Kinda like how it ain't "breaking & entering" if you found the victim's diamond necklace in a plastic bin sitting at the curb.
Sounds like exploiting a system to access unauthorized data to me. I'd call it hacking.
The newest Instagram “exploit” is the goofiest I've seen
https://news.ycombinator.com/item?id=48359102 - 180 comments
This is probably a vibe coded feature by someone who had to meet his minimum token quotas.
Or some genius who implemented a "sandbox" and thought that this time, this sandbox will work unlike all other sandboxes in history.
Instagram is of course even worse, since even the Python core developers there use all sorts of hacks. It is not clear if Python is involved in the login system though, but the culture is awful.
And, yes, the current tech is pretty dumb.
But this is a blatant misapplication of the technology in an obviously sensitive use case with an implementation that's so exploitable the people driving it have certainly never heard the term "jailbreak" once in their lives.
Reminds me of a consulting call that I had with a very large internet provider about their new agentic chat support system.
"We're going to start with the request routing layer and move that to AI agents, and then work though the individual services."
I thought it was a wild architectural decision that they would choose to roll every single action that the system handled through an experimental layer. My advice was to start with a safe, repeatable process to validate the effectiveness in the wild, and then expand in the same manner, bringing edges in as they had "solved" the individual implementations.
So, while this is almost the exact opposite of that, choosing a high-value target with real repercussions as their leaf implementation still baffles me. Step zero of any AI integration plan should be prioritization. Companies are routinely failing at this very simple, not-even-technical aspect.
pseudosavant•44m ago