8 posts • joined Wednesday 1st August 2007 12:42 GMT
If they're so good....
... maybe they can accept this challenge:
A normal fully functioning drive overwritten with 0s
Not exactly hard to do.
Getting back data from an accidentally damaged drive is one thing - a criminal with a bit of tech savvy OTOH.
Mind you a disaster recovery firm who can recover data from a PC after spilling wine on the keyboard. Wow! They must be good.
How do they know?
If mere people can only judge the canine emotional state correctly 40% of the time then who - or what - was able to determine that the software got it right 43% of the time?
There's clearly a Dr Who angle in there somewhere...
Email - that well known 1:1 communication tool
So basically Microsoft consider Hotmail no longer appropriate for use as a community communication tool?
No mailing lists, no big cc lists.
A lot of people will have started out on Hotmail and even now may not have the tech-savvy to know they're being screwed.
How long I wonder until there's a cost option that lets Hotmail users use mailing lists? Either for the senders or the users?
Nah, Microsoft would never do that!
Interesting and enjoyable
I look forward to the next instalment :)
You mentioned some services that may be interesting - maybe you could expand on the state of play around trust and identity in open source and standards? The whole Passport vs Liberty Alliance seems to have gone quiet; and of course the ever present spam problem seems to be a trust/identity issue at heart.
Services that addressed these issues successfully would, I feel, truly be worthy of Web 2.0 tags.
So LinkedIn didn't test their code? They released a product into the public arena that contained a flaw. Who would *directly* suffer if this flaw was exploited? Not LinkedIn; the users.
So someone comes along and finds the flaw. They spend time making sure it is a flaw. It is. They notify LinkedIn and ask for compensation for their work. LinkedIn refuse (why should they pay, *they* aren't at risk and they get it for free in a few days anyhow).
If LinkedIn (or any business) had confidence in their site then they'd have a policy of paying for such exploits - after all there aren't any are there? They do continually penetration test the site don't they? Oh wait, no. The risk is external (as Schneier would say).
Jared was being responsible - there is no 'bobby on the beat' who knocks at your door and says "did you know your windows are unlocked around the back". So Jared has become an entrepeneur - he walks the beat and finds problems. The community doesn't pay him for this service so he asks for (not demands) support from those he helps.
What other motivation do LinkedIn have to fix their problem? None. They were told that there was a problem and obviously did not have the expertise to fix it *even knowing it was there*.
Eventually, when they realise that designing and testing the site properly would be cheaper than paying Jared, his job is done.
The approach Jared used seems to be beyond reproach.
Ask yourself - what would LinkedIn say if they discovered Jared had approached NatWest with a way to undetectably remove funds from the LinkedIn business account; and NatWest had told him to take a hike?
"Unprofessional. Practically criminal! That's *our* money!!"
- Xmas Round-up Ghosts of Christmas Past: Ten tech treats from yesteryear
- Special Report How Britain could have invented the iPhone: And how the Quangocracy cocked it up
- Analysis Microsoft's licence riddles give Linux and pals a free ride to virtual domination
- Massive! Yahoo! Mail! outage! going! on! FOURTH! straight! day!
- Bring it on, stream biz Aereo tells TV barons – see you in Supreme Court