Posted:
#1
I called betonline a few days ago to ask about a deposit...I screwed up the cc exp date on my card and it didn't go through. It was just $250, I wanted to put a small futures bet in for fifty bucks on LV.
Anyway, I call them and the guy on the other line asks for my account ID and password to verify. It blew me away - a lot of sites still use plain text passwords. You'll know this when they send you an email back with your username and password (I checked & they had, when I signed up in October). The client's password on their side should be encrypted & NEVER visible! If a hacker got inside their site, it's game over. Money / poof / betoffline Happened to Sony last summer and was preventable for a company that size:
https://www.fidosysop.org/897/sony-hacked-again-plain-text-password-storage-lol/
It sounds really, really dicey to have service reps in a Third-world country with all that data on file. It sucks because I like their lines and the action, plus they take CCs up to $500. I'm not a big gambler, usually $50-150 bets.
Long story short...they have your password, login ID, email and possibly more info, all in a plain text file. I work in the tech field doing risk and audit analysis and this is not acceptable in 2012 with confidential customer data - not to mention the client's money involved! If you have thousands in betonline, you've been warned.
At the minimum, consider how many website accounts you use with that same email and password, and change them ASAP. This is a serious fuckup just waiting to happen.
Anyway, I call them and the guy on the other line asks for my account ID and password to verify. It blew me away - a lot of sites still use plain text passwords. You'll know this when they send you an email back with your username and password (I checked & they had, when I signed up in October). The client's password on their side should be encrypted & NEVER visible! If a hacker got inside their site, it's game over. Money / poof / betoffline Happened to Sony last summer and was preventable for a company that size:
https://www.fidosysop.org/897/sony-hacked-again-plain-text-password-storage-lol/
It sounds really, really dicey to have service reps in a Third-world country with all that data on file. It sucks because I like their lines and the action, plus they take CCs up to $500. I'm not a big gambler, usually $50-150 bets.
Long story short...they have your password, login ID, email and possibly more info, all in a plain text file. I work in the tech field doing risk and audit analysis and this is not acceptable in 2012 with confidential customer data - not to mention the client's money involved! If you have thousands in betonline, you've been warned.
At the minimum, consider how many website accounts you use with that same email and password, and change them ASAP. This is a serious fuckup just waiting to happen.
0
Hot Forum Topics
