Home  >  Article  >  Programmer caused major bug in Pinduoduo and was fined tens of millions

Programmer caused major bug in Pinduoduo and was fined tens of millions

藏色散人
藏色散人forward
2019-01-21 11:27:335733browse

Programmer caused major bug in Pinduoduo and was fined tens of millions

1. What happened

# In the early morning of 01/20, a user exposed a major BUG in Pinduoduo. Users can directly receive a no-threshold The 100 yuan voucher is valid for one year. The voucher is valid for all stores, except for some special products. The wool party members were woken up by their companions in the middle of the night and started frantically picking up wool. Some people picked up tens of thousands of yuan worth of wool.

Pinduoduo’s official response in the morning was that it was a technical bug and was currently being urgently fixed. Pinduoduo urgently fixed this bug at 9 a.m. After that, users can no longer obtain coupons through this channel. And if the user directly obtains the coupon but does not use it, these coupons will also become invalid. Some users questioned the official "Why the coupons they received can no longer be used"

Recommended related articles: Review of Pinduoduo technical accidents, what should programmers learn?

2. The result of the incident

It is reported on the Internet that Pinduoduo’s loss exceeded 20 billion, and according to Pinduoduo’s official reply, the loss is estimated to be around 10 million yuan. Not as scary as the legend says. In addition, Pinduoduo officials have reported to the police, believing that a black production team used its loopholes to generate coupons.

3. Is it BUG marketing?

In the early years, Baidu Cloud Disk engaged in a famous BUG marketing. The original cloud disk service package sold for 100 yuan. Suddenly you can buy it for only 0.1 yuan. For a time, a huge amount of people flowed to Baidu cloud disk. This BUG marketing can be said to have attracted a large wave of traffic to Baidu Cloud Disk. It was later confirmed that it was a BUG marketing done by Baidu Cloud Disk itself, and this marketing was also called a model in the industry.

Although the price of the service package was 100 yuan, that package was a virtual product at that time, so the real value was far less than 100 yuan.

Looking back at the bug that Pinduoduo released this time, when it first came out, many people said that it must be Pinduoduo’s BUG marketing, but if you think about it carefully, these 100 yuan are real money. Users can receive it once and then consume it directly in the mall. You must also note that there is no threshold, which is equivalent to 100 yuan.

Even if calculated based on the cost of attracting new users, it is definitely impossible to get a user for several hundred yuan. And judging from the current official response, it is undoubtedly a technical BUG.

4. Why does this BUG occur?

First of all, can you recall when you saw a 100 yuan no-threshold coupon on an e-commerce platform? It is impossible to give such a large coupon to new users or recalled users. This kind of coupon is equivalent to giving money directly.

But when this coupon appears, we can only understand that the purpose of this coupon is some very special channels, such as something used in internal channels or during testing. Then because the development was not well controlled or the product was not carefully considered during design, this channel was discovered and could be exploited externally.

This problem can only mean that there is a problem with a certain process of the entire product. For such a large enterprise, this problem is very scary. This time we lost tens of millions. Who knows how much we will lose next time?

5. Enlightenment

For us developers, the inspiration is that when we develop functions, permission control must be comprehensive. When facing some When it comes to sensitive things, you must control them in multiple layers. After all, product managers don’t always have everything figured out. And if there is a problem in the end, it is likely that the technology will be blamed.

Statement:
This article is reproduced at:一个程序员的日常. If there is any infringement, please contact admin@php.cn delete