Citizens Bank idiocy round-up
Citizens Bank has been particularly idiotic recently. Here’s the round-up of all the disappointments we’ve suffered at their hands…
Category Archives: Web
Supposed SysAdmin & Network Security experts don’t know how to run a secure Web site
Yesterday, I decided I wanted to unsubscribe from one of the e-newsletters published by SANS, which bills itself as, “the most trusted source for computer security training, certification and research.” There were no instructions in the e-newsletter for how to unsubscribe, so I went to their Web site. It told me that I had to… Read More »
New Massachusetts unemployment insurance employer Web site crashes and burns upon launch
(Simulblogged at universalhub.com.) The Commonwealth of Massachusetts has a convoluted(*) unemployment insurance system, under which employers are required to make various quarterly and annual filings and quarterly payments involving at least two different state agencies. This system is administered by the Department of Unemployment Assistance (DUA), who decided to replace their old, paper-based system with… Read More »
Sears violates CAN-SPAM act
Today, I received a commercial email message from Sears Home Services, a.k.a., Sears Holdings Corporation. They got my email address when I made a service appointment through their Web site, which I subsequently canceled when it became clear that they were going to charge me more than a local repair man. The email message contained… Read More »
Bye bye Chase!
Recall my recent letter to Chase, which ended: As I see it, you have three options for what to do now: You can throw my letter in the trash. Result: I close my Chase account and get a new card from someone else. You can send me a useless, boilerplate response that does not address… Read More »
The Consumerist jumps the shark
I’ve been subscribed to The Consumerist since Continental lost my daughter last summer and The Consumerist picked up the story. I was impressed by their reach and by the quality of stories that they ran. Unfortunately, two or three months after I started reading them, the quality seemed to start going down. There were a… Read More »
WordPress inadvertent disclosure bug
As I previously wrote, I recently had to change my password on over 300 Web sites because my default “medium-security password” was compromised. The compromise was caused by a bug in the WordPress blogging platform which can result in inadvertent disclosure of information when content is pasted into the WYSIWYG text editor built into WordPress.… Read More »
Password security hall of shame
As I wrote earlier today, I just changed my password on over 300 Web sites. In the process, I encountered a large number of sites which simply don’t know how to do password security properly. Some of these sites are operated by major corporations which are entrusted by their users with confidential and sensitive personal… Read More »
Why I just spent three days changing my passwords on over 300 Web sites
“Hi, my name is jik, and I’m a password reuser.” “Hi, jik!” If there isn’t a “Password Reusers Anonymous”, there probably should be. By “password reuse,” I mean using the same password over and over on multiple Web sites. It’s a really bad idea, and I should know that better than most, since I’ve worked… Read More »
More on the DMAchoice.org debacle
My blog postings about the DMA (initial and followup) got picked up at The Consumerist and got over 5,200 views, which is a respectable take, but not nearly as good as when Continental lost my daughter :-). You will also find on The Consumerist a rebuttal from the DMA which doesn’t actually respond substantively to… Read More »