- Feature Articles
- CodeSOD
-
Error'd
- Most Recent Articles
- Stop Poking Me!
- Operation Erred Successfully
- A Dark Turn
- Nothing Doing
- Home By Another Way
- Coast Star
- Forsooth
- Epic
- Forums
-
Other Articles
- Random Article
- Other Series
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
Do we give them at least an A for effort?
Admin
Same for phone companies. You need to submit some personal data of the owner or the one that made that was registered to be able to make changes. If you have the personal data, but are not one of those persons, you can`t request a cancelation of the service. But then, if you call them and tell them you the one in charge, pass the data, you get to cancel it. As if they could check by voice recognition system or see through the phone if you are the one you saying you are. Really silly this kind of stuff....
Admin
TRWTF is that they're using fax machines.
Wasn't there a similar submission involving letterheads sent in a long time ago?
Edit: Turns out I was the one who submitted it :) http://worsethanfailure.com/Comments/The_Fully_Automated_Manual_System.aspx#92779
Admin
sigh
How many security WTFs are we going to see?
This isn't a complaint about security WTF stories but rather exasperation that people are so stupid when it comes to security. Why, God, why????
Keep em coming Alex. The best medicine for these people is ridicule.
Admin
how much stupid is there in the world?
Admin
Don't ask questions that you don't want answered.
Admin
Admin
That's a koan to meditate on, but I suspect that it may not be constant...
Admin
More than enough .... I blame public shcools and parents that don't hit their kids
Admin
I had to do this exact same thing to purchase an ssl cert from GeoTrust ...
Admin
The stupidity rate, much like the death rate, has remained constant at 100% for as long as it has been recorded.
Admin
A student in my department used to work on a telephone helpline, and told me about one call he had wanting to update the details on file for a woman named Linda. Since the caller had an extremely deep, gravelly voice, he said "I'm sorry, Linda will have to call in person to make this change". When the reply came back "this IS Linda", he thought for a moment and went ahead - since it wasn't a bank or anything secure, there was no authentication anyway.
Hm - I wonder if simultaneously domain-jacking Microsoft, Amazon, Ebay and Google would be enough to make these clowns re-think the "letterhead as authentication" policy? Maybe if google.com etc all redirected to this page, they'd get the hint. Or the perpetrator would get free accommodation for life in Gitmo for "cyberterrorism"...
Captcha: Darwin. Somehow, this seems appropriate.
Admin
That's a pretty stupid thing to say...
Admin
Admin
Admin
It appears your private tutelage and parental abuse still were not able to correct your spelling.
Admin
Awesome - this stuff is priceless: I had a similar situation once... Even though mine actually involved getting some HTML from a browser and saving some images to disk...
Captcha: sanitarium - I think those people need one.. .:P
Admin
I went to public school My parents never hit me
I'm quite the idiot.
Just sayin
Admin
I don't know about in the US, but in Australia and the UK many places require an official company letter to do a domain transfer. And the law in the UK and in Au defines an offical company letter as one printed with company letterhead, with strict rules as to what constitutes a company letterhead (eg. business registration number, names of directors, etc.).
So this isn't an issue of security, it's really an issue of legality.
Maybe a WTF in the US, but almost certainly not in Europe and Australia.
Admin
Allow me to point out that the UK is NOT Europe. It's ONLY ONE member of Europe.
A domain transfer in Belgium only requires you to click one or two buttons.
Applying your same logic: this certainly is a WTF in Europe.
Admin
The signature line on my work email is:
Two things are infinite: the universe and human stupidity, even though I'm not yet sure about the universe. - A. Einstein
Admin
Reminds me of an antivirus vendor I used to deal with...
Them: Thanks for calling Acme AV. My name is Billy, how may I help you? Me: Hello I'm calling on behalf of my client, Bob Smith, to have his Enterprise AV license transferred to a different server. Them: I'm sorry, only Mr. Smith can authorize that. Me: I just told you I'm calling on his behalf. He's out golfing today. Them: I'm sorry, our polic</click>
Me: <dials/> Them: Thanks for calling Acme AV. My name is Suzie, how may I help you? Me: Hi, my name is Bob Smith...
Admin
grammar police are back!!
Admin
Admin
Eh, not so much a WTF. Requiring that serious communication come down on company letterhead was the means of identifying you as a bona fide representative of the company back in the 70's and 80's. It's kind of like when Wal-Mart won't accept a personal check if the check number is under 500. Quaint and anachronistic.
Admin
Admin
When I read all this about company-style faxes, faked or not, I get the strong feeling, that a Wooden Table should also become part of the game in some way or other.
Admin
Admin
Reminds me a quote from the movie Analyze This:
Vitti: Is he any good?
Jelly: Yeah, he seemed like a smart guy. He had a business card and everything.
Vitti: He had a card? That's a real f*ckin' achievement.
Admin
Requiring company letterhead isn't really a WTF. Do a Google search on "Company letterhead" and "forgery" and you'll see that while it doesn't prevent someone from sending in false information, it really increases the penalties.
Admin
I know this is off topic, but can anybody remember the post that had the link to women with nice asses (It was some middle aged women riding donkeys) ? I told somebody at work about it and they wanted to see
Admin
I am the backup for the DBA where I work. When he's on vacation, I do tape rotations (we actually have offsite backup!). His instructions when I need to retrieve old tapes (for example, to recycle them for next month) are "call the storage place, tell them you're me, give them the security code, and say you need whichever tapes back." I needed this once, and sure enough, what I was afraid of happened: after giving all the info, the woman on the other line said I didn't sound like who I claimed to be. Crap. Well, at least I know they take their jobs seriously.
Admin
Admin
Yep, it is still a WTF in Aussie. A little company letterhead goes a long way. I did exactly this in Australia to transfer the ownership of domains for companies we'd bought - small companies with no extant letterhead, so copy & paste their web site logo and away you go. In particular, it's the only effective way of dealing with NetRegistry - who are a giant steaming WTF all by themselves.
Admin
So far - looks like about a full page or so.
CAPTCHA = dubya (need I say more)?
Admin
I did the same thing once to cancel the account. I had to do it on the account owner's behalf. So before I called the company I asked him for the information that I knew they'd ask for for verification. Oh, it wasn't a him, it was a woman. All the funnier.
So the whole time I'm going through the process of cancellation claiming I'm Suzy Smith the guy keeps asking me to prove it with his questions and I had all the answers. It was funny as hell because he kept sounding like he thought I'd trip up at some point but I had my bases covered. It was amusing to say the least. In the end, I got the account cancelled and all was well.
Admin
Ah yes, reminds me of trying to get approved for a car loan after graduating from college. "We need to see a phone bill to prove your address." "Erm, I don't have a landline, and just moved into the apartment this month, so I don't have a cell phone bill yet showing the current address.... But I do have electricity and cable TV bills, as well as a copy of my apartment lease with me." "No, it has to be a phone bill." OK, I go to Verizon's website, print out the latest bill and bring it back to them. "See, it has my current address." "Oh, but this doesn't 'say Verizon' on it. It was printed with your computer's printer. How do we know it's authentic?" "Well, I've signed up for paperless billing, so you're not going to get anything that wasn't printed on my inkjet..." Had to get the phone company people on a three way call with the bank to finally verify that was my correct address.
Admin
Just remember sites like this are biased. Even in America the amount of people who use a real computer on a daily basis is probably around 60 percent.
Then realize that we're one of the most industrialized nations. Imagine if everyone in Africa had a computer.
Believe me, there's a lot more stupid out there. A lot! And who knows maybe they'll soon be on our "interwebs"
Admin
Alot of existing systems have problems with the younger generation. I have the problem all the time. Whats your home phone number.... umm I don't have one and I'm damn sure not giving you my cell phone number... The systems are old and it's going to take them a while to catch up. The good news is they want our business so they will adapt after they lose a few sales.
Admin
Try explaining to some of those systems that you don't have a landline AND you don't have a cellphone. I don't have a landline, because I only sleep at my house. Also, I don't have a cellphone because a) I hate the things and b) I'm connected 99.9% of the day (I'd make a great ISP).
For some reason or other, they always want to talk to you. Email won't do. Lousy system(s).
Admin
This is a legal dodge. If you've really got a letterhead and someone maliciously submits a fake letterhead then the ISP is covered.
I've had to create a letterhead for a company that was in this situation. The boss and I both thought it was stupid and insecure.
Admin
True, and it increases the penalty on it from something along the lines of "Minor act of malicious intent" to "forgery of official documents"
(note, i'm not a lawyer, nor am I brittish. this is how it works over here.)
Admin
That would include you, then.
Admin
Admin
When I opened up a checking account about 2 years ago, we got to the part where I placed my order for checks. The lady at the bank pretty much made me start my check numbers at 1000 to avoid this problem. I thought it was pretty funny, but I guess she had dealt with it before and knew what she was talking about.
Admin
Admin
If you ever lived in Russia... it was always like this. I had a stack of stamped letterhead paper, on which I wrote all kinds of requests. The most frequent one was to the customs, to let me "export" a cd with the software. Of course a private person has no right to take any piece of software out of the country. The fact that I could as well zip it and send it with my email meant nothing (and connections were slow those days).
Admin
Admin
You don't see it mentioned in the write-up, but they also allow you to print it out on company letterhead, take a picture of that on a wooden table, and email the photo in. They're very much into this whole "technology" thing.
Admin
When did they leave?