CurrentC Alerts Users of Unauthorized Access to Email Addresses

[qwerty104]

just saying...

Thanks for your condescension. Whether I know how the technology works or not is actually irrelevant - this is about consumer confidence. If they can break the window (an easy target) they can also figure out how to get inside. Yes, it may take more than a script - but I'm pretty certain there are some dedicated hackers in the world that don't stop with just a script....kiddie.

But i'm pretty sure he wasn't calling anyone here a "kiddie" but rather stating that it would take a bit more hacking knowledge to get much further... a "script kiddie" is a term used to describe someone (normally younger or new to the hacking scene) that uses someone else's script program instead of making their own, normally because they don't have the skills or knowledge base to create their own. These are also called "script bunnies" or "skiddies"...however, this is the internet, and its possible you already knew that, and I just made myself look like an idiot. Hope I didn't flame anything.

 

[Keirasplace]

No. Do your research. The hackers got the login info from other sources!

Yes, they did. But that guys confusion does reflect one thing. When it comes to security, perception sometimes trumps reality. This is one thing that Apple must mind when they deal with their system.


Hacks in something totally unrelated to their payment system (or even to them) could affect how people feel about it if people don't understand the difference.

 

[CoilTap]

Wouldn't a safe company have things in place to prevent users from having easy passwords?

No such thing. CoilTap1984! would evaluate to a secure password in almost every system but since it's my name and birth year it's junk.

There's nothing a system can do to force users to have a truly secure password. The typical rankings you see on passwords only add up for using capital letters, numbers, and punctuation. However, you can meet all of those criteria and still have an easily guessable password with low entropy.

 

[StyxMaker]

Apple is simply utilizing Tokenization 2.0 they didn't invent this system.

No where does that post say that Apple invented anything. I read the post several time just to be sure. Reading comprehension a problem for you?

 

[PNutts]

Well that went down in flames quickly.

 

[dXTC]

Hold on while I grab my popcorn.

This situation is getting almost as grimy and lurid as the whole Honey Boo Boo scandal.

 

[Keirasplace]

No such thing. CoilTap1984! would evaluate to a secure password in almost every system but since it's my name and birth year it's junk.

There's nothing a system can do to force users to have a truly secure password. The typical rankings you see on passwords only add up for using capital letters, numbers, and punctuation. However, you can meet all of those criteria and still have an easily guessable password with low entropy.

My own way of building a very long secure pass word that is not easily guessable. Make a random insane sentence (less sense is better, but still something you could remember) then mispell every word in a way you would remember and imaginatively use smiley faces and punctuation inside the sentence. Bet, the NSA would have a field day guessing my passwords .

Did Fuzzy mangoes write nine comics? Yes they did! ;-)

If someone can guess what follows, they're damn good .

DiFuzymagozrite9komics?YeDeydi!;-)

Of course, if I'm phisshed and I enter I give it to someone, well what's the point then.

 

[eac25]

But i'm pretty sure he wasn't calling anyone here a "kiddie" but rather stating that it would take a bit more hacking knowledge to get much further... a "script kiddie" is a term used to describe someone (normally younger or new to the hacking scene) that uses someone else's script program instead of making their own, normally because they don't have the skills or knowledge base to create their own. These are also called "script bunnies" or "skiddies"...however, this is the internet, and its possible you already knew that, and I just made myself look like an idiot. Hope I didn't flame anything.

Thanks for keeping things real. Fundamentally that's what I was trying to do as well, but not as graciously I suppose. And whether I knew that or not you wouldn't look like an idiot (at least not to me) because, of course, you have no way of knowing whether I did already or not. His assumption that all that hack took was a borrowed script has, IMHO, no basis in reality, and there were other bits about his tone and series of posts that made me decide to go after the assumptions, fallacies and logic flaws...

 

[N2PVP]

The average consumer will not sign on to currentC. They have been told time and time again not to give your ss# to anyone. Also change is hard for most people. See my singture below!

 

[dotme]

...what I am saying is people here are slamming CurrentC and have next to no idea how the technology works and are now saying CurrentC isn't safe because hackers hacked a low level email server.

What? You'd better brush up on what really happened. CurrentC says right on their website that your account is "protected" by a 4 digit pin. Really? Armed with your email address, and a botnet of computers, how long before a hacker guesses your PIN?

"Your information lives on our highly encrypted cloud" they say on their website. Well, now some of it is in the hands of hackers. I don't care what you say about the security of payment processing systems, these people just lost what little credibility they might have ever had. If they think I'm going to hand them my SSN, bank account and routing number at this point, they're delusional.

 

[bawbac]

You're right. Better go yell at BoA for that.

Nope. AP still needs a lot of work.
Getting your foot in the door with thongs ain't going to cut it.

They should of waited but I guess they needed something else to boast to sell more 6/6+.

AP is going to kill NFC for everyone.
NFC won't get traction again for another 5-7 years.
I'm sure people will blame CurrentC for a scapegoat.

 

[Variant]

I'd like to take a moment to thank CurrentC for uniting Apple and Android fans together in a common hatred for this trash payment program! Huzzah!

 

[mrbrown]

don't how to really answer this. bitcoin is far more innovative than applepay and is still accepted at many merchants even cvs and wallgreens. so i really have no horse in this race. bitcoin is far more technologically innovation than apple pay will ever be. so no need for me to use such a sub-par system like applepay




you always have a choice my friend. i use bitoin for all my cvs and wallgreens purchases so i really see no disruption on my side. plus bitcoin is far more secure than applepay will ever be.

Bitcoin is never going to be a mainstream form of payment. It will always be a niche, unless somebody can figure out a way to mainstream it and make it easy for somebody like my mom to use.

 

[JoeTomasone]

applepay uses device account numbers that are present in a database at visa your bank.

ftfy.

 

[eac25]

AP is going to kill NFC for everyone.
NFC won't get traction again for another 5-7 years.
I'm sure people will blame CurrentC for a scapegoat.

Could you expand on that line of reasoning...? How is ApplePay going to kill NFC when NFC is required for it to work (at PoS, anyway)? And how will CurrentC, which doesn't use NFC, be a viable scapegoat?

 

[amro]

I'd like to take a moment to thank CurrentC for uniting Apple and Android fans together in a common hatred for this trash payment program! Huzzah!

Hell is getting a little chilly.

 

[bawbac]

Could you expand on that line of reasoning...? How is ApplePay going to kill NFC when NFC is required for it to work (at PoS, anyway)? And how will CurrentC, which doesn't use NFC, be a viable scapegoat?

"Look at the carrot and not the issue..." -

 

[eac25]

"Look at the carrot and not the issue..." -

Yes, yes - pay no attention to the man behind the curtain and all that. Sorry - that doesn't really help me reach clarity on your point though...

 

[CoilTap]

My own way of building a very long secure pass word that is not easily guessable. Make a random insane sentence (less sense is better, but still something you could remember) then mispell every word in a way you would remember and imaginatively use smiley faces and punctuation inside the sentence. Bet, the NSA would have a field day guessing my passwords .

Did Fuzzy mangoes write nine comics? Yes they did! ;-)

If someone can guess what follows, they're damn good .

DiFuzymagozrite9komics?YeDeydi!;-)

Of course, if I'm phisshed and I enter I give it to someone, well what's the point then.

http://xkcd.com/936/

 

[subsonix]

http://xkcd.com/936/

bani superambulacral florimanist acyloin

 

[PassiveSmoking]

Well that didn't take very long did it?

Ladies and gentlemen, I give you the payment system that the MCX want you to use instead of Apple or Google's!

 

[kilcher]

The average consumer will not sign on to currentC. They have been told time and time again not to give your ss# to anyone. Also change is hard for most people. See my singture below!

Not only that but our society is addicted to credit and buying things they can't afford. Very few people will want their purchases taken directly out of their checking account.

 

[bawbac]

Yes, yes - pay no attention to the man behind the curtain and all that. Sorry - that doesn't really help me reach clarity on your point though...

Because your blinders are keeping you from seeing the ugly truth.
Apple is the new Jim Jones.

 

[dontwalkhand]

"Cloud" means nothing. Cloud is now another word for a third party service that hosts something.

Exactly, by definition, we have had cloud tech since at least the 80s

----------

Not really. I am able to use my ATM at many local stores, but it's far from all. There's a PIN but no chip.

It's useless for online shopping, however. And it can't be added to Apple Pay, unfortunately.

edit: btw, just for context, I live on the east coast (Connecticut) and my bank is Peoples

I just received a Chip & PIN debit card from Bank of America. Worked at Walmart.

Too little too late as I entered the card into Apple Pay too.

 

[Robert.Walter]

No. Some idiot celebrities used passwords like "password" and "123456" and low-tech "hackers" walked through the front door.

It's not a hack. It's idiots that don't have even slightly strong passwords.

That's not the whole story...

Apple had a design flaw in the password recovery via answering questions. There was no counter to limit tries or lock this function after multiple failed attempts.