AAA application for iPhone actual shocking bug

In my recent post regarding the AAA application for iPhone I omitted one juicy detail.

I clicked on While you are waiting for battery service and navigated to a couple of the underlying screens, for example AAA Approved Auto Repair. Then I navigated back (button in top left corner of the screen) to my request and to my surprise the application loaded someone else’s data!

I was able to see the request from some random dude, who was waiting for a tow for his Honda Odyssey, complete with his AAA number. I even showed this to a neighbor who happened to be walking his dog at that time. After navigating back and forth a few times I was not able to reproduce the bug, so it must be intermittent.

In my bug report I even affixed:

As a Senior Principal Software Engineer (on hiatus) I strongly recommend that you look into this problem. Until the root cause of this bug is identified, it is conceivable that an exploit could use this bug to access random records in your request database.

Multithreading bug on the server side? Confusion as to ID requirements on both client and server side? This is the kind of bug that could generate a good war story.

At any rate, I obtained a tracking number and the customary definitely an unusual issue we haven’t seen before from a human. More than one month has gone by… hopefully not swept under the proverbial rug!


1 Comment

Filed under Technology

One response to “AAA application for iPhone actual shocking bug

  1. Pingback: AAA application for iPhone, mystery solved « Pianofab's playground

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s