I’ve been an Angel.com client since their early days, even if their pricing per minute is unbearable. Nowadays, when toll-free origination costs less than 1 ¢/minute, paying 11 ¢/minute extra for a clumsy web UI and the poorman’s VoiceXML replacement is a daylight robbery. I expect such service to cost no more than 6¢/minute, but VoiceShot.com, for example, is even worse from both pricing and capabilities point of view and there are not many other hosted IVR services.
Anyway, this weekend I found a huge and ugly vulnerability in their web application. I’m serious – it’s devastating! I sent them an email, but I got no response so far. I wonder what should I do. I am thinking of giving them 24 more hours to respond and then I will announce it somewhere, so, customers like me can protect their sensitive data that right now is public domain.