Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×

Submission + - Amazon's customer service backdoor (medium.com)

Submitted by Anonymous Coward
An anonymous reader writes: Eric Springer describes his recent troubles with Amazon to highlight one of the biggest weak points in information security: customer service. You can use complex passwords and two-factor authentication all you want — all it takes is a low-level representative trying to be helpful and your account information can be easily compromised. In this case, a bad actor was able to use Amazon's online chat support and a fake address to get the rep to tell him Springer's real address and phone number. That was enough to commit fraud with a couple of unrelated online services. Springer complained, but months later the same thing happened again. That time, he had Amazon put a note on his account not to give out his details.

But that didn't help; the attacker contacted Amazon's phone support line instead, and gathered yet more information. Springer writes, "At this point, Amazon has completely betrayed my trust three times. I have done absolutely everything in my power to secure my account, but it’s hopeless. I am in the process of closing my Amazon account, and migrating as much to Google services which seem significantly more robust at stopping these attacks." Springer's advice for fixing this: "Never do customer support unless the user can log in to their account. The only exception to this, would be if the user forgot the password, and there should be a very strict policy." He also says email services should make aliases easier, and whois protection should be default.

Comment Another reason (Score 3, Insightful) 530

by citricshooter (#27083119) Attached to: State of Colorado Calls Firefox Insecure, IE6 Safe
From their FAQ: "Can I use Firefox or another Browser? No! For security reasons, and some significant processing issues as well, the only supported Browser is Internet Explorer Release 6 or later." I suspect the processing issues are the real reasons and they are trying to scare people into not using Firefox so they don't get the phone calls about their site not working.
Programming

Threads Considered Harmful 266

Posted by kdawson from the history-rhymes dept.
LBR9 writes "James Reinders compares native threads with the goto statement so famously denounced 40 years ago by Edsger Dijkstra. Paraphrasing Dijkstra, he says they both 'make a mess of a program,' and then argues in favor of a higher level of abstraction. A couple of people commenting on the post question whether or not we should be even be treading into the 'swamp of parallelism,' echoing the view recently espoused by Donald Knuth."
Editorial

Submission + - Will Linux Ever Make it to the Desktop? (wildgardenseed.com)

Submitted by BlueParrot
BlueParrot writes: Almost every year someone declares it to be "The Year of the Linux Desktop." Yet, these pundits are wrong-every year. Definitely, Linux has made a lot of progress since the days of Red Hat 6.0, but it still has major architectural problems that have existed since the beginning (and actually, in the pre-Linux days as well). http://www.wildgardenseed.com/Taj/blog/2007/04/15/will-linux-ever-make-it-to-the-desktop/

Feed Tom's Hardware: The Inquirer: Year End Predictions For 2008 (pheedo.com)

From feed by thfeed
Someone apparently pulled The Inquirer clan away from the pub long enough to think a clear thought about 2008. They've put together a top ten list of events they believe will happen. What are your thoughts? Is The Inquirer clan on the mark? Or off the wagon?
Security

Submission + - Jobs in Computer Forensics?

Submitted by raw-sewage
raw-sewage writes: I recently obtained a copy of Wietse Venema and Dan Farmer's Forensic Discovery. The book has piqued my interest in a career in computer forensics. Does anyone have experience with such a job? What kinds of firms (private or governmental) hire people to perform technological investigations?

Slashdot Top Deals

What good is a ticket to the good life, if you can't find the entrance?

Close