Edrick
Premium
join:2004-09-11
Orlando, FL | Yea Good Job NOT
Yea ignore the fact that I reported this to them MONTHS ago and they did nothing at all. Great Job finally realize it months later.
--
Ricky SmithVerizon FIOS User15 Mbit Down 2 Mbit Up |
|
dslhater
Premium
join:2001-09-24
Chicopee, MA
clubs: | Tom needs to be held accountable for this! |
|
eowen
Premium
join:2004-05-12
Temecula, CA
1 edit | great!
thats just great! now that gives me a totally good reason to dump it after several cases of errors from the site.
visiting the site at evening hours is insanely problematic but it was by choice. This time its my choice again :0 |
|
TKJunkMail
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
 ·Sprint Mobile Broa..
 ·Comcast
| reply to dslhater
Re: Yea Good Job NOT
said by dslhater  :Tom needs to be held accountable for this! Tom who?
--
--
My BLOG
My Web Page |
|
texans20
Weapons of Masturbation
Premium
join:2002-09-28
Texas!
clubs:
| Myspace's problem
Myspace has not done enough to protect the security of their own network or site. Spam is rampant, and phishing has always been a problem. Some changes to what is allowed on a profile should be the first step. Removing php or any other script from being allowed to sit on a profile should be the first step.
It's not the hosting providor's fault myspace is lacking in some security. |
|
buzzcut
join:2001-09-30
The woods | I don't think anybody blames the hosting provider for somebody else's security problem, but when they are found to be abetting in that activity, aren't there any good-citizen obligations to help mitigate the damage? |
|
percboy
join:2000-12-07
Columbus, OH
| reply to TKJunkMail
Re: Yea Good Job NOT
said by TKJunkMail :said by dslhater :Tom needs to be held accountable for this! Tom who? »www.myspace.com/tom |
|
amungus
Premium
join:2004-11-26
America
clubs:
| the game
Seems like quite a game to be playing... This should be an obvious open and shut case to anyone.
There are problems with myspace too though. They could very easily implement some simple things to increase their own security. For instance, I can stay logged in all day, it never times out. My bandmate can login, while I'm on, from anywhere, and it doesn't boot me, I just never know he was even logged in.
The myspace people should take some serious actions to reduce their own (security) issues as a matter of prudence. The whole system seems so incredibly duct-taped together that it's a miracle the thing works at all. Let alone, as others have said, the scripting.
While I agree they have security issues galore, the hosting provider in this case should be seriously accountable for allowing a phishing operation right under their noses, and not doing anything to stop it.
I think they should be seriously looked into by whatever authority. |
|
Sebastian
Premium
join:2000-12-22
New Haven, CT | reply to texans20
Re: Myspace's problem
no one is at fault except for myspace.. clearly they should keep an eye on what the hell people are embedding into the pages they create. |
|
firephoto
KDE
Premium
join:2003-03-18
 ·Verizon west (ex G..
| near 40,000 emails/passwords from one of many phish scams
I count about 40,000 email addresses and passwords, not accounting for duplicate logins, from the two .txt files before the current one started growing rapidly till it stopped at about 1860M.
--
Location: +48° 5' 23.40", -119° 48' 30.00" |
|
Insder
There never was a second I in my name
Premium
join:2005-04-27
Salem, MA
1 edit | Try dealing with ISPs on a daily basis
I've given up notifying US ISPs that customers on their networks are spewing phish spam/hosting phish pages. I generally get the same response from them that you guys got from IPowerWeb.
--
The one, the only, the Insder. :: Fighting phishing for life. |
|
mr_cool
join:2003-10-14
USA | reply to percboy
Re: Yea Good Job NOT
You do realize that Tom is not a real person, just a image by the company that made mysapce? |
|
JAAulde
yum yum yum yum yum
Premium,MVM
join:2001-05-09
Hagerstown, MD | Previous CUstomer
As a previous customer of iPowerWeb, this does not come as a surprise. Thankfully that contract has ended and I moved on. |
|
buzzcut
join:2001-09-30
The woods | reply to mr_cool
Re: Yea Good Job NOT
Huh? "Tom" is Tom Anderson, a founder of MySpace and real actual person. |
|
batterup
I Can Not Tell A Lie.
Premium
join:2003-02-06
Netcong, NJ
clubs: | It serves them right.
What MySpace is, is 14 year old girls looking like whores and 50 year old men lusting after them. There is a -o- in heaven. |
|
acethebunny
mIRC is my life
join:2006-09-14
Charleston, WV | reply to buzzcut
Re: Yea Good Job NOT
tom is the guy that made MySpace.. but he doesn't do shit with it anymore.
--
myspace.com/acethebunny =] |
|
Jameson
10-8
Premium
join:2004-05-28
Fallbrook, CA
clubs:
 ·HughesNet Satellit..
·Time Warner Cable
| reply to batterup
Re: It serves them right.
said by batterup :What MySpace is, is 14 year old girls looking like whores and 50 year old men lusting after them. There is a -o- in heaven. Obviously you don't know what your talking about.
--
DirecWay | DW6000-CE |SM5, 117 West, 970 MHz |3.2GHZ Intel|BFG GF 6800 OC |Win XP Pro SP2/98SE/ Macbook Pro OSX Tiger |PCs connected via Linksys WRT54G | DD-WRT firmware: dd-wrt.v23 SP1 |
|
Unregistered User
@comcast.net
 from:
Steve
| reply to Sebastian
Re: Myspace's problem
I have to disagree. Yes, MySpace bears some responsibility, but the hosting provider where the phished information ends up has a responsibility to act when they are advised of what's going on.
A close but not perfect analogy would be if stolen goods were showing up in a pawn shop. Even if the pawn shop owner really didn't know the items were stolen when the thief began pawning them, as soon as he's shown that they are indeed stolen, he can not plead ignorance or maintain that he has no responsibility to do anything to assist in catching the thief.
To return to the MySpace situation, the Web hosting company owners also need to realize that, if this incident prompts a criminal investigation, they could be charged with aiding and abetting the perpetrators of the crime. It's one thing if they didn't know what was going on, but as soon as they're told, they can't just ignore what's happening. If they're smart, they'd better be preserving as much evidence as they can and contacting an attorney because if this does get investigated, they're the first people the police will come to. |
|
MGD
Premium,MVM
join:2002-07-31
Fort Lauderdale, FL
| Amazing !!
Wow!! there are the totally clueless, and then there is iPowerWeb. Clearly, the failure to respond reasonably to what was obviously a phishing support site on their IP space was gross negligence.
Even without reviewing the myspace page source code you would think that almost three quarters of a million email addresses with corresponding passwords stored in open files on their servers would generate some level of concern on iPowerWeb's part. Amazing !! |
|
44402812
Hack The Planet
Premium
join:2006-08-28
Plattsburgh, NY
| said by MGD :Wow!! there are the totally clueless, and then there is iPowerWeb. Clearly, the failure to respond reasonably to what was obviously a phishing support site on their IP space was gross negligence. Even without reviewing the myspace page source code you would think that almost three quarters of a million email addresses with corresponding passwords stored in open files on their servers would generate some level of concern on iPowerWeb's part. Amazing !! Who Cares!!! :P MySpace Sucks and is a complete waste of energy! |
|
