Okay wow after learning a thing or two about Pillowfort& #39;s security debacle from a dev friend, I& #39;m a little more inclined to come back.

The tl;dr, the security attack was orchestrated and overblown by a competitor site. They were mad that PF got press time and they didn& #39;t.

Basically, it was an op. The dev behind the competitor site is now trying to share more exploits, masking it as a PSA, in hopes that people will follow through.

Said friend of mine I& #39;m keeping anonymous, it& #39;s up to them if they wanna go public at all, but I trust em.

Normally if you find a security breach, you contact the devs, but he has an ulterior motive naturally as a competitor.

To quote my friend, "it would be nice for it to succeed or fail on its own merits rather than due to petty internet drama."

To go further, from what said friend is telling me:

Many of the "exploits" now are non-issues, or they& #39;re entirely local--meaning you break the site for yourself, not for others. (Which. Who cares.)

I seriously wonder if this kinda thing is lawsuit worthy.

One thing I also want to stress:
This is all still largely hearsay vs hearsay. I& #39;m sharing cause I trust my friend on this matter, so it& #39;s a question of if you trust my judgment there. It& #39;s completely rational to take this thread (and others) with a grain of salt.

I& #39;m also not gonna mention who the other platform is, so if someone stakes that claim, that& #39;s on them. I& #39;m a third party in all this, I& #39;m more focused on the unfair treatment of PF, as far as I can see. I don& #39;t have a horse in this race otherwise.