Comments for One Shot Design http://www.1sd.org Areas of our digital life that should be left open or kept closed Mon, 22 Mar 2010 04:05:35 +0000 http://wordpress.org/?v=2.6.2 Comment on Largest job search engine should hire a better sysadmin by E L http://www.1sd.org/2009/01/24/largest-job-search-engine-should-hire-a-better-sysadmin/#comment-8279 E L Mon, 02 Mar 2009 00:32:49 +0000 http://www.1sd.org/2009/01/24/largest-job-search-engine-should-hire-a-better-sysadmin/#comment-8279 Hi, After monster.com had their problems, I changed my password and found the login process and the password change process is not encrypted at all. I've sent them a message which will certainly go unanswered. It seemed like there might be some guidelines at the Safe Harbor web pages. Sad to say, there is nothing there indicating encryption should be used during the login and password changing processes. I used Wireshark to capture packets during the login process and during the password change process. Both were in the clear using HTTP instead of HTTPS. Perhaps this information can be shared out to Monster and other companies to fix this issue. And, shared to the customers to put pressure on these companies. We've learned NOT to hold our breath for these simple, yet effective security methods. Regards, E L nojunkmail4ebl@comcast.net Hi,
After monster.com had their
problems, I changed my
password and found the login
process and the password
change process is not
encrypted at all.

I’ve sent them a message
which will certainly go
unanswered.

It seemed like there might
be some guidelines at the
Safe Harbor web pages. Sad
to say, there is nothing
there indicating encryption
should be used during the
login and password changing
processes.

I used Wireshark to capture
packets during the login
process and during the
password change process.
Both were in the clear using
HTTP instead of HTTPS.

Perhaps this information can
be shared out to Monster and
other companies to fix this
issue. And, shared to the
customers to put pressure
on these companies.

We’ve learned NOT to hold
our breath for these simple,
yet effective security
methods.

Regards,
E L
nojunkmail4ebl@comcast.net

]]> Comment on Book review: After The Software Wars by Book Review!-- keithcu.com http://www.1sd.org/2009/01/16/book-review-after-the-software-wars/#comment-3177 Book Review!-- keithcu.com Fri, 16 Jan 2009 22:05:27 +0000 http://www.1sd.org/?p=837#comment-3177 [...] is a book review from Francis Jacquerye, a Master of Arts in design who lives in [...] [...] is a book review from Francis Jacquerye, a Master of Arts in design who lives in [...]

]]> Comment on Public domain T-shirt template by kramero http://www.1sd.org/2007/02/19/t-shirt/#comment-649 kramero Tue, 11 Nov 2008 03:03:43 +0000 http://1sd.org/?p= 36#comment-649 Thanks for sharing... I've been looking everywhere for this.. Thanks for sharing… I’ve been looking everywhere for this..

]]> Comment on Zimbra, Yahoo’s new mail client by Dan K. http://www.1sd.org/2008/10/28/zimbra-yahoos-new-mail-client/#comment-278 Dan K. Tue, 28 Oct 2008 21:06:02 +0000 http://www.1sd.org/?p=405#comment-278 There's underlying support for vCard import, though it may not currently be surfaced in the UI. Go ahead and request it in the Zimbra bug tracking system: http://bugzilla.zimbra.com There’s underlying support for vCard import, though it may not currently be surfaced in the UI. Go ahead and request it in the Zimbra bug tracking system: http://bugzilla.zimbra.com

]]>