![]() ![]() ![]() |
|
jbard:
This part is interesting:
"Please rest assured that your password has been, at all times, strongly encrypted and stored in our database."
It is very clear this wasn't the case at all. I wonder if this is something being spun to him by the Indian developers or if he actually believes this?
dontpanic42: Please correct me if I'm wrong, but the fact they had the means to send the password out via a 'forgot password' email in plain text clearly suggests that they at least had the means to decrypt said "encrypted" passwords.
This is the complete opposite of secure.
Twitter: ajobbins
ajobbins:dontpanic42: Please correct me if I'm wrong, but the fact they had the means to send the password out via a 'forgot password' email in plain text clearly suggests that they at least had the means to decrypt said "encrypted" passwords.
This is the complete opposite of secure.
Oh the stories I could tell you about other large organisations doing just this who's information is a lot more sensitive than a little kiwi auction site....
MurrayM:jbard:
This part is interesting:
"Please rest assured that your password has been, at all times, strongly encrypted and stored in our database."
It is very clear this wasn't the case at all. I wonder if this is something being spun to him by the Indian developers or if he actually believes this?
Maybe the passwords were stored in their database in an encrypted format, just not hashed?
DonGould: Techday hit my email inbox this morning as well... seems the media are roasting and toasting this one...
KiwiNZ:DonGould: Techday hit my email inbox this morning as well... seems the media are roasting and toasting this one...
I love Wheedle self description in their vacancy Ad ?"Wheedle Limited is a successful online web service business with its head office located in Christchurch, New Zealand."
Say what now? successful? where?
?
KiwiNZ:DonGould: Techday hit my email inbox this morning as well... seems the media are roasting and toasting this one...
I love Wheedle self description in their vacancy Ad "Wheedle Limited is a successful online web service business with its head office located in Christchurch, New Zealand."
Say what now? successful? where?
DonGould: That was my initial thought when we started to see log on errors showing up and MF posted about being able to see other peoples details after he'd logged in.
I wish them good luck getting that one sorted out if that's the case. The JDF that someone posted suggested to me that they weren't asking for people with proven experience in that space.
jbard:MurrayM:jbard:
This part is interesting:
"Please rest assured that your password has been, at all times, strongly encrypted and stored in our database."
It is very clear this wasn't the case at all. I wonder if this is something being spun to him by the Indian developers or if he actually believes this?
Maybe the passwords were stored in their database in an encrypted format, just not hashed?
Yeah they might have been encrypted but this is from safe and secure. Anyone who knows how Google works would have been able to decrypt the passwords if a list had been leaked.
I feel it is pretty misleading to make that sort of statement. For the average consumer they would take his word for it.
networkn:ajobbins:dontpanic42: Please correct me if I'm wrong, but the fact they had the means to send the password out via a 'forgot password' email in plain text clearly suggests that they at least had the means to decrypt said "encrypted" passwords.
This is the complete opposite of secure.
Oh the stories I could tell you about other large organisations doing just this who's information is a lot more sensitive than a little kiwi auction site....
LOTS and LOTs of sites do this.
Twitter: ajobbins
KiwiNZ:DonGould: Techday hit my email inbox this morning as well... seems the media are roasting and toasting this one...
I love Wheedle self description in their vacancy Ad ?"Wheedle Limited is a successful online web service business with its head office located in Christchurch, New Zealand."
Say what now? successful? where?
?
|
![]() ![]() ![]() |