!

Case number:671076-2012986
Topic:Server
Opened by:BootsMcGraw
Status:Open
Type:Bug
Opened on:Saturday, April 2, 2022 - 02:18
Last modified:Saturday, April 2, 2022 - 17:04

Major security problem, Foldit overlords!

The way you have the Foldit website set up, I have figured out two ways to read posts from any team's private Forum.

It's not difficult, just time consuming. If I knew how to write scripts that mined HTML, I could have every post of every team, from 2008, right up to this moment.

I must point out: I HAVE NOT DONE THIS AND WILL NOT DO THIS. I DO NOT AND WILL NOT CHEAT OR STEAL.

I wanted to open up Contenders' long unused Forum so that we could share information with each other about specific puzzles and how we are addressing them. The Contenders are literally scattered across the globe, and it's impossible for us to collaborate effectively solely using Group chat.

I will not use the Group Forum, now, for fear our closely guarded trade secrets be viewed by uninvited eyes.

This is a warning to our rival teams to perhaps share confidential information somewhere else besides your team's Forum, until this gaping security hole gets plugged.

(Sat, 04/02/2022 - 02:18  |  1 comment)


robgee's picture
User offline. Last seen 6 days 2 hours ago. Offline
Joined: 07/26/2013

Yep, this is a whopper.

Sitemap

Developed by: UW Center for Game Science, UW Institute for Protein Design, Northeastern University, Vanderbilt University Meiler Lab, UC Davis
Supported by: DARPA, NSF, NIH, HHMI, Amazon, Microsoft, Adobe, Boehringer Ingelheim, RosettaCommons