from Hacker News

Hackers force MangaDex to shut down

by zawerf on 3/21/21, 11:33 PM with 3 comments

  • by karmicthreat on 3/21/21, 11:50 PM

    The letter on their site is dumb. It's the complete wrong approach to security. They have an implicit assumption that v5 will be perfect and totally not going to be exploited right out the gate.

    They would be better off focusing on securing their existing site. Log EVERYTHING, make sure you don't have any ways to inject SQL, make sure that if anyone can break out server side they can't get to anything useful. Just basic stuff.

    That said, they don't owe anyone anything. It's all volunteer, but if you are going to do it do it well.