I'm absolutely positive that Amazon's management knows this is a security exploit. But keep in mind that what Amazon publicly states has direct impact on the stock price.
Scenario: Amazon says their website is currently insecure and that they are working to solve the problem. Result: They just admitted that they do not have effective security, therefore they have a system-wide problem, therefore the stock takes a significant hit. And they just opened the door to legal questions about the security of all that private information they already have.
Scenario: Amazon says nothing at all until they have a security fix. Result: Amazon takes a PR hit from the LGBT and civil-rights population, lowering sales, and therefore lowering stock price.
Scenario: Amazon lies about the weak security cause, instead claiming it was a temporary technical glitch. At the same time, they go an review the security system and fix the real problem
( ... )
Obviously I've missed out on picking up the concept of "lulz" - the guy who did this strikes me as a complete shitnozzle, and I'd say the same thing even if he targeted books I don't care for. How this could be considered amusing is simply beyond me - it strikes me as the same sort of attitude that I imagine virus authors have.
"did it for the lulz" is really "I'm antisocial and destructive and anywhere else this would be bad but because the internet lets me hide behind my computer and I'm surrounded by similarly-minded peers this is AWESOME LULZ"
Hack? Mmmmm... pretty labor-intensive and improbable, IMHO. In addition, it is not any of the different explanations offered by Amazon after it decided to come clean, [cleaner, cleanest].
I find the part about getting someone at "pick you favorite major web site" to include a hack in their web page to be particularly implausible. Especially if that major web site is Alexa, given that Alexa is owned by Amazon.
My mistake. Nat pointed that out earlier, though the original entry is now protected. The Bad Guy's friend worked at a site that had a high Alexa ranking, not actually Alexa. Your point remains valid, though.
Comments 11
(The comment has been removed)
Reply
(The comment has been removed)
Scenario: Amazon says their website is currently insecure and that they are working to solve the problem.
Result: They just admitted that they do not have effective security, therefore they have a system-wide problem, therefore the stock takes a significant hit. And they just opened the door to legal questions about the security of all that private information they already have.
Scenario: Amazon says nothing at all until they have a security fix.
Result: Amazon takes a PR hit from the LGBT and civil-rights population, lowering sales, and therefore lowering stock price.
Scenario: Amazon lies about the weak security cause, instead claiming it was a temporary technical glitch. At the same time, they go an review the security system and fix the real problem ( ... )
Reply
A couple more links:
http://pastebin.ca/1390576
http://tehdely.livejournal.com/88823.html
I wonder when he'll go after YouTube's "Flag Objectionable Content" system.
Reply
Reply
"did it for the lulz" is really "I'm antisocial and destructive and anywhere else this would be bad but because the internet lets me hide behind my computer and I'm surrounded by similarly-minded peers this is AWESOME LULZ"
Reply
Reply
Reply
Reply
Reply
Leave a comment