Zoho users beware. There appears to be a nasty bug whereby a user logs in with their own credentials, but finds themselves logged into another user's account. I have the last couple of weeks experienced that I get logged on into another account that I do not know! I can see the other account documents. Just a few minutes ago I …
Premise = argument
Premises = land/buildings etc.
I'm a pedant I admit it.
Under high load, we had a very rare race condition in a common underlying framework that caused this. Before we detected and applied a fix, our logs indicate that it impacted about 12 users.
We immediately took down the servers immediately when we detected the issue and we put in a patch. Our engineering teams are currently working on it round the clock monitoring to ensure that it will not recur.
We understand that our entire business is based on the user’s trust, and we are taking it very seriously.
A race condition indicates to me temp files... which seems to be the wrong way to handle this... WTF are they thinking? Or am I not as smart as I think I am?
session id precision?
i was working at a major uk retail bank when they first rolled out internet banking. An element of the session id was a time stamp and because the precision was too low, if two users logged on at more or less the same time they got the same session and saw the other's details. I think the incident actually made news at 10. Oh how we laughed!
> Before we detected and applied a fix, our logs indicate that it impacted about 12 users.
Not to be flippant, but that's mighty good logging you have there if it actually can be used to diagnose state that is not meant to be reached in the first place.
- Geek's Guide to Britain Kingston's aviation empire: From industry firsts to Airfix heroes
- Analysis Happy 2nd birthday, Windows 8 and Surface: Anatomy of a disaster
- Review Vulture trails claw across Lenovo's touchy N20p Chromebook
- Adobe spies on readers: EVERY DRM page turn leaked to base over SSL
- Analysis The future health of the internet comes down to ONE simple question…