Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsOff topicSPAM Alert - (Hell Pizza compromised?)
View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 | 5 | 6 
reven
3743 posts

Uber Geek

Trusted

  #358400 29-Jul-2010 14:20
Send private message

dman:
sleemanj: SQL injection is one thing, but this was pretty sloppy, it wasn't just forgetting to escape a string or something, it was sending complete unchecked SQL across the wire.  Even 10 years ago (really, 10 years, in flash?) that would have been pretty obviously a bad idea.
it wasn't just that, they had a whole comedy of errors. Like storing passwords as plain text, no matter how many years we are talking about you can't call that secure


for my forum i was using yetanotherforum.net, an open source asp.net forum, and the first thing i noticed, the passwords were all stored in the db as plaintext.   the first thing i did was change them to a seeded md5 hash.

its not uncommon to do, but i really wish it was.

seriously never going to use their website to make an order, or heaven forbid make a credit card payment through them. 



Kyanar
4089 posts

Uber Geek

ID Verified
Trusted

  #358444 29-Jul-2010 15:03
Send private message

reven:
dman:
sleemanj: SQL injection is one thing, but this was pretty sloppy, it wasn't just forgetting to escape a string or something, it was sending complete unchecked SQL across the wire.  Even 10 years ago (really, 10 years, in flash?) that would have been pretty obviously a bad idea.
it wasn't just that, they had a whole comedy of errors. Like storing passwords as plain text, no matter how many years we are talking about you can't call that secure


for my forum i was using yetanotherforum.net, an open source asp.net forum, and the first thing i noticed, the passwords were all stored in the db as plaintext.   the first thing i did was change them to a seeded md5 hash.

its not uncommon to do, but i really wish it was.

seriously never going to use their website to make an order, or heaven forbid make a credit card payment through them. 


CC payments for Hell are now run through a third party called Mobi2Go (a NZ company by the name of Third Screen Interactive).

reven
3743 posts

Uber Geek

Trusted

  #358484 29-Jul-2010 16:02
Send private message

yeah but i still wont trust hell with this kind of information any more.

if they came out and admitted it straight up, and not blaming a disgruntle employee i might of had some respect left for them and a bit of trust they would clean up their act.

but they didnt, so i cant trust them. not saying i wont still eat there (love their pizzas), i just wont be using their webapp to order. which is a shame because i only use dominos or pizza huts webapp when ordering through them (unless on iphone, stupid flash)



richms
28187 posts

Uber Geek

Trusted
Lifetime subscriber

  #358535 29-Jul-2010 16:47
Send private message

I only ever order pickup with dominos, the email address used has been safe so far, and the "name" I give them is not usually mine.




Richard rich.ms

reven
3743 posts

Uber Geek

Trusted

  #358615 29-Jul-2010 17:52
Send private message

richms: I only ever order pickup with dominos, the email address used has been safe so far, and the "name" I give them is not usually mine.

Lol

1 | 2 | 3 | 4 | 5 | 6 
View this topic in a long page with up to 500 replies per page Create new topic





News and reviews »

Air New Zealand Starts AI adoption with OpenAI
Posted 24-Jul-2025 16:00

eero Pro 7 Review
Posted 23-Jul-2025 12:07

BeeStation Plus Review
Posted 21-Jul-2025 14:21

eero Unveils New Wi-Fi 7 Products in New Zealand
Posted 21-Jul-2025 00:01

WiZ Introduces HDMI Sync Box and other Light Devices
Posted 20-Jul-2025 17:32

RedShield Enhances DDoS and Bot Attack Protection
Posted 20-Jul-2025 17:26

Seagate Ships 30TB Drives
Posted 17-Jul-2025 11:24

Oclean AirPump A10 Water Flosser Review
Posted 13-Jul-2025 11:05

Samsung Galaxy Z Fold7: Raising the Bar for Smartphones
Posted 10-Jul-2025 02:01

Samsung Galaxy Z Flip7 Brings New Edge-To-Edge FlexWindow
Posted 10-Jul-2025 02:01

Epson Launches New AM-C550Z WorkForce Enterprise printer
Posted 9-Jul-2025 18:22

Samsung Releases Smart Monitor M9
Posted 9-Jul-2025 17:46

Nearly Half of Older Kiwis Still Write their Passwords on Paper
Posted 9-Jul-2025 08:42

D-Link 4G+ Cat6 Wi-Fi 6 DWR-933M Mobile Hotspot Review
Posted 1-Jul-2025 11:34

Oppo A5 Series Launches With New Levels of Durability
Posted 30-Jun-2025 10:15








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.







RSS feeds
Main feed
Forums feed
Copyright
©2002-2025 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Affiliate links
Samsung
AliExpress
Wise
Sharesies
GoodSync
Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright