Quote:
|
Originally Posted by Sly
I really don't understand how none of you are at least just a little bit upset that there was/is a problem with exposed passwords? Your passwords don't matter at all to you? What other problems might US have?
|
Because Sly nothing was really exposed. Basically it's something like this.
You log into unified stats members area to download the program and the url looks like this.
username:
[email protected]/members/
Now you click the link to boobdollars from within the members area.
If boobdollars looks through his referral logs he's going to see this url
username:
[email protected]/members/...as a referrer.
So now he knows someone's username and password to unified stats.
He doesn't know your user/pass for any programs or any other sites, just that he can log into unified stats and look around with your username/password.
WOW, what a security flaw
What I find hilarious is that JB has had months to try and pick apart unified stats and this was the best he could do. Fucking pathetic.
I've got half a mind to cancel my stats remote subscription and go with unified.