Unless a service or protocol provides end-to-end encryption, you should not use its messaging features for anything truly sensitive.
And no, this is not equal. The Hive authors seem to have completely failed to implement authorization for their API, allowing (it seems) anyone with a valid auth token to make a request as any other user, granting everyone access to everyone else's data.
This is a "car company doesn't know what seat belts are" level of incompetence.
And no, this is not equal. The Hive authors seem to have completely failed to implement authorization for their API, allowing (it seems) anyone with a valid auth token to make a request as any other user, granting everyone access to everyone else's data.
This is a "car company doesn't know what seat belts are" level of incompetence.