I wonder how that went through in the meeting
Manager : Um, we're going to need some user data on the survey
Coder : Sure, I can return the IP address, the user name and the account ID
Manager : The name is good, but we'll be needing the account number as well, and the email address
Coder : But I can't hash that data securely on the client side
Manager : no problem, put it in the URL - nobody ever checks that, right ? I never do.
Coder : But that's not secure . .
Manager : We need it yesterday, so get cracking. We'll do security in the next version