Oddbean new post about | logout
Big Barry Bitcoin | 9 months ago (raw) | root | parent | reply | flag 
 That's a different type of thing. This is an objective problem that is probably a violation of basic OWASP security tenents that are expected of all companies today.
Kendy | 9 months ago (raw) | root | parent | reply | flag +1 
 Expected, or required and enforced? Asking to understand.

If required, that would obviously provide us some leverage.
Big Barry Bitcoin | 9 months ago (raw) | root | parent | reply | flag 
 Expected afaik. But I might be wrong, it might not fit in the realm of OWASP, but it is a glaringly obvious security flaw that any respectable team would get onto fixing asap.

It's a small change for large benefit. This is contrary to spam and fake account detection which requires constant monitoring and manual intervention because it is very easy to catch false positives and for people to work around when the problem is more subjective than objective.
Kendy | 9 months ago (raw) | root | parent | reply | flag 
 I think a lot of fraud, spam, and scam account creation problems could be solved with requiring a small refundable deposit with every account type. Ideally Lightning. 

But sadly, they’ll probably never do that because all the bot accounts fluff their advertising “views”