Simon Willison’s Weblog

Subscribe

Friday, 16th March 2007

Chris Shiflett: My Amazon Anniversary. Chris Shiflett discloses an unfixed CSRF vulnerability in Amazon’s 1-Click feature that lets an attacker add items to your shopping basket—after reporting the vulnerability to Amazon a year ago!

# 10:16 am / csrf, security, chris-shiflett, amazon

The best reason to always build out APIs for your product is that it makes it easier for the rest of the world to extend your product or service rather than start competitors.

Dick Costolo

# 10:41 am / apis, dick-costolo, feedburner