October 25th, 2011

[info]apotheosis in [info]07refugees

And now for your monthly LJ boondoggle

Once again, LJ breaks a whole plethora of things while attempting to mess with something else. And in the case of some things, they were never broken to begin with.

Aside from the avalanche of other bugs, (don't they test this crap before releasing it?) the main issue was that for a time it wasn't possible to login to LJ at all. And when users were finally able to log back in, (Unfortunately, both LJLogin and Juggler are still functionally useless at the moment) many users noticed a few problems. Serious problems.

Some users complained that friends-locked entries were now accessible to the general public. Users banned from journals will have to be re-banned; whatever 'fix' LJ applied wiped banned lists. Some users couldn't stay logged in whether with LJLogin or by manually logging in.

But that's not even the best part. Some users are reporting that they seem to be bounced around to random functions of other users. One user in particular was bounced to the inbox of a merchant account which had sensitive information such as credit card info. Another complained of similarly having access to the private journals of three other users.

It's bad enough that random people might be able to read friends-locked or even private posts, but a security glitch of this scope is criminally inept.

Edit: Incidentally, here's the thread detailing most of the issues that everyone's been having. Aside from the chorus of "Stop 'fixing' thing that aren't broken!" and the usual complaints about LJ's 'customer service' (or lack thereof) the thrust of the criticism is that these changes pretty much render LJ functionally useless.