Every mobile phone has a birthday
I used this trick with Marston's - every email account has a birthday....
Happy hours all round!
Hipster beer maker Brewdog has been caught out by a basic, but potentially very expensive, security problem, and the team that discovered it says the Scottish tipple-merchant's response was hardly encouraging. Research by security shop Pen Test Partners found that the Brewdog mobile app used the same hard-coded API Bearer …
"Either this is just very lazy malware coding, or they are banking on people being that stupid. Most likely both"
You say that like they should be targetting smart people who won't fall for it? The whole point of a successful scam is to target those not smart (or technologically literate) enough to know better. I mean, my mum doesn't even know what Flash is, let alone that it's been killed off. So a Flash update scam is likely to be just as successful as it always was for a few years yet.
Yeah they could say "click this for a required update to iOS" on Android and it would probably do as well. Windows has trained two generations of computer users to just click "OK" whenever anything asks to be updated, so most don't even read what it says.
They haven't had to change offering a "flash" update because they still work in 2021!
About 5 years ago I had an app for a popular stout where each week it would give you a free pint to drink in any one of about 50 local bars - to claim the pint, say what bar you were in and show the code to the barman. It had some minimal security in it - the code was unique to the bar, and the screen with the code had a timestamp and a countdown timer.
But it was easy to circumvent. The easiest way was just to grab every old phone / tablet in the cupboard, install the app on each of them and bring them all out for the evening. At each bar, pull out a device and use up the code, rinse and repeat. Switch bars after drinks.
But then they made an update to the app where it became even easier - all you had to do was wipe the app cache and the free pint flag was reset and we could just take a single phone each. Literally just claim a pint, wipe the cache, claim a pint, wipe the cache. Repeat until inebriated
I swear we didn't buy a single drink for months.
Biting the hand that feeds IT © 1998–2021