Archive for June, 2010


We were just trying to make logging in easier…

June 14, 2010

ATT is funny.  Not that new, hip, “ironic” funny, but funny-like-a-clown.  From the WSJ article:

AT&T Inc., reaching out to iPad users Sunday to explain why their email addresses were released last week, blamed the incident on “computer hackers” who “maliciously exploited” an attempt by the carrier to speed the process of logging in to its website.

It would have taken some forethought and planning to make the process convenient and secure.  So, they just didn’t bother.


Told ya so (probably not).

June 10, 2010

Somewhere, inside the bowels of ATT/Cingular/SBMS/Ameritech/C1, there’s a security guy saying “you shouldn’t have relied on user-agent!”.  That solitary voice probably remains ignored.  The iPad masses, now compromised, will cry in pain for a while.

I await comments and commiseration from old friends in that place.


No comment on Lamo and Manning.

June 8, 2010

There’s so much to say, but so little knowledge to be gained.  All I can advise is not to use world readable fileshares, be they user directories or the standard corporate-style file-dump.  Just don’t.  You will always regret it.