> any sensitive info is pushed to the URL Path This too is not ideal. It gets saved in the brow...

jraph • today at 6:46 AM • 1 reply • view on HN

> any sensitive info is pushed to the URL Path

This too is not ideal. It gets saved in the browser history, and if the url is sent by message (email or IM), the provider may visit it.

> Definitely uninstall whatever junk leaked your domain though, but it's really nothing.

We are used to the tracking being everywhere but it is scandalous and should be considered as such. Not the subdomain leak part, that's just how Rachel noticed, but the non advertised tracking from an appliance chosen to be connected privately.

Replies

TZubiri • today at 7:30 AM

>This too is not ideal. It gets saved in the browser history, and if the url is sent by message (email or IM), the provider may visit it.

Sure. POST for extra security.

> Not the subdomain leak part, that's just how Rachel noticed, but the non advertised tracking from an appliance chosen to be connected privately.

If this were a completely local product, like say a USB stick. Sure. but this is a Network Attached Storage product, and the user explicitly chose to use network functions (domains, http), it's not the same category of issue.

alt Hacker News

Replies