{"id":39520,"date":"2017-07-26T03:00:07","date_gmt":"2017-07-26T07:00:07","guid":{"rendered":"http:\/\/quotulatiousness.ca\/blog\/?p=39520"},"modified":"2017-07-25T13:18:22","modified_gmt":"2017-07-25T17:18:22","slug":"sure-fire-way-to-reduce-the-number-of-bugs-reported-arrest-the-reporters","status":"publish","type":"post","link":"https:\/\/quotulatiousness.ca\/blog\/2017\/07\/26\/sure-fire-way-to-reduce-the-number-of-bugs-reported-arrest-the-reporters\/","title":{"rendered":"Sure-fire way to reduce the number of bugs reported &#8211; arrest the reporters"},"content":{"rendered":"<p>The Budapest public transit authority has come up with a <a href=\"https:\/\/www.theregister.co.uk\/2017\/07\/25\/hungarian_teenager_arrest_sparks_protests\/\" target=\"_blank\">new technique to handle bug reports<\/a>:<\/p>\n<blockquote><p>The tale started last week when an unnamed 18-year-old found that he was able to, when purchasing a ticket online, poke the BKK website in a particular way to modify the ticket&#8217;s price and buy it at that new price.<\/p>\n<p>Rather than take advantage of virtually free travel in the country&#8217;s capital, however, he did the right thing and reported the security hole to the BKK, complete with a demo in which he was able to buy a $35 ticket for just 20 cents.<\/p>\n<p>The response was not what he expected. Four detectives turned up at his door at 7:00am on Friday, photographed him and questioned him extensively over his actions. The BKK then held a press conference at which its CEO K\u00e1lm\u00e1n Dab\u00f3czi proudly announced they had caught a hacker and had filed an official complaint against him. Dab\u00f3czi assured everyone that the website was now perfectly safe.<\/p>\n<p>That version of events was immediately questioned by the teenager himself however, in a Facebook post.<\/p>\n<p>&#8220;I am an 18-year-old, now middle school graduate,&#8221; he wrote in a message that has since been posted hundreds of times to the BKK&#8217;s Facebook page. &#8220;I trust that I can help solve a mistake.&#8221;<\/p>\n<p>In the message, he says he informed the BKK &#8220;about two minutes&#8221; after he discovered the flaw. &#8220;I did not use the ticket, I do not even live near Budapest, I never traveled on a BKK route. My goal was just to signal the error to the BKK in order to solve it, and not to use it.&#8221;<\/p>\n<p>He continued: &#8220;The BKK has not been able to answer me for four days, but in their press conference today they said it was a cyber attack and was reported. I found an amateur bug that could be exploited by many people \u2013 no one seriously thinks an 18-year-old kid would have played a serious security system and wanted to commit a crime by promptly telling the authorities.&#8221;<\/p>\n<p>He then asks others to help out: &#8220;I ask you to help by sharing this entry with your acquaintances so that the BKK will come to a better understanding and see if my purpose is merely a helper intention, I have not harmed or wanted to harm them in any way. I hope that in this case the BKK will consider withdrawing the report.&#8221;<\/p>\n<p>And so they have shared the entry \u2013 in their thousands \u2013 putting the BKK on the back foot.<\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>The Budapest public transit authority has come up with a new technique to handle bug reports: The tale started last week when an unnamed 18-year-old found that he was able to, when purchasing a ticket online, poke the BKK website in a particular way to modify the ticket&#8217;s price and buy it at that new [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":35193,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[62,9,15],"tags":[1131,129,723,527,593],"class_list":["post-39520","post","type-post","status-publish","format-standard","hentry","category-europe","category-law","category-technology","tag-budapest","tag-hack","tag-hungary","tag-publictransit","tag-socialmedia"],"jetpack_featured_media_url":"https:\/\/quotulatiousness.ca\/blog\/wp-content\/uploads\/2016\/06\/favicon.png","jetpack_shortlink":"https:\/\/wp.me\/p2hpV6-ahq","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/posts\/39520","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/comments?post=39520"}],"version-history":[{"count":1,"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/posts\/39520\/revisions"}],"predecessor-version":[{"id":39521,"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/posts\/39520\/revisions\/39521"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/media\/35193"}],"wp:attachment":[{"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/media?parent=39520"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/categories?post=39520"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/tags?post=39520"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}