At competent companies -- I make no claim about Twitter here, but certainly at G... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		x0x0 on Dec 24, 2019 \| parent \| context \| favorite \| on: A Twitter app bug was used to match 17M phone numb... At competent companies -- I make no claim about Twitter here, but certainly at Google or at my employer -- it is extremely uncommon to have access to that database. All requests to access are logged and individually permissioned. Asking to access without a good reason, such as attachment to an active customer ticket, etc -- will get a hard no.

londons_explore on Dec 25, 2019 | [–]

But at the same time, there's usually a way round it. For example, break the account in some way so the user opens a ticket, then grab the ticket and dump the whole contents of the account to 'debug'.

drevil-v2 on Dec 25, 2019 | [–]

Who watches the watchers?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact