Slashdot Mirror
Social Search Reveals 700 Comcast Customer Logins
nandemoari writes "When educational technology specialist Kevin Andreyo recently read a report on people search engines, he decided to conduct a little 'people search' on himself.
Andreyo did not expect to find much — so, imagine the surprise when he uncovered the user name and password to his Comcast Internet account, put out there for the entire online world to see.
In addition to his personal information, Andreyo also discovered a list that exposed the user names and passwords of (what he believed) to be 8,000 other Comcast customers. Andreyo immediately contacted both Comcast and the FBI, hoping to find the ones responsible for divulging such personal information to the public.
While the list is no longer available online, analysts fear that the document still lives on in various cache and online history services."
True, in fact, there is already a comment that gives a download mirror, see here. [slashdot.org]"
Nobody waste your time/bandwidth even following that link, as it's to the troll post above which links to nothing but a video and imagery probably nobody wants to see (recall goatse.cx links).
I worked for comcast about 8 years ago and at the time they had a Remedy test account they used for various stuff. One day I decided to login to the ftp using the remedy account and sitting there was a year old file with every subscriber's login and password. And since the ftp site was the account's web site home folder, these were just sitting there available to everyone.
You're not understanding the issue. Yes facebook etc. ask for your email password to get your contact list, but the issue the OP is talking about (though who knows if its true given its an AC who cant recall the original site) is that the site tries to use your supplied email address and the password you use *for that particular site* to try and login to your email account and get your contact list. So you aren't prompted for your gmail/yahoo/hotmail password. They just try to login to your email using your supplied email address and the password for that site. Sneaky given most(?) people use the same password across a wide range of places.
It is.
http://66.218.69.11/search/cache?ei=UTF-8&p=%22ComCast+Mail%22++Kevin+Andreyo&fr=yfp-t-501&u=www.scribd.com/doc/9723141/ComCast-Mail&w=%22comcast+mail%22+kevin+andreyo&d=ZjZ_Sp2uSYep&icp=1&.intl=us
Took about a minute to find.
After all, I am strangely colored.
Actually, what the GPP is referring to is that when you create a Facebook account, it allows you to enter your email password for a few of the major webmail providers (GMail, Hotmail, can't remember the others), trawls through your contact list and/or inbox, and gives you a list of people you've contacted via email who also have facebook accounts. It's a convenient (albeit scary from the security PoV) way to populate your friend list for a new account.
Rampant carbon sequestration destroyed the Dinosaurs' tropical paradise. I'm here to help repair the damage.
It's actually quite simple. When the comcast person arrives at your house and installs the hardware they will want to install the software. Tell them no and to have them call their dispatch. They don't like to do it because now they have to wait on hold, get the person to manually activate the modem (why the software is not built into the modem is beyond me), and wait for it to start. Basically it means the comcast guy will be at your place for an additional 30 minutes. They will, however, not install it on your request. I have never had to persuade, argue, bribe, or threaten the person - I just said "no thanks I prefer not to have any extra software on my computer".
Let's not make it sound like mission impossible.
I do not support "The Man". I also do not support your irrational stupidity