Modern IDEs have solved the old tabs vs spaces debate.

It is spaces....otherwise some AI will fill in something which is not a tab!

#programming #ux

~€4 million fine for McDonald’s Poland because of weak/default credentials and IDOR 🫠

The Polish Data Protection Authority (UODO) has fined McDonald’s Poland PLN 16.9 million (≈ €4 million) and its processor 24/7 Communication PLN 184 thousand (≈ €40 thousand) after a misconfigured server exposed sensitive data.

The UODO is Poland’s data‐protection authority enforcing both GDPR and national privacy laws. PESEL acts like a Social Security Number, uniquely identifying Polish citizens, while passport numbers serve as alternative identifiers for non‐citizens.

Researchers Sam Curry and Ian Carroll discovered an admin panel on the global hiring portal mchire.com by trying default test credentials (123456:123456). Inside, they found an IDOR vulnerability in the PUT /api/lead/cem-xhr endpoint that let them enumerate values and pull applicants addresses, emails, phone numbers, and even chat histories with the AI bot.

Notably, the UODO imposed these hefty fines despite the lack of proof that any data was truly exfiltrated or publicly disclosed.

I have unlocked every vehicle and character in Mario Kart World and regretfully confirm there is no 2014 Mercedes GLA.

2/10, bad game.