The anonymous sharing app, Secret, has been recently hacked. The hack is not so serious, it doesn’t expose who said what (maybe in the future someone will expose this too). What you can be sure about, is that nothing is anonymous on the internet (excepting the Anonymous hacking group).
So, the hack exposed that the Secret.ly app doesn’t have ideal security measures. The hack allows users to make requests under the context of another users, which is possible because the authentication is missing, the server doesn’t check if you have the correct user token. That’s why a user can post a comment on another user’s post, despite the fact that the post is marked as “Public Comments Disabled”.
Source – https://twitter.com/lisallynch/status/431525046428131328
