Rage at Autodesk
- Thread starter iviv
- Start date
@OP - since you made this discovery - why not drop a few brief e-mails to tech journalists at UK newspapers. The press do seem to like exposing organisations which have been slack with looking after personal data - it might also provide a strong motivation for them to fix the problem and for enforcement action to be taken against them.
I think people would be suprised at how insecure computers are in general.
Only a few months ago one of the largest certificate authorities got hacked and lost certificates for hotmail, google ect. They hosted about 1/5th of the websites certificates.
This means any website could impersonate one of those and youd be none the wiser. The whole certificate system is broken really as 75% of people click "Add exception" when they see a certificate error, when infact they could be passing on all data they send to somebody else before its then relayed to the correct server.
Only a few months ago one of the largest certificate authorities got hacked and lost certificates for hotmail, google ect. They hosted about 1/5th of the websites certificates.
This means any website could impersonate one of those and youd be none the wiser. The whole certificate system is broken really as 75% of people click "Add exception" when they see a certificate error, when infact they could be passing on all data they send to somebody else before its then relayed to the correct server.
Soldato
- Joined
- 6 Nov 2002
- Posts
- 9,939
- Location
- London UK
For those unaware of who Autodesk are or unable to google them see here, http://en.wikipedia.org/wiki/Autodesk.
With $$$ figures like that there is no excuse to have these type of flaws in you web security.
With $$$ figures like that there is no excuse to have these type of flaws in you web security.
All that coming from the person who couldn't type autodesk into google correctly!
Soldato
- Joined
- 6 Nov 2002
- Posts
- 9,939
- Location
- London UK
Appears to be offline now, but as above no way to cover this up.
![[FnG]magnolia](/styles/overclockers/avatars/9.png){kind=avatar}
Caporegime
- Joined
- 29 Aug 2007
- Posts
- 28,763
- Location
- Auckland
That means you're a moron.
Or trolling, I prefer to think it is the latter.
On topic: I'm finding it quite shocking the lack of security from these companies.
I wasn't trolling, I genuinely had no idea what everyone was getting so worked up about. And yes I could have googled it but given that everyone was so uptight I thought I'd ask what was going on. Thanks for the input.
Anyway, back on topic
appears to be a bigger list of personal details in this file - corporate peeps rather than students:
http://au.autodesk.com/ama/i_company_edit.txt
http://au.autodesk.com/ama/i_company_edit.txt
Fine here.
Start deleting your browsing history dude. In fact, nuke it from orbit just to be sure!
Soldato
- Joined
- 1 Sep 2005
- Posts
- 10,001
- Location
- Scottish Highlands
Time to fire up those VPNs and dozen proxies?
[FnG]magnolia;19987564 said:I wasn't trolling, I genuinely had no idea what everyone was getting so worked up about. And yes I could have googled it but given that everyone was so uptight I thought I'd ask what was going on. Thanks for the input.
Anyway, back on topic
My mistake, I meant no offence.
Basically, couple thousand personal credentials are open to anyone with a computer/internet. A billion dollar company that has such lax security with personal details, it's worrying really.
Just like the Sony fiasco.