|
I don't think you could be charged for pointing out an error. On the contrary, the more prooves you'll have that you informed them of their mistake, the better. You could even send them a recorded delivery letter, just to be sure they get the message. And it could serve as a proof if they would try to sue you.
"Five fruits and vegetables a day? What a joke!
Personally, after the third watermelon, I'm full."
|
|
|
|
|
I hope nothing happens to you, and it probably won't, but I stopped pointing out security flaws after I had an ISP come after me for it when I was a teen.
Not my fault SMB was insecure as hell and they had an internet facing NT4 machine that bridged their local network onto the internet.
I sent them a message box on the screen of that PC, explaining i was a user and warning them of the flaw.
Maybe that wasn't the best way to do it, but I wanted to highlight the urgency of it, so I figured an email wouldn't cut it.
They weren't pleased.
Real programmers use butterflies
|
|
|
|
|
honey the codewitch wrote: Maybe that wasn't the best way to do it,
Agreed. I'm pointing out the flaw via "normal" channels. You took advantage of the flaw to make them aware of it. If I've learned anything, it's that this is a big no-no.
|
|
|
|
|
I wasn't exactly known for making good decisions as a teenager.
Real programmers use butterflies
|
|
|
|
|
...and why stop there, right?
|
|
|
|
|
hahaha never ask a bipolar person that. we are pretty extreme/intense. we will have an answer, and it's always a dramatic one.
Real programmers use butterflies
|
|
|
|
|
I'm just trying to see if I can trigger you.
Should I start worrying yet about being able to live to tell the tale?
(and in the unlikely event you're taking me seriously: Never take me seriously.)
Had a girlfriend once who--if I didn't know any better--I could swear was bi-polar. What a roller-coaster ride. The highs were high, but the lows were just too low for me. I'm cautious to a fault these days.
|
|
|
|
|
dandy72 wrote: I'm just trying to see if I can trigger you.
Good luck as I'm heavily medicated against it. =)
dandy72 wrote: Should I start worrying yet about being able to live to tell the tale?
Nah, I'll probably just hex you and make your eyebrow hair fall out or something.
Real programmers use butterflies
|
|
|
|
|
honey the codewitch wrote: Nah, I'll probably just hex you and make your eyebrow hair fall out or something.
Maybe someone's beat you to it, because I've always had a barely visible amount of eyebrow hair.
|
|
|
|
|
Doesn't sound like you did anything that would cause them to sic lawyers on you, unfortunately these days you never know. The old adage 'no good deed goes unpunished' comes to mind.
"the debugger doesn't tell me anything because this code compiles just fine" - random QA comment
"Facebook is where you tell lies to your friends. Twitter is where you tell the truth to strangers." - chriselst
"I don't drink any more... then again, I don't drink any less." - Mike Mullikins uncle
|
|
|
|
|
Yea, as others have mentioned, I stopped doing this as well. Pointed out a security flaw during a job interview once as I figured it would reflect well on my ability to do the job I was interviewing for. They did not appreciate it (or fix it last I checked).
|
|
|
|
|
To be sure, I went out of my way (I think) to mention I'm some random guy they are sending data to; that's not me poking around and trying to find flaws and making threats.
I didn't mention also that it would be trivial to go very public about it, and that in these days of very public security breaches, it would be easy for me to try to embarrass them. None of that noise. I've kept it very low-key with this one contact. And I'm not going to try to go over her head if nothing's done or she doesn't respond.
|
|
|
|
|
I would take a different approach than the others (and you) who have had their hands slapped for this kind of thing. I would go public in as big a way as you possibly can. Advertise it far and wide. Those feeble minded-idiots can't accept these things gracefully so do not give them the option of coming back at you. Publicize it and make sure everyone knows what fools they are and I see no reason what so ever to withhold their names.
Also - word is failure. Fail is not a noun. It is a verb.
"They have a consciousness, they have a life, they have a soul! Damn you! Let the rabbits wear glasses! Save our brothers! Can I get an amen?"
|
|
|
|
|
Isn't fail correct if it is in fact happening at the moment?
|
|
|
|
|
Rick York wrote: Also - word is failure. Fail is not a noun. It is a verb. "Fail" is also a noun (as is "pass"), and is used in the correct context in the title.
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
"Epic fail" is a meme. I wasn't going for correct grammar.
About going public: I had thought about it, make a big splash, get it all over Twitter and Facebook and whatever other social media platforms they might have a presence on (people nowadays seem to do it all the time to "get things done" in a very public fashion)...but then I have no account on any of these platforms and would rather maintain my low internet profile. I wouldn't want Google to start caching this sort of story and have my name associated with it for time eternal.
|
|
|
|
|
Login and check out the place. I am sure that the managers will be very excited that at least one person checked out the training materials!
I, for one, like Roman Numerals.
|
|
|
|
|
Are you sure it's not a scam and the pdf has some virus?
|
|
|
|
|
No. The pay statement emails all originated from the correct domain, every two weeks, there's nothing in it that tries to "trick me" into opening it (as I said the PDF itself is password-protected) and the lady I had managed to contact pretty much confirmed what was going on.
|
|
|
|
|
Maybe you should send an official-looking mail to one of their top managers, and see how they respond.
|
|
|
|
|
At this point I've just informed them of the original problem (which they've fixed) but this is another matter--but both stem for the same reason...the bottom line is that one of their employees gave them an incorrectly-spelled email address, which happens to be Random Guy's address (me).
This contact has been responsive before, so I don't feel the need to go over her head. If they choose to ignore it this time around, I don't feel particularly compelled to do anything about it.
|
|
|
|
|
People usually don't respond well to being told they're wrong.
Anyway, it was nice knowing you
|
|
|
|
|
If I suddenly stop posting over the next few days/weeks you'll know why.
|
|
|
|
|
Do naughty disk drives get sent to boot camp?
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
some people chkdsk, me, I prefer to chuck disks that misbehave.
after many otherwise intelligent sounding suggestions that achieved nothing the nice folks at Technet said the only solution was to low level format my hard disk then reinstall my signature. Sadly, this still didn't fix the issue!
|
|
|
|