Nasty EBay hole
Results 1 to 10 of 10

Thread: Nasty EBay hole

  1. #1

    Nasty EBay hole

    http://news.zdnet.co.uk/story/0,,t269-s2107658,00.html

    This is nasty and downright scary....my sis trades there. Guess I better keep an eye on the auction list

  2. #2
    Senior Member cwk9's Avatar
    Join Date
    Feb 2002
    Posts
    1,211
    Password cache = bad idea
    Its not software piracy. Iím just making multiple off site backups.

  3. #3
    AO Soccer Mom debwalin's Avatar
    Join Date
    Mar 2002
    Posts
    2,185
    I also use E-bay....that's kind of scary, although I have never used a credit card, I always mail money orders.


    EBay has said that the number of accounts compromised by dictionary attacks has been no more than the "low triple digits."

    Gee, isn't that enough? I mean I know they have a lot of users, but the "low triple digits" is still a pretty big number when you're talking compromised accounts!

    Deb
    Outside of a dog, a book is man's best friend. Inside of a dog it's too dark to read.

  4. #4
    Banned
    Join Date
    Mar 2002
    Posts
    968
    Thank God I ALWAYS pay by money order or personal checks.....

    I have never been comfortable sending out a credit card number over the internet....
    (or over a cellphone)

    I guess a little paranoia pays off....

  5. #5
    http://news.zdnet.co.uk/story/0,,t269-s2107350,00.html

    Scroll down to the bottom of this article....THEY KNOW THEY HAVE A PROBLEM BUT THEY DON'T TAKE ANY ACTION....That's just like this latest hole...THEY KNEW this was a problem since JANUARY and didn't bother to fix it untill this guy pointed it out. WTF!!!!!!!!!

  6. #6
    Flash M0nkey
    Join Date
    Sep 2001
    Posts
    3,447
    low triple figures - [sarcasm]sure thats alright then[/sarcasm]

    v_Ln

  7. #7
    Senior Member Ouroboros's Avatar
    Join Date
    Nov 2001
    Location
    Superior, WI USA
    Posts
    628

    Unhappy SSL?

    Security experts have criticised the company's log-in system, saying that because it generally transmits passwords and account information in plain text, it is vulnerable to "packet sniffers," programs that can monitor the transmission of data between computers.
    Doesn't eBay use SSL for login functions? If not, I would never use that site anyway, since my money would be involved. Too bad most folks don't know the significance anyway...

    Hey! I just now saw the report on this subject on TechTV...weird...

    Anyways...the dictionary attack thing is easily avoided if people would use properly constructed passwords, so that's their own fault...

    Ouroboros
    "entia non sunt multiplicanda praeter necessitatem"

    "entities should not be multiplied beyond necessity."

    -Occam's Razor


  8. #8
    SSL is an OPTION for Ebay logins (get that crap)!!!!!!!!!

  9. #9
    Senior Member Ouroboros's Avatar
    Join Date
    Nov 2001
    Location
    Superior, WI USA
    Posts
    628
    Option?!? What the hell?...sigh...
    Choosing a couple of seconds of speed vs. securing my information isn't a choice at all, IMO...oh well, people will get what they deserve...

    Ouroboros
    "entia non sunt multiplicanda praeter necessitatem"

    "entities should not be multiplied beyond necessity."

    -Occam's Razor


  10. #10
    Originally posted here by Ouroboros
    Option?!? What the hell?...sigh...
    Choosing a couple of seconds of speed vs. securing my information isn't a choice at all, IMO...oh well, people will get what they deserve...

    Ouroboros
    Tell me about it

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •