- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
DramaQueen....
If you guys just would spend some $$$ to security and hiring some real webdeveloper(and not some scriptkiddie), you would not have any problems....
Admin
Wow, first off, nice spam there.
Second: Looks like they got around to hiring a new web designer, as it now no longer uses javascript to authenticate and now uses php.
Admin
FAIL. Your four children must come from different men, because you're so impotent that you code your passwords DIRECTLY INTO THE PAGE. If you're that incompetent, you deserve to be homeless and your four children sold into indentured servitude to pay your hosting service bill.
Real hackers don't care whose feelings they hurt. They take credit card numbers. The service you just got for free costs thousands of dollars at "real" companies, under the guise 'Security Audit'.
Admin
So I know this is an old article but came across it and decided to look into a few things.
After going through their site I noticed they finally send the login information to a php script for validation. A few weird things I noticed were:
In all the login forms I saw on their site today refer back to their site as HTTP://sitename.com not HTTPs://sitename.com not something like login.php; index.php or ever / or hey nothing at all. I never program an full url unless I am posting to ssl (which isn't completely safe either), they aren't even doing that.
One login form uses "POST" and the other (note going to the same place uses "GET" as the method. Thats double work for the programmer for the same results.
Not your typical programming.
Also, not that this totally means anything but adds suspicion, the owner of this company is all over the place with at least 3-4 other businesses in different cities in Florida. Not to mention he is not doing a good job keeping his registries consistent with the sites let along each other. He also uses multiple personal email addresses instead of consolidating to one which is what most business owners of multiple companies do.
This just sounds all together odd but not too uncommon. As I have investigated many businesses, these actually comes up often but I usually can discredit a vast majority of them.
Admin
Hey man. That site is back upand there now using joomla. Is this like the same site as before? Please let me know if it is, because if so, his site is going offline. My neighbor lost a lot of money from guys like him.
Admin
LOL This can't be real, surely? A company does itself in by it's own stupidity, and everyone else is to blame?
Admin
I am guessing there are two types of customer:
In other words, I am guessing that the 'purpose' has nothing to do with providing a service, it simply about having an excuse to charge fees.
Admin
Or given the nature of the "exploit" and the way web-pages work, like sending a mass-mailing to millions of random people by e-mail saying "We have a new website! And the username and password to enter is..."
Admin
No doubt yet another of George Dubya's executive decisions about to be rolled back by Obama...
Admin
I know - let's call this an experiment in "natural selection".
Can selection pressure from our comments cause them to "evolve" a truly secure solution by trial and error? How many generations will it take?
Admin
It seems as if they've disabled the submit button completely by removing the form tags now.
Admin
Apparently these people have learned their lesson. Out of curiosity, I checked their new login page here, and tried to enter, without success. In fact, without any effect at all. So I checked the source for that login page... and aside from some weird nested tables in the login form, the real novelty is that it lacks an action entirely. Click that login button however many times you want, the form will never be submitted anywhere.
Now THAT is what I call unhackable. Of course, it's also bloody useless.
Admin
ilI paid FSG $2,600 for advertising space. I got nothing. According to a Stuart Fl customer, he lost $1,500 According to a Brookville Fl customer, he lost $5,000 According to a Date County customer, he lost $400.
This person who spoke with FSG rep right after he signed up with CCR had almost the identical conversation as I did when I signed up.
I am happy that you and your have had a living from this business but these complaints are from people who was ripped off by Federal Supplier Guides. This company has got to get it's business in order and provide what promised or the need to shut down. A publishing company must have a Proof of Publication that works. People should not be expected to put up thousands of dollars and nothing to show for it.
Admin
The Federal Suppliers Guide is a massive con that has been going on since the 90's. Countryside Publishing in Oldsmar, Fla, bought the company in late 2006, and have continued the fraud. There is also another company doing the same scam it is called: The Set Aside Guide. They both have the same con. They contact only small business, both of these companies were owned separate by a set of sisters from New Port Richey, Fla. They keep their ad prices under 5000 to avoid lawsuits, and do not solicit business in Florida. The Feds will not and can not use these supposed Guides. How do I know these things, I worked for both companies for several years each!
Admin
s/should of/should have/
Admin
Now in 2011, they still haven't noticed.
Admin
Admin
Having lived and worked in this area of FL for many years, businesses like this are commonplace. It's usually a wealthy Northerner (typically Boston area or Jersey or New York) with money to throw around who thinks he's a bigshot and comes down here for the low cost of living and no state taxes.
This person starts one, and typically multiple, businesses and skimp and cut corners on everything from office space to equipment (except for themselves, of course) to technical skills to employee pay to maximize their own profit. They act like a Feudal baron, lording it over their employees and usually make excessive demands or even have employees nearly worship the ground they walk on because they are "the boss".
They invest as little as possible into a business so if things go belly up they can pack up their snake-oil and migrate to one of their other "front" businesses or just start another - they almost always have a lot of personal wealth (not usually filthy rich, but rich nonetheless) and lots of personal and professional contacts who can keep their business breaking even at the least, and provide a quick way to get up and running if they have to start another business. They typically bribe the press to publish news articles saying how amazing they and their company are and gush over meaningless awards like "Inc 500" or "Fastest Growing Business in Tampa", pointing to them as proof how good they and their company are. The company culture in places like this is one of a cult - employees praise the owner and act as though they work for the greatest company on the fact of the earth, and how thankful they should be to work at such a place (no joke - I have actually seen this attitude at jobs) and are completely oblivious to everything and anything. The entire company operates like the Borg.
This is how businesses operate in this area of Florida in 9/10 cases. There are some exceptions but most of the time ANY business in the Tampa area (incl. St Petersburg, Clearwater, Oldsmar, Tampa, New Port Richey, Tarpon Springs, Saftey Harbor, Hudson and Spring Hill) is going to be a cult-like scam organization that does nothing right (or is even aware they're doing things wrong) and has employees who are completely brainwashed into thinking the company is the center of the universe.
I'm not joking. This is 100% serious. I live and work in this area and this is what I see all the time.
Admin
If you call cold calling potential dupes work then you are a deluded person.You should be in prison for preying on hard "working" people who are trying to grow their businesses.
Admin
you're a half-ass moron!
Admin
This is funny... get a load of it before they fix it lol http://wgih.listen2myradio.com
Admin
Although federalsuppliers.com is now a deadlink, it looks like the comapny has indeed respawned according to this BBB report (city and a few other details match up) and is now http://www.federalverification.com, or a bunch of other addresses even, such as http://www.gsaapplications.com/ (my personal favorite, since it's the closest resemblence to the original federalsuppliers.com site).
Admin
I'm sure the owner of those sites is a con-artist. They all are. No clue at all of anything wrong, just a business to do the minimum possible while generating income. Maybe a spouse/sibling/child is the on-paper owner so they can tell their friends that they own a business (no joke I worked for a guy for a while whose sole purpose being in business was so his wife could tell her friends back home she owned her own company).
Admin
C* TİM
Admin
Their entire website now returns a blank page with the title "invalid entry."
Admin
6-1/2 years later, in 2014
TALLAHASSEE, Fla.—Attorney General Pam Bondi’s Office filed a complaint against an Oldsmar, Florida-based company allegedly misleading small businesses by claiming to be the U.S. General Services Administration or implying a government affiliation to offer a five-year GSA contract. The Federal Verification Co, Inc. dba GSA Applications conducts business through more than 60 business names and more than 50 websites. The company and manager of the businesses, James Dale Sprecher, allegedly used telemarketing to solicit small businesses and guarantee them a GSA contract within a short time frame, 90 days to six months, for an upfront fee ranging typically from $5,000 to $8,000. A GSA contract allows a business to sell goods and services to the federal government at pre-negotiated pricing. Attorney General Pam Bondi’s Office received more than 200 complaints about the defendants’ unfair business practices.
The Complaint alleges violations of the Florida Deceptive and Unfair Trade Practices Act. According to the complaint the company allegedly:
· Makes false and misleading representations as to the likelihood of a customer successfully obtaining a GSA contract, including assuring the business that it qualifies for a five-year to 20-year GSA contract award; · Makes false and misleading representations assuring government-guaranteed minimum revenues upon a contract award and a 100 percent guaranteed return on investment; · Unfairly collects advance fees, up to $10,000, from customers before services begin; and · Enrolls customers without diligent review of their circumstances, adequate disclosure of requirements pertaining to the customer or its products or services, or regard for the customer’s meaningful probability or being awarded a GSA contract. Anyone who suspects unfair or deceptive business practices can file a complaint with the Attorney General’s Office online at MyFloridaLegal.com or in-state via phone at 1-866-NO-SCAM. Out-of-state individuals can call 850-414-3990.