Trusting your security to Google is literally like trusting a fox to guard your hen house.

It’s something that literally every dev has done at some point before they knew better.

If you’re working for a multinational tech company handling sensitive user data and still make this mistake, then you are being malicious in your incompetence. This is something that would cause you to lose a significant amount of marks on a first year college programming project, let alone a production system used by literally billions of people.

that logged unencrypted password data

Why the fuck would you need to log a password ever? This is absolutely malice and not incompetence.

Hanlon’s Razor revised: Never attribute to malice what can be attributed to incompetence, except where there is an established pattern of malice.

Does anyone remember an article/interview a while back where Mark Fuckerberg shamelessly admitted that he chose not to hash passwords in the original Facebook codebase specifically because he wanted to be able to log into his users’ other accounts that use the same password? I swear I remember reading something like this but now I can’t find it.

Anything that was designed be exploited was designed that way for a reason. You think Intel isn’t aware of the security issues with how they designed their CPUs?