Maybe Sourcery deserves another chance?

Yeah, they fucked up their coding and had a vulnerability that let anyone read private messages. And they are new, so their viability is not proven.

But there are some positive things about them:

  1. The admin took responsibility for the vulnerabilities and took the market offline to fix them. Other market admins tend to make light of security problems and lash out at whoever reports them.

  2. The admin is active on this sub. He seems to have some good ideas and is willing to respond to suggestions.

  3. It's so new that it's doubtful LE is spending a lot of resources trying to take it down yet. Also, being new there is not much to be gained from them exit scamming in the near future.


Comments


[16 Points] RandomPantsAppear:

Programmer here.

These guys seem super nice, so I hate saying this kind of thing...but those issues were not "fix it and move forward" types of bugs. And those do exist. Those were "You seriously are in way over your head" kinds of bugs.

Even if they fix those, the fact is there will be real hackers and real law enforcement out there, and the chances of them getting to even a normal level of security(which is not acceptable here) is low if that is their starting point.

Being able to read anyone's message by changing the message ID is fucking amateur hour. Amateur hour here gets people killed and arrested.


[12 Points] intothestarz:

People always hate on markets when vulnerabilities are found, but they are bound to exist on any market. It's better that they are found and fixed.


[8 Points] Inthewirelain:

Guys I am not trying to act all holier than thou, but if you were a programmer and saw the exploits, then as someone who knew about crypto and security read through their replies, this is someone who has no business being in charge of an operation like this. This isn't a personal attack or vendetta, and I'm not saying you're all dumb listen to me, but seriously. I am sure some other programmer here will chime in. This isn't a huge fuck up by somewhat competent people like Alpha and its message leaks, this is some guy who was barely finished his first 10 tutorials on using PHP.


[2 Points] None:

Well I do think they handled everything very well. They took action.

But I think people need a bit more certainty right now.


[1 Points] t0mcheak:

We've had root this entire time... I'm just sitting pretty, waiting for the hot wallet to have more than $17 in Bitcoin before I make our move.


[1 Points] Polygon_Windows:

I mean theres having vulnerabilities then there is just being plain fucking stupid. Best thing for them to do is head back to codecademy and forget any of it even happened before they get someone arrested.


[0 Points] None:

I guarantee LE had there hands in every single market on the super list