Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [Info Disclosure] Diesel PHP Job Site Latest Version

From: Ronald van den Blink <ronald () securityview org>
Date: Tue, 6 Jun 2006 01:09:44 +0200
In response of the DieselScripts reaction we have contacted them and told them we should write an article about them and their way of working. They came up with the same reason why they use these phonehomeprocedure and some shocking details about the way they use it. At the end we've got them to remove the phonehomeprocedure ;) The article itself is at
http://www.securityview.org/dieselscripts-or-how-a-small-company-is- making-the-errors-a-big-one-cant.html 

With regards,

Ronald van den Blink
SecurityView.org

On 31 May, 2006, at 15:20, John F Flynn III wrote:
As a systems administrator, I must say that your methods are unacceptable. You are violating your customers' trust by doing this without their knowledge. You even made an effort to hide the code that sends the information! This is outright deceit and should not be tolerated by anyone.
Regardless of your motives, this deceitfulness must be exposed for all to know about.
Perhaps you should trust your customers more. As word of this gets out, you are likely to have a lot fewer of them. I just feel sorry for those who do not find out in time and have their systems compromised because login credentials and other information were sent clear-text over the Internet. 

-John

support () dieselscripts com wrote:

Hello,
To explain this to all visitors, the information is used to prevent any unauthorized copies from running on the web. All of the php developers that sell products online use this method or even more methods. Please stop making such a big deal out of this because it's our way of protecting our work and business. 
Thank you for understanding !
DieselScripts Staff
www.dieselscripts.com


--
John Flynn                              flynnj () cs fiu edu
=========================================================
Systems and Network Administration             /\_/\
School of Computer Science                    ( O.O )
Florida International University               >   <
Previous By Date Next
Previous By Thread Next

Current thread: