Oh, absolutely true I'm sure! I never LOLed BTW. I think you meant to quote this comment:
Believe me, any time the talk turns to Internet Explorer 6 I am not laughing. The pain is still too fresh.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Foxconn's Servers Hacked, Exposing Vendor Usernames and Passwords
- Thread starter MacRumors
- Start date
- Sort by reaction score
Oh, absolutely true I'm sure! I never LOLed BTW. I think you meant to quote this comment:
Believe me, any time the talk turns to Internet Explorer 6 I am not laughing. The pain is still too fresh.
They could have used rainbow-tables to decrypt the passwords anyway, especially with such simple passwords, and even easier if the passwords haven't been salted prior to hashing.
Wirelessly posted (Mozilla/5.0 (iPhone; CPU iPhone OS 5_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Mobile/9B5141a)
Sorry MR, I'm not buying this story at all. The username and password combinations aside, the use of ie unpatched is irrelevant on a server hack attack (seriously , wtf wtf!). There's no significant data released, etc etc.
Sorry MR, I'm not buying this story at all. The username and password combinations aside, the use of ie unpatched is irrelevant on a server hack attack (seriously , wtf wtf!). There's no significant data released, etc etc.
my company makes billions of dollars a quarter and some tools are still IE6 only. honestly it's not because we are poor, but how poorly designed the IT architecture is. well, actually when it was designed, it wasn't poor, it's just that back then no one understood service oriented architecture then as company grew, you get new app developed that has dependency on the old app, then every department in the company all over world are developing their specific tool and all have a messy dependency on each other. at the end, whatever change u make here will cost million of dollars to update/change because it's a giant mess. it's a very common problem in the industry where people are stuck in very old oracle or siebel or peoplesoft or whatever erp systems they use, and that's why companies like accenture and deloitte exist (it consulting)
Well if the person(s) responsible decide to off themselves. Of course, Apple is somehow responsible for that.
Rich coming from you, as your trying to turn this into an IE issue.
No doubt they had an Ordering system running on a Mac, but the latest Lion update broke that
----------
Heck yeah, they would be calling and asking why Apple is ordering so few
Better it be IE than Safari, the least secure browser;
http://www.bgr.com/2011/03/10/apples-safari-browser-embarrassed-at-pwn2own-hacked-in-5-seconds/
5 second hack? That's pretty embarrassing.
Theres a website dedicated to the complete disappearance of flash from the internet. Do you know the link by any chance?
What bugs me though is that so many people complain about the flash plugin, but the most problematic thing about web development, cross browser compatibility, and guarantee for viewers is Internet Explorer itself. I wish there were individuals that took that much action against all versions of IE as they do against Flash.
Nobody should use any version Internet Explorer, theyre all terrible. There should be global cooperation to ban it completely.
You mean people need to keep up to date with their FUD?
We need to tell Apple about 1Password.
rofl
Really, in this day and age it's insane that companies are still using Windows w/IE. Another high profile breach, and they still haven't learned... 1. It's impossible to truly secure Windows. 2. When you're so big, you can never find and patch all the systems in your organization - better to deploy secure(er) platforms to begin with, cause you'll never find them all later (I know, I'm in IT).
Really, in this day and age it's insane that companies are still using Windows w/IE. Another high profile breach, and they still haven't learned... 1. It's impossible to truly secure Windows. 2. When you're so big, you can never find and patch all the systems in your organization - better to deploy secure(er) platforms to begin with, cause you'll never find them all later (I know, I'm in IT).
Now being serious: 1. 9to5mac put themselves at an extreme legal risk by trying whether these usernames and passwords worked. 2. Nobody knows what these usernames and passwords gave access to. That Apple would use "foxconn2" as a password for accessing a Foxconn server that contains anything critical is unlikely, but just about possible (and whoever is responsible should be told off if that is the case), but the same thing happening to many companies is just totally implausible.
So there might be a server that has been set up, where usernames with default passwords were entered, and that then has been forgotten.
So there might be a server that has been set up, where usernames with default passwords were entered, and that then has been forgotten.
No, what would be illegal is now running various flaw finding scripts like Nitko and maybe some PHP URL Open functions in HTTP headers trying to break whatever Web Server they're running. Maybe some good old fashioned SQL injection just for good measure. If we're really lucky, they won't even be running a Web applications firewall.
Last edited: