How Not To Respond To A Security Problem
from the it-probably-helps-to-actually-fix-things dept
If you're an online merchant and some nice person calls you up and explains that you've made a silly mistake in setting up your order tracking system - so silly that anyone with half a brain can get all sorts of information about every one of your customers - what would you do? ComputerHQ shut everything down, but then came back online with the same security hole. Probably not the best solution. So, they were called again. They did the same thing again. Wired News went and contacted a bunch of people who had ordered from ComputerHQ (they got the info through the security hole) and those people are now pretty pissed. One of them called ComputerHQ - who said the problem had been fixed, even though it hadn't. It would seem that the smartest thing to do would be to take down the site until you knew the problem was fixed - and not to lie when confronted with the problem. Also, many of the customers are pissed that no one from ComputerHQ contacted them since finding out about the hole.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
