from Hacker News

Exploiting McDonald's APIs to hijack deliveries and order food for a penny

by 2bluesc on 12/19/24, 3:29 PM with 18 comments

by bluetidepro on 12/19/24, 8:47 PM
All that work for ONLY a $240 Amazon gift card is absolutely wild to me. It still surprises me that people choose not exploit these things when these mega corporations basically award them pennies for finding major vulnerabilities like this.
by EliRivers on 12/20/24, 8:34 AM
"September 29, 2024: I check the reported issues today and confirm they are all fixed."
This is the most amazing thing about this story. Not only did the company not threaten him, they actually fixed the issues.
by beefnugs on 12/23/24, 2:54 AM
Next up : Drive thru ad-blocker. You enter your order into an app and at the drive thru it automatically plays a message that you are not using their fucking tracking points app, then reads your order, and forces the server to read it back to you and checks exactness, including checking the screen for another verification of correctness
poor workers yes... but fuck them just constantly adding more things to say and getting you to donate
by foxyv on 12/20/24, 4:58 PM
Eating McDonalds is just too high a price in the first place. Adding a penny? Even worse.