19 comments

[ 0.20 ms ] story [ 60.4 ms ] thread
It's wild that the government supports businesses that write terrible software by charging people with felony charges for exploiting that software on their behalf. When do the companies bear the responsibility for the software they put out in the world.

Now the counterexample is that 'well this is no different than if an employee left the front door of the gas station unlocked and someone stole from it', but there has to be a line where if an exploit is so easy that all it takes is double scanning your card you should be able to use it all you want - it's on the company to do QC and fix the issues.

But there has to be a line where if an exploit is so easy that all it takes walk in an open door and grab what you like, you should be able to use it all you want.
So, by your logic, if someone forgets to lock their door, you should be allowed to walk in and steal everything not bolted down?
Nope. Whether it's a front door or server with a default password, it's illegal. This is very established.
I was trying to ironically reply to the poster, I guess I need to add more /s to my comments.
> there has to be a line where if an exploit is so easy that all it takes is double scanning your card you should be able to use it all you want

I could not disagree with this more. I don't think that anyone wants to live in a world where anything is OK to do as long as it's easy to do.

If it lets me double-swipe for fantastic bonuses, why can I not assume that this is the intended behavior ?

Don't tell me that I have to read and understand those terms of use that I clicked thru when I got the card.

If a vending machine dispenses free product when you aren't trying to hack it, that seems like it probably should not be a felony?
She was pretty clearly trying to hack it though. If you found a developer code you could type into a vending machine to get free product and you used to to get tens of thousands of dollars of free snacks, that would obviously be theft.

Maybe the first time you could claim it was an accident, but there's no way one could claim he reasonably thought free gas forever was intended behavior.

If there's an easily discoverable code to get free stuff, yes it should be free forever. That's not theft but rather stupidity.
In legal terms, something analogous to an "attractive nuisance".
>this is the intended behavior ?

After all, that's why they call it a Rewards card.

>When do the companies bear the responsibility for the software they put out in the world.

When they don't pay lobby to the government. /s

With the exception of medical software, i do know of any case where the companies bear the responsibility .

How on earth did she use 7400 gallons of gas in a few months? At a conservative 20mpg, that's 148000 miles. Over 6 months that's 822 miles per day, or ~40 gallons per day.
Likely, 28000 is mostly investigation costs, not the actual cost of gas.
No, it says at the end she used her card 510 times and pumped 7400 gallons.
Per the article she was selling access to her card for basically 30% off to other people.
Having a demo mode that is accessed by repeating a basic user input twice in a row seems like asking for trouble.