Klarna users are being signed in to random accounts

(twitter.com)

475 points danielstocks | 1 comments | 27 May 21 10:28 UTC | HN request time: 0s | source

Show context

shaan7 ◴[27 May 21 15:22 UTC] No.27304181[source]▶

Ha, one time I was debugging an issue that only happened to a particular user. Lazy as I was, I hardcoded his auth token in the code "just to test". Having found the bug quickly, I was excited and did not realize I checked-in the auth token too. Bypassed reviews, pushed to prod and then reports started coming in "Hey, users are saying they are all logged in to this random guy's account".

Lessons learned the hard way ;)

replies(1): >>27309512 #

lupire ◴[27 May 21 22:43 UTC] No.27309512[source]▶

>>27304181 #

Did you compensate the victim of your personal and corporate negligence?

replies(2): >>27310379 #>>27310591 #

passerby1 ◴[28 May 21 01:00 UTC] No.27310591[source]▶

>>27309512 #

Just out of curiosity. Is it a bad question for some reason or why is it downvoted?

replies(1): >>27311676 #

1. greycol ◴[28 May 21 04:17 UTC] No.27311676[source]▶

>>27310591 #

I didn't downvote it but the tone does seem quite adversarial to me.

You could ask "what was the fallout?", "Did the client get compensated?", or "did you make procedural changes afterwards?" without being as confrontational.

Less people will post about their mistakes if they know they're going to be lambasted for them. We can learn from these mistakes if they're shared or they can be a timely reminder of stakes if we're slipping into complacency. So we probably don't want to discourage such posts (especially since it's rarer for people to want to talk about failures that successes).

↑