We are great fans of the crowd funding site Kickstarter and so it is bad luck to find that a bug in the sites private application programming interface (API) has accidently left up to seventy thousand new project ideas exposed. It does not seem to be such as major deal according to the site, but it still could have an effect on future projects who are worried about security etc, but of course, these issues will now have been fixed.
According to the Kickstarter blog this is what happened;
On Friday one of our engineers uncovered a bug involving Kickstarter’s private API, which is used to display projects on the Kickstarter homepage. This bug allowed some data from unlaunched projects to be made accessible via the API. It was immediately fixed upon discovering the error. No account or financial data of any kind was made accessible.
For those who are unfamiliar, an API is a software interface that allows software to communicate with one another. It’s not like a webpage that an internet user could point their browser to. It is a feed of data meant to be shared between software. The API in this instance is for Kickstarter’s internal use.
Source [Network World]