Use rsync over ssh.

1. User names and passwords are sensitive.
2. CPU is cheap.
3. Time to force end users to use a real ftp client and/or have MS or Apple implement a modern protocol.

Why store the password in a retrievable fashion?

Sending the actual password to the end-user via email in clear-text is stupid. The end-user will likely go "ohh, right" and keep using it. Much better to send them a random one-time use password or a link that allows them to reset the password once.

They could see if the number was recently ported, yeah.

They would not be able to see if I called up your carrier and had your number [b]forwarded[/b].

Lets say the phone companies $8/h CSRs are absolutely infallible when it comes to social engineering. You've still got hundreds of relatively poor CSRs that may or may not take a few hundred dollars to forward a number somewhere.

The bank should not be validating account ownership based on who answers the phone. It's far too easy to steal a phone, tap a line, or use other methods to compromise the circuit. To be completely honest I'm not even a fan of the automated letters that they send to your house with an access code on them either as all anyone needs to do is acquire your mail. It's not difficult to have the post office redirect mail or just steal it while your not home.

The best way for a bank to allow resets would be an in person visit with photo id and have photo on file to compare it with. Inconvenient, definitely. Reasonably secure? Yeah.

"estimated 1.26 million deaths worldwide in the year 2000"
http://en.wikipedia.org/wiki/List_of_countries_by_traffic-related_death_rate

Going by the statistics here even if the number was 100,000 people due to premature deaths it's still relatively insignificant.

People like to throw in the exposure-related deaths with nuclear and ignore the deaths but ignore them for Coal and other fossil fuel resources.

With just about any large system there is potential for a catastrophic failure.

Dams: If the dam fails it could kill hundreds to thousands of people. Likely, no. With terrorist help or just plain stupidity yeah there is a nonzero chance of disaster.
Oil spills: These happen much more frequently than nuclear issues and cause significant damage.

Using your logic it would be appropriate to ban planes, cars, trains, etc.

People need to stop letting fear and ignorance rule and actually look at the facts.

It wouldn't make a significant difference even if they did.

There are thousands of examples of carriers being tricked into forwarding numbers by 3rd parties. I do it all the time for customers that port into us if something goes wrong with the porting process.

Often all I do is:
1. Identify myself as $MYNAME from $MYCOMPANY. (NOT $THEIRCLIENT)
2. State that I'm calling on behalf of $THEIRCLIENT.
3. Tell them that $THEIRCLIENT is in the process of moving to our services and need to forward the number temporarily.
4. Carrier asks for the forwarding number and it's generally done in 1-2 hours.

The only shred of validation that might happen is them checking my caller id. I've never needed an account number, billing contact name, authorization code, or anything. Just the phone number.

I've even offered to pay for the forward but been declined because I'm not $THEIRCLIENT. They were happy enough to charge the $THEIRCLIENT on my behalf.

Phones/SMS/etc will never be a reliable way to verify an account holder because it really can be anyone on the other end.

Really, why should I care about FF any more? They're killing us and themselves with all of these major version releases.
>> Yes, because it's really hard to say yes to the update button and restart your browser.

>>it's painful when dealing with web development
Write proper standards compliant code and this ceases to be an issue.

>> plugin usage
Flame the shit out of your plugin devs. The new plug-in API has been static since FF4 and they intend to keep it compatible to resolve this issue. FF4 was released March 22, 2011 which means there is absolutely no excuse for plugins to not be compatible with FF4-7.

>> or even just to know what version is "latest".
Help > About.

>> And that doesn't count all the pain with the major bugs that just languish while the UI is endlessly tweaked for no good reason (exactly why was the status bar removed?)
It wasn't removed. It was upgraded and renamed. View > Toolbars -> Add-on Bar.
It's not enabled by default to give more screen real estate. I don't agree with it but it takes half a fucking second to adjust.

As always it's just a fucking number. Who cares if they increase by +1 instead of +0.1 or +1,000,000.

Hi, You've obviously never worked for a company that horribly mismanages distribution groups. They've got 1500 servers sending several reports a day. 99% false positives. The mailing list has been signed up for all kinds of spam and we MUST read it for fear someone emails something important to the stupid list. I automatically delete the automated reports. Fucking waste of time and have to muddle through the rest. :(

You obviously haven't heard of poison, explosives, throwing knifes, mines, axes, several siege engines? A gun is a tool like any other. The problem is the user and always will be. Would it reduce the number of crimes of passion? Maybe, for a time until society adjusts but another tool will replace it. It's human nature to kill. Nothings going to stop someone from strangling someone to death, beating their head on concrete, stabbing them with a knife or any other of the endless possibilities.

It's nonsense like this that allows gun control laws to erode the peoples rights.