Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsOff topicdetailsme - a fundamentally flawed website.
richms

29097 posts

Uber Geek
+1 received by user: 10205

Trusted
Lifetime subscriber

#50091 21-Nov-2009 23:30
Send private message

Now, I am not the sort of person to encourage this, but did you know you can just pop in a name of someone on trademe, and then an email address of something insulting, and its just listed? There is no verification of the trademe accound, none of the email, none of the phone number - they just get listed. So if I wanted to really annoy someone (assuming the site gets popular) I can put a popular trademe sellers name in, and their number, and they would get loads of calls. Emails - same deal.




Richard rich.ms

View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2 | 3
richms

29097 posts

Uber Geek
+1 received by user: 10205

Trusted
Lifetime subscriber

  #275059 21-Nov-2009 23:34
Send private message

No privacy policy either.




Richard rich.ms



freitasm
BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41024

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #275073 22-Nov-2009 00:15
Send private message

You have the option to upload your own details - but the bit I didn't like on that page was "Upload details of traders you have dealt with in the past or details you gather in the future"...

I don't like the idea of anyone uploading MY email address there. A spammers paradise it seems.




Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies 

 

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

 

richms

29097 posts

Uber Geek
+1 received by user: 10205

Trusted
Lifetime subscriber

  #275077 22-Nov-2009 00:35
Send private message

the lack of any verification that it is your tm account you are claiming is more troubling to me.
http://www.detailsme.co.nz/search/show/118

Just added some crap as another address - no way to remove it, doesnt sanity check it. Someone with some sql knowledge want to have a shot at a drop on it?




Richard rich.ms



nate
6473 posts

Uber Geek
+1 received by user: 458

Retired Mod
Trusted
Lifetime subscriber

  #275078 22-Nov-2009 00:38
Send private message

Interesting concept, poor implementation.

Wonder what TradeMe's legal stance is on it - do they own your nickname and details so can claim copyright?

richms

29097 posts

Uber Geek
+1 received by user: 10205

Trusted
Lifetime subscriber

  #275083 22-Nov-2009 00:59
Send private message

Interesting...

http://www.detailsme.co.nz/search/show/132

This seems weird this place, its got lots of code behind it, a bit of thought into the graphical content, and yet it violates the most basic of things about sanitizing user input.

" onclick="alert('value')

as an email address, and it lets it run for page visitors.

Oh - my - god... Please tell me that this isn't the product of current "learn to make website" courses that are being taught.

Seems to handle into lt and gt - so no stylesheet fun, perhaps an external .js could be called, Im tired and it will probably be fixed or gone tomorrow. Someone should have some fun while it lasts.




Richard rich.ms

macuser
2120 posts

Uber Geek
+1 received by user: 506


  #275111 22-Nov-2009 09:55
Send private message

Oh, this site is much to funny. You can type alpha characters in the Phone Number boxes... :D

HP

 
 
 
 

Shop now for HP laptops and other devices (affiliate link).
timestyles
424 posts

Ultimate Geek
+1 received by user: 1


  #275114 22-Nov-2009 10:09
Send private message

I added fake details for myself and my partner. Better safe than sorry.

nate
6473 posts

Uber Geek
+1 received by user: 458

Retired Mod
Trusted
Lifetime subscriber

  #275125 22-Nov-2009 10:43
Send private message

c71931f: I'm guessing this is probably the site creator? http://www.detailsme.co.nz/search/show/1


Someone has added fake details to that first profile.  They are using jQuery (common Javascript library) for validation, I do hope they are doing it server side as well, as anyone who turns off Javascript can easily get around this.

boby55
1539 posts

Uber Geek
+1 received by user: 38

Trusted

  #275134 22-Nov-2009 11:23
Send private message

timestyles: I added fake details for myself and my partner. Better safe than sorry.


too bad other users can still add details for you after you already have some.

sbiddle
30853 posts

Uber Geek
+1 received by user: 9996

Retired Mod
Trusted
Biddle Corp
Lifetime subscriber

  #275185 22-Nov-2009 14:21
Send private message

It'll be interesting to see what Trade Me's lawyers think of their logo.

While it may not necessarily breach an existing TM it's similair enough that people could believe there was an association with Trade Me. This in itself is enough to find yourself trying to fight a legal battle you probably won't win.

boby55
1539 posts

Uber Geek
+1 received by user: 38

Trusted

  #275187 22-Nov-2009 14:26
Send private message

c71931f: Lol just attempted to write a long amount of email addys etc..to be told the member name already exists.



search for your user then click add more contact details


Im currently at 50 emails

 
 
 
 

Shop now for Lego sets and other gifts (affiliate link).
sbiddle
30853 posts

Uber Geek
+1 received by user: 9996

Retired Mod
Trusted
Biddle Corp
Lifetime subscriber

  #275201 22-Nov-2009 15:11
Send private message

Looks like virtually everybody now has trashy comments linked to their accounts.

Big Fail.

Kraven
738 posts

Ultimate Geek
+1 received by user: 190


  #275238 22-Nov-2009 17:56
Send private message

Looks like it has been taken offline - prompts for username/password currently when you try to access it.

I did a bit of digging, and found the following trader name on TradeMe which is linked to the owner of the detailsme.co.nz domain name. Trader Name is: cartrader

I was just going to look up to see if he was listed on detailsme.co.nz...

The website is a totally bad idea for a whole lot of reasons IMO.

macuser
2120 posts

Uber Geek
+1 received by user: 506


  #275240 22-Nov-2009 18:18
Send private message

They didn't even have a contact page so you could tell them what was wrong. Sounds like they got the idea though.

timestyles
424 posts

Ultimate Geek
+1 received by user: 1


  #275270 22-Nov-2009 19:59
Send private message

The only 100% accurate way of setting up a website with this idea is either for detailsme to provide auctions on Trademe and for people to bid $1 using buy now, and then detailsme will know the accurate email address, or for people to register with detailsme, then they are presented with a code. They place this code on an auction that they run and detailsme links the two together. Why didn't they think of this?


By the way, this isn't the only website that is using Trademe to annoy people.  Votemenot has been stealing forum data from Trademe's forums for the last year.

 1 | 2 | 3
View this topic in a long page with up to 500 replies per page Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright