I've seen worse, much worse. I had the pleasure a few years ago of terminating the contract with an Indian SaaS provider when one of my colleagues noticed by chance that their login page was doing an ajax request to retrieve an array of all usernames and passwords (in plain text) and then simply setting a "logged in" cookie if a match was found to what you entered. Setting the cookie to any valid user ID was enough to get you full access to whatever you wanted. We stopped using the software immediately, needless to say.
31 posts • joined 4 Dec 2018
Imagine running a dating app and being told accounts could be easily hijacked. How did that feel, Grindr?
TomTom bill bomb: Why am I being charged for infotainment? I sold my car last year, rages Reg reader
Cool IT support drones never look at explosions: Time to resolution for misbehaving mouse? Three seconds
Only true boffins will be able to grasp Blighty's new legal definitions of the humble metre and kilogram
Grab a towel and pour yourself a Pan Galactic Gargle Blaster because The Hitchhiker's Guide to the Galaxy is 42
Star wreck: There's a 1 in 20 chance a NASA telescope and US military satellite will smash into each other today
Everyone loves our new desktop web search design so much – the one with ads that look like links – that we're tweaking it, says Google
Re: Nothing anywhere proves Googles data is concise or accurate.
I checked my location tracking thing one time after an email from Google invited me to have a look. I saw one day in particular I'd been at a motorsport event near the coast, I'd been in the same place all day. Except, according to Google, about an hour in the afternoon, when I jumped about 50 miles out to sea and back again. I must have not been paying attention because I definitely don't remember doing that
Scientists use machine-learning algorithms to map out 10 billion cells from human bodies in fight against cancer
Americans should have strong privacy-protecting encryption ...that the Feds and cops can break, say senators
Re: Call recording too.
I was also a user of ACR. My Android device is asking me regularly to update to the latest major version but I'm putting it off as long as I can so that I can still use ACR. There's absolutely no reason for them to block call recording. I'm sure I remember reading ACR's blog something about Google citing privacy compliance, but that's nonsense. It's perfectly legal for me to record any calls I want in the UK without asking permission of the person I'm talking to, so long as it's for personal use, which it is.