Slashdot Mirror

← Back to Stories (view on slashdot.org)

Database Leak Exposes 3.3 Million Hello Kitty Fans (csoonline.com)

Posted by samzenpus on from the herding-kitties dept.

itwbennett writes: "A database for sanriotown.com, the official online community for Hello Kitty and other Sanrio characters, has been discovered online by researcher Chris Vickery," writes CSO's Steve Ragan, who was contacted about the leak Saturday evening. The database houses 3.3 million accounts containing records including first and last names, email addresses, unsalted SHA-1 password hashes, password hint questions and their corresponding answers, along with other information. The database also has ties to a number of other Hello Kitty portals.

92 comments

  1. Super Happy Security Breach Error Get! by carlhaagen · · Score: 5, Funny

    =(^.^)= Kawaiiiii!

    1. Re:Super Happy Security Breach Error Get! by Anonymous Coward · · Score: 2, Funny

      This is horrible! I'd rather have my Grindr account exposed! Oy! Whatta meesa sayin'?

    2. Re:Super Happy Security Breach Error Get! by Tablizer · · Score: 1, Flamebait

      Now they can get a life and go out to eat at "Super Lucky Happy Golden Family Noodle House".

      --
      Table-ized A.I.
    3. Re:Super Happy Security Breach Error Get! by Tablizer · · Score: 1

      What's with the zero mod? Is this considered racist? I don't get it. Explanation desired, please.

      Note that Hello Kitty is Japanese, while my joke mostly pokes fun at Chinese restaurant names. (I don't know if and how much Japanese restaurants borrow from that.) But I'm sure US restaurant names have patterns that can be poked fun of also. Mimi's, Arbie's, Charlie's, etc. for example.

      The person I replied to also poked fun at Chinese naming tendencies, but they didn't get mod-slammed.

      --
      Table-ized A.I.
  2. The question is by phantomfive · · Score: 2

    What website is there with security that can't be penetrated?
    Don't consider things online to be safe.

    --
    "First they came for the slanderers and i said nothing."
    1. Re:The question is by Anonymous Coward · · Score: 5, Funny

      What website is there with security that can't be penetrated?

      I pen-tested a website for a celibacy group and didn't find any holes.

    2. Re:The question is by Anonymous Coward · · Score: 0

      So, just because a burglar can drive a bulldozer into your home and get in, you shouldn't lock your doors?

    3. Re:The question is by phantomfive · · Score: 1

      I do not see how that question makes sense in this context

      --
      "First they came for the slanderers and i said nothing."
    4. Re:The question is by Anonymous Coward · · Score: 0

      So you say the solution are hello kitty styled chastity belts?

    5. Re:The question is by TWX · · Score: 4, Funny

      What website is there with security that can't be penetrated?

      I pen-tested a website for a celibacy group and didn't find any holes.

      Funny that, I penetration-tested a celibacy group and ultimately the group lost all of its membership...

      --
      Do not look into laser with remaining eye.
    6. Re:The question is by ls671 · · Score: 2

      It isn't a virgin group, we are just libertarians.

      John Redcap
      Celibacy group president.

      --
      Everything I write is lies, read between the lines.
  3. Oblig. by rmdingler · · Score: 1

    Can Has Hashtags.

    --
    Happiness in intelligent people is the rarest thing I know.

    Ernest Hemingway

  4. Less shocking than Hello Kitty not being a cat by buchner.johannes · · Score: 3, Interesting

    This is the first leak I have seen where the password hint questions are leaked too. Will be interesting to see how users in the real world link passwords and password hints, and if algorithms can be developed to uncover 99% of all passwords/answers from password hints -- I presume many password hints contain the answer or substantial parts of it (e.g. "pass + 123" = "pass123").

    --
    NB: The message above might reflect my opinion right now, but not necessarily tomorrow or next year.
    1. Re:Less shocking than Hello Kitty not being a cat by Anonymous Coward · · Score: 1

      Fun little trick, always pick the hint questions as presented until you've chosen the required amount. Now generate an equal number of random words that you can remember. Those are now your answers in order, and unlike 99% of the password hint questions you can't find the answer with 5 minutes of google (e.g mother's maiden name, high school attended, first pet, etc).

    2. Re:Less shocking than Hello Kitty not being a cat by ls671 · · Score: 1

      favorite travel destination: school
      first pet name: computing
      mother maiden name: hacking
      etc..

      --
      Everything I write is lies, read between the lines.
    3. Re:Less shocking than Hello Kitty not being a cat by Anonymous Coward · · Score: 0

      Looks up the adobe 120million account leak. Password hints and encrypted passwords with no salting. I can find the 100 matching passwords and use the 100 secret hints to deduce what it is! What fun I have had with that...

    4. Re:Less shocking than Hello Kitty not being a cat by KGIII · · Score: 1

      Can't they hash and salt all of that - including the actual security questions and allow you to make your own hint/questions? It's not like those are called all that frequently so it shouldn't add a bunch of overhead, should it? And, if so, why the hell are we still not doing that?

      --
      "So long and thanks for all the fish."
    5. Re:Less shocking than Hello Kitty not being a cat by Anonymous Coward · · Score: 0

      You've hit on a fundamental issue. Two years ago I found myself locked out of my online banking and had to phone their 800 number. I couldn't answer my hint questions because back in 1998 I filled them in with random things that I long since forgot about. The end result was a "Hmm, that's not what it says" and the guy had to ask some other questions. He then proceeded verify me by asking some actual relevant questions. Took literally under a minute to do so.

      Anyone who digs up my past and tries to fuck with me that way (and it's happened, I'm drawn to crazy girls who happen to have unbalanced exes) just winds up drawing unwanted attention to themselves.

      Another thing to do (slightly related) is never give an accurate answer when asked for your birthday for online accounts. A proper identity thief can do a surprising amount with nothing but an accurate DOB. Even IRL I get pissed off when people ask me shit like my age and birthday. Why the fuck do you even need to know, nosy prick?

  5. Low-sodium security diet. by geekmux · · Score: 1

    "...unsalted SHA-1 password hashes..."

    Well, of course they're unsalted. Sodium is bad for Kitty.

    "...password hint questions and their corresponding answers..."

    Oh holy shit on a popsicle stick, I wonder how many of them aren't about cats...

  6. That was close... by __aaclcg7560 · · Score: 1

    Another reason not to buy the Hello Kitty microwave oven at Fry's Electronics.

  7. Slashdotters live in terror... by 93+Escort+Wagon · · Score: 3, Funny

    ... that their secret may now come out. Oh, well, it could be worse - it could've been a My Little Ponies site.

    --
    #DeleteChrome
    1. Re:Slashdotters live in terror... by R3d+M3rcury · · Score: 5, Funny

      I was just going to say, hackers will be taking a page out of Ashley Madison:

      "If you don't want your friends to know of your 'Hello Kitty' purchases, transfer $10,000 to this account in the Bahamas..."

    2. Re:Slashdotters live in terror... by kit_triforce · · Score: 1

      Join the herd!
      On a side note I discovered the MLP show and community from /. comments!

    3. Re:Slashdotters live in terror... by rossz · · Score: 1

      Nah. My Little Pony fanbros have no shame.

      --
      -- Will program for bandwidth
    4. Re:Slashdotters live in terror... by randalware · · Score: 1

      We have a hello kitty bathroom decor.
      Inherited it from girlfriend's daughter (it's her house).
      too many other things to spend money on first.

      but now the the shame is too much to bear.

      going to Bed Bath & Beyond for an emergency bathroom make over.

      with a quick stop for some booze at liquor barn...
      your supposed to redecorate bathrooms drunk, right ?

      --
      This is my opinion based on what little I know and understand of the rumors and lies Thanks, Randal
    5. Re:Slashdotters live in terror... by Zero__Kelvin · · Score: 1

      "We have a hello kitty bathroom decor."

      This is what happens when you let big government control your data.

      --
      Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
    6. Re:Slashdotters live in terror... by U2xhc2hkb3QgU3Vja3M · · Score: 1

      Yellow pony is best pony! (yay!)

    7. Re:Slashdotters live in terror... by U2xhc2hkb3QgU3Vja3M · · Score: 1

      going to Bed Bath & Beyond for an emergency bathroom make over.

      If someone there happens to sell you a remote, you'll be able to stop that Hello Kitty bathroom from ever happening in the first place.

    8. Re:Slashdotters live in terror... by grep+-v+'.*'+* · · Score: 1

      "If you don't want your friends to know of your 'Hello Kitty' purchases, transfer $10,000 to this account in the Bahamas..."

      Sorry, there was a language translation error for the original Japanese site. It should have read: Hello Pussy instead.

      It was actually Ashley Madison's VR "furry" site. Believe me, $10K to keep your name off that site would be cheap at TWICE the price. ;-)

      --
      If the universe is someone's simulation -- does that mean the stars are just stuck pixels?
    9. Re:Slashdotters live in terror... by Bite+The+Pillow · · Score: 2

      You left out the account number. Please reply ASAP.

      Posting anon for obvious reasons.

    10. Re:Slashdotters live in terror... by Anonymous Coward · · Score: 0

      OMG PWNIES!

    11. Re:Slashdotters live in terror... by Krishnoid · · Score: 1
      1. Sanrio finds sample emails of that sort and buys ads matching the right keywords
      2. Google serves them up to gmail users when that email is displayed
      3. End-user chooses whether to spend $10k to maybe keep their secret safe, or "Hello Kitty merch sale, just for leaked email addresses!"
      4. Profit!
    12. Re:Slashdotters live in terror... by R3d+M3rcury · · Score: 1

      I gotta admit, when I first saw the phrase, I thought it was a variation of Hello Nurse!

    13. Re:Slashdotters live in terror... by Anonymous Coward · · Score: 0

      ... know of your 'Hello Kitty' purchases ...

      Choose your victims wisely:

      Armoured personal carrier
      AK-47
      M-16
      M-16 variant
      pistol

    14. Re:Slashdotters live in terror... by Anonymous Coward · · Score: 0

      ... that their secret may now come out. Oh, well, it could be worse - it could've been a My Little Ponies site.

      Hello Kitty! Goodbye data!

    15. Re:Slashdotters live in terror... by Anonymous Coward · · Score: 0

      I was just going to say, hackers will be taking a page out of Ashley Madison:

      "If you don't want your friends to know of your 'Hello Kitty' purchases, transfer $10,000 to this account in the Bahamas..."

      Sincerely,

      Vacationing Nigerian Prince.

    16. Re:Slashdotters live in terror... by drinkypoo · · Score: 1

      ... that their secret may now come out. Oh, well, it could be worse - it could've been a My Little Ponies site.

      No, I am a Keroppi fan, I swear!

      Wait, that's not much better, is it?

      ObDisclaimer: I bought crap for my own use at Sanrio well into my twenties. My twenties, alas, have well and truly receded

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    17. Re:Slashdotters live in terror... by Anonymous Coward · · Score: 0

      OMG!!! Ponies!!!

    18. Re:Slashdotters live in terror... by Sadiq-Gill · · Score: 1

      I wonder it all my "Bad Batz Baru" purchases will be revealed?

      --
      Sadiq Gill
    19. Re:Slashdotters live in terror... by KGIII · · Score: 1

      I'm not clicking that link. I haven't got time for that right now. ;-) It's gotta be Animaniacs. I'm not big on TV but that was awesome and Pinky and the Brain was equally awesome. Yes, yes I did smoke a lot of weed back then.

      --
      "So long and thanks for all the fish."
    20. Re: Slashdotters live in terror... by Anonymous Coward · · Score: 0

      Smoked a lot then, smoke a lot now. Not much has changed, except teh internetz.

    21. Re: Slashdotters live in terror... by KGIII · · Score: 1

      I concur! Heh... I have the entirety of Pinky and the Brain, via torrent I think, at my house. I think when everything settles down and the missus and I head up to bed, I'll probably stream it and watch some tonight. I'm in Florida and they *really* frown on weed here so I didn't bring any with me and I won't be going to buy any. There are other things to do, I guess. It is Florida, after all.

      --
      "So long and thanks for all the fish."
  8. Another huge government failure. by Anonymous Coward · · Score: 0

    This is what happens when you let big government control your data.

  9. I have a great idea! by Anonymous Coward · · Score: 5, Insightful

    Step 1. Lay off the sysadmin, the DBA, the network admin, and the developer

    Step 2. Hire a "full stack developer" and pay him one below-market salary to do 4 peoples' jobs at once

    Step 3. ???

    Step 4: PROFIT!!!

    1. Re:I have a great idea! by Anonymous Coward · · Score: 0

      *sigh*

      You know that 99% of people that run websites are not security experts right? Most small companies run like this. One or two guys who do desktop support, maintain server infrastructure. They may also maintain the website. If you are lucky and the website is important / revenue generating, you get a dedicated website developer (yay!). I have never met a website developer who knew dick about security. They are asked 1) can you code and 2) can you design and 3) do you know CMS x.

      Now who knows what kind of website hello kitty.com is. Probably some standard web forums left on a VM and onyl touched one or two times a year. Most likely it just drives product sales.

      Security breaches are bad, but its really near impossible to keep updated with all the patches something like drupal with extensions unless you make it a priority. The guy who designs the website needs to be pushed to learn security, and oftentimes they don't think its their responsibility. In fact, i rarely meet developers who think security is anything more than an afterthought. That and so much off the shelf code for convenience is why their are so many breaches. Do you think hellokitty.com should pay someone 80k a year just to do security? Maybe now they will, but never before a breach do they even consider it. Its more likely at this point that they just shut the site down as a liability.

      welcome to the real world, amateurs and lack of budget abound.

    2. Re:I have a great idea! by Anonymous Coward · · Score: 0

      In fact, i rarely meet developers who think security is anything more than an afterthought.

      Find somewhere else to work. Just about every dev I've worked for gets it at the last couple of places I've worked...so since 1999.

    3. Re:I have a great idea! by Anonymous Coward · · Score: 0

      Most small companies run like this.

      Do you think hellokitty.com should pay someone 80k a year just to do security?

      Sanrio.

      Repeat after me: Sanrio.

      Sanrio could build a fucking Gundam if they so desired. Yes, they should hire someone at $80k/year just to do security.

    4. Re:I have a great idea! by Anonymous Coward · · Score: 0

      Sanrio.

      Repeat after me: Sanrio.

      Sanrio could build a fucking Gundam if they so desired. Yes, they should hire someone at $80k/year just to do security.

      IF they have something worth protecting, that is. The user accounts of "hello kitty" fans? No big deal, give them free new accounts or something. And perhaps some hello kitty stickers too, if they really are upset about this. Nobody has real problems being exposed as a hello kitty fan - you can always say "I only signed up for the kids".

    5. Re:I have a great idea! by Anonymous Coward · · Score: 0

      Now who knows what kind of website hello kitty.com is. Probably some standard web forums left on a VM and onyl touched one or two times a year. Most likely it just drives product sales.

      Hilarious! How the hell did you manage to get to adulthood and be net-aware enough to get onto /. and still not know who Hello Kitty is?

    6. Re:I have a great idea! by KGIII · · Score: 1

      you can always say "I only signed up for the kids".

      That can be taken horribly out of context.

      --
      "So long and thanks for all the fish."
  10. G.K. by Tablizer · · Score: 1

    Goodbye Kitty

    --
    Table-ized A.I.
  11. God damn it. by PopeRatzo · · Score: 1

    Everything happens to me.

    --
    You are welcome on my lawn.
    1. Re:God damn it. by KGIII · · Score: 1

      The little missus has Hello Kitty panties and a couple of shirts and a hat. :/ It's already a little awkward going out in public with a g/f that's nearly 40 years my junior (oh, the stares the women give me - the men smile and nod knowingly) but it's a bit more awkward when she's wearing a Hello Kitty fuzzy hat or, now that we're down here, a shirt.

      Ah well... It could be worse. She could be wearing just the hat, shirt, and panties. I'm pretty sure that someone will just shoot me at that point. It is Florida after all.

      --
      "So long and thanks for all the fish."
    2. Re:God damn it. by PopeRatzo · · Score: 1

      It's already a little awkward going out in public with a g/f that's nearly 40 years my junior

      Especially when you're only 48 years old.

      --
      You are welcome on my lawn.
    3. Re:God damn it. by KGIII · · Score: 1

      Heh, we need the pedobear gif that says, "Too old!" I was having an email chat with another /.er and we've concluded that the old ladies hate it and the old men are envious. I imagine that means nothing good can come of it. The Hello Kitty panties were kind of odd for me at first. I wasn't quite sure how to take it but I've adapted just fine. ;-)

      As an aside: Man, Florida is lovely this time of year. It was in the 70s and there were a few small showers. It's dark in Maine and probably about 32 f. at home but probably colder with the wind chill. Hmm... Nope, Google says it's snowing but pretty warm (almost 40 - but the house is up on the mountain) and 20 MPH winds. I was walking on the beach earlier today.

      --
      "So long and thanks for all the fish."
  12. This time ISIS has gone TOO FAR!!! by Anonymous Coward · · Score: 2, Funny

    Quick Lil'Joe...to the Pentagon!

  13. 1,2,3 New round of blackmail as list may be posted by bagboy · · Score: 2

    Maybe you lucked out from the Ashley Madison fiasco, but if your name is on this list, exposure may cost you more than you know.

  14. Why oh why? by MadMaverick9 · · Score: 0

    Why do people sign up for every website they come across?

    This is a website about some japanese cat for crying out loud.

    Why do people sign up for something like this? I guess it's the same people who sign up for safeway cards, starbucks cards and other discount cards.

    I just don't get it.

    You go into the store, you buy the shit you want and you leave. Just leave it at that for crying out loud. What's wrong with these people?

    1. Re:Why oh why? by Bite+The+Pillow · · Score: 1

      Belonging is important. Saving money, aka spending fewer dollars on stuff you would not buy at full price, is as euphoric as drugs.

      So many other reasons. Give it some thought and come back. I'm sure you can come up with one or two more.

      You are in the minority, and it would serve you well to understand a bit about "these people".

    2. Re:Why oh why? by MadMaverick9 · · Score: 1

      Belonging is important.

      Maybe to you - but not to me.

      it would serve you well to understand a bit about "these people".

      No! I will not lower myself to that level.

      You are in the minority

      Thank you! And I am proud of that fact!

    3. Re:Why oh why? by MadMaverick9 · · Score: 1

      Belonging is important.

      You have pointed out one of civilization's biggest problems - besides a few others.

      People are afraid.

      People are afraid of being alone; afraid of not fitting in; afraid of making decisions for themselves by themselves.

      Which is the main reason for "social media" and "amazon reviews", etc.

    4. Re: Why oh why? by Anonymous Coward · · Score: 0

      Says the nonAC. I'm way more Rick than you.

    5. Re:Why oh why? by BBF_BBF · · Score: 1

      Why do people sign up for every website they come across?

      This is a website about some japanese cat for crying out loud.

      Why do people sign up for something like this? I guess it's the same people who sign up for safeway cards, starbucks cards and other discount cards.

      I just don't get it.

      You go into the store, you buy the shit you want and you leave. Just leave it at that for crying out loud. What's wrong with these people?

      Yeah, why oh why do people sign up for a site like slashdot, especially when one could do it anonymously?

      This is a website about "news for geeks" for crying out loud.

      Why would MadMaverick9 sign up for something like this? I guess it's the same people who sign up for engadget, arstechnical and reddit.

      I just don't get it.

      You go to the site and read the articles and leave. Just leave it at that for crying out loud. What's wrong with MadMaverick9?

    6. Re:Why oh why? by aaarrrgggh · · Score: 1

      You had me until Starbucks cards; as a stored value card they are great. The account also has value in being able to pre order your drinks. Everything is relative, but whatever.

    7. Re:Why oh why? by Anonymous Coward · · Score: 0

      Different AC here.
      You asked a question of the nature " why do people do X"
      The question was answered with a generalization about people who did X.

      And you reply to that with "I'm not like that!" I'm better than those people!
      That is retarded behavior, and it just means that, yes, you are like those people ( a retard), but retarded in a more annoying way.

    8. Re:Why oh why? by Anonymous Coward · · Score: 0

      Why do people sign up for every website they come across?

      Says the guy with a slashdot account. Oh snap!

    9. Re:Why oh why? by NominalLoss · · Score: 1

      To be fair though, nearly all the recent mass shooting were done by despondent loners. I prefer my people buying useless crap and hanging out on Rule 34 then gunning down innocents.

  15. Bad by robbiedo · · Score: 1

    Bad Badtz Maru...

  16. Funny ol' world by jandersen · · Score: 1

    It would probably be more damaging to one's career - certainly as a hard talking politician - to be found on the Hello Kitty fan club's name list, than any revelations about drug taking, sexual deviancy or Communist sympathies. Ant chance that there were names of top terrorists among them?

  17. Password hints by Anonymous Coward · · Score: 1

    I always found this "password hint" thing a huge security hole, sacrificing the bit of security there is in a user-chosen password for the benefit of the "service" provider.

    For me, the simple password is (for unimportant things) always the result of "pwgen -n 8". My favorite's pet name is the result of "pwgen -n 16", which I write down if my account is in some way important to me (highly unlikely for one having a password hint) -- or which I forget right away.

    Lost the password? lost the account. Helps me keeping independent.

  18. Hello Kitty Rainbow Tables by dbIII · · Score: 1

    When the mod system came in and AC comments were modded down it was time to sign up. Then when I forgot the password and had the account linked to a previous work address I signed up again. What's your excuse :)

    The thing that will suck the most here is a pile of those users will have the same passwords out there on something else.
    Script kiddies with Hello Kitty Rainbow Tables - if someone had taken that to an SF editor a while ago it would have been thrown out as too silly and too far fetched - but now it's probably real!

  19. Hello Chitin! by Anonymous Coward · · Score: 0

    Obviously, there was a bug in the website's security!

    Come come chitin chitin, you're so pretty pretty iridescent, don't leave stay around me! Say hello to Chitin!

  20. good run, but by Tablizer · · Score: 1

    now the poor cat has to go back to her day job.

    --
    Table-ized A.I.
  21. Could someone expose the Slashdot user database ? by LordHighExecutioner · · Score: 3, Funny

    I am so curious to learn who is behind the user name "Anonymous Coward". He is such a prolific, sleepless contributor...

  22. For what? by Anonymous Coward · · Score: 0

    3.3 milliions 10 year old girls? Since they hardly have any credit cards it's just useful for sexual predators.

    1. Re:For what? by Anonymous Coward · · Score: 0

      3.3 milliions 10 year old girls? Since they hardly have any credit cards it's just useful for sexual predators.

      I thought so too, but so far am not having any luck with the little vixens.

  23. PHP by Anonymous Coward · · Score: 0

    I think it's highly relevant that the site that was compromised was written in PHP.
    Not necessarily because there's the possibility that a PHP language or PHP community induced flaw lead to the compromise, because it could have been an inside job...
    But because PHP, even though it's mainly used for things like CMSs, blogs, ecommerce, and such that have user logins, lacks a standard language-native built-in login system. Yes, there are libraries you can use, but a) these don't ship with it by default, b) the documentation doesn't tell you to use it and c) the majority of them contain severe security issues.

    1. Re:PHP by Qzukk · · Score: 1

      lacks a standard language-native built-in login system

      Have you seen a language that includes it's own native login system?

      --
      If I have been able to see further than others, it is because I bought a pair of binoculars.
  24. I Have No Mouth, And I Must Yowl by drinkypoo · · Score: 1

    I THINK, THEREFORE I'M CUTE

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  25. Just from their market alone by laurencetux · · Score: 1

    can you imagine the kind of money you can raise tapping a market that 1 Cute 2 has poor impulse control 3 tends to have access to large sums of money? (oh thats right you can just look at the Sanrio tax filings [just remember to account for all the divs])

  26. I can't believe it! by Anonymous Coward · · Score: 0

    I just can't wrap my head around the fact that there are 3.3 million "hello kitty" fans. They have to have Ashley-Madison style fake accounts on there.

  27. Re:Could someone expose the Slashdot user database by Anonymous Coward · · Score: 0

    I am Anonymous Coward.

    No, I am Anonymous Coward.

    We're all individuals.

    (Ha!, the captcha is 'nickname'. Must be the new Irony generator at /.)

  28. In the grimdark future of Hello Kitty... by Chris+Mattern · · Score: 1

    ...there is only war.

  29. Re:I have a great idea! [prevention evaluation] by Tablizer · · Score: 1

    Lay off the sysadmin, the DBA, the network admin, and the developer...Hire a "full stack developer" and pay him one below-market...

    It's difficult to convince many managers that prevention is worth it. They are probably lied to by vendors and past staff enough such that they only pay for clear-cut and immediate needs rather than hard-to-verify prevention.

    A lot of vendors and spinner employees claim crap like, "Oh, you need to purchase/build/install a Flux capacitor to prevent the thibble-bop from overloading and crashing the dookitron." After being burned a couple of times, they don't pay even for legitimate prevention because they cannot tell the difference, and so skip ALL prevention.

    It's a problem that plagues many forms of technology and infrastructure, such as building construction, plumbing, car repair, etc. The end user cannot easily verify prevention claims.

    Yes, one can google around for advice, but it could take several hours to absorb it, and still require specialized experience to evaluate. Time is money for businesses.

    If it's the main line of business (primary source of profit), then managers usually know what to look for. However, if it merely supports the main line of biz, such as retail and character licensing in this case, then they are typically unfamiliar with it and skeptical.

    --
    Table-ized A.I.
  30. Re:Could someone expose the Slashdot user database by Anonymous Coward · · Score: 0

    We're all individuals.

    I'm not.

  31. Re:Could someone expose the Slashdot user database by Tablizer · · Score: 1

    Spartacus can kick your anonymous ass

    --
    Table-ized A.I.
  32. Fuck me by DanJ_UK · · Score: 1

    Just imagine, all the possibilities, with this information.

    For fucks sakes how did this submission get accepted?

    --
    - Dan
    1. Re:Fuck me by Anonymous Coward · · Score: 0

      A data breach of 3.3 million users worth of information that includes poorly secured password information isn't newsworthy on a tech news site?

      Get the fuck out of here with that bullshit

    2. Re:Fuck me by DanJ_UK · · Score: 1

      Please, really?

      --
      - Dan
  33. This is more embarrassing... by cfeagans · · Score: 1

    ... than being on the Ashley Madison list. The Hax0rs have gone too far this time!