JasonRosenfeld
Stunt Coordinator
- Joined
- Mar 15, 2002
- Messages
- 199
I am suggesting it was sniffed at the time it was sent from AU. I don't think it was via a secure form.
Home Theater
Entertainment & Streaming Content
Physical Media
Home Theater Equipment and Hardware
Other Diversions
Bargains and Classifieds
Home Theater Forum
My So Called Life preorders... kiddie porn? (1 Viewer)
- Thread starter Jeff Ulmer
- Start date
JoeDeM
Stunt Coordinator
David Lambert
Senior HTF Member
- Joined
- Aug 3, 2001
- Messages
- 11,377
JasonRosenfeld
Stunt Coordinator
- Joined
- Mar 15, 2002
- Messages
- 199
What it ultimately comes down to is this: for about a year now, I've stopped assuming my emails were not read. I also have 1024 bit encryption with PGP for important emails.
At my last job, I refused to email server passwords to a colleague. He ended up writing to my boss saying I was insanely paranoid, and that I was insisting on using "military grade" encryption. What a bozo. I still never sent the stuff, I wrote it down and gave it to him.
I run a postnuke (pgp)-based site for fun. With thousands of people working on the postnuke project we still continue to find vulnerabilities.
A company might be doing things right, and then Microsoft ends up issuing a security patch on the OS level. Pretty much, as with burglary, if people want to get at data, they can probably get it.
Or sadly, an executive named Tony, might have used the password "Tony" rendering all security meaningless. I read somewhere that the most common password is "password."
Jason
At my last job, I refused to email server passwords to a colleague. He ended up writing to my boss saying I was insanely paranoid, and that I was insisting on using "military grade" encryption. What a bozo. I still never sent the stuff, I wrote it down and gave it to him.
I run a postnuke (pgp)-based site for fun. With thousands of people working on the postnuke project we still continue to find vulnerabilities.
A company might be doing things right, and then Microsoft ends up issuing a security patch on the OS level. Pretty much, as with burglary, if people want to get at data, they can probably get it.
Or sadly, an executive named Tony, might have used the password "Tony" rendering all security meaningless. I read somewhere that the most common password is "password."
Jason
Paul D Young
Second Unit
- Joined
- Feb 8, 2001
- Messages
- 351
David Lambert
Senior HTF Member
- Joined
- Aug 3, 2001
- Messages
- 11,377
Did anyone else (hopefully everyone else?) get an e-mail today from Another Universe? Signed by Jason Rosenfeld, and starting like this:
(Total reading time is about 2 minutes)
Hey Everyone.
This email begins with an update on production of the boxed
set, gives the scheduled release date (mark your calendars!)
and requires that you click on one or two options. If your
email client cannot handle HTML email, you may have to cut
and paste a link. As always, email me with any problems.
I find it passing strange that this note showed up, telling us that we have to now either pay for our order in advance or else just cancel the order, without addressing the kiddie porn spam issue either directly in the note or by at least mentioning something in a separate e-mail to anyone who complained about getting the spam.
Thoughts? Hopefully Jason (or Justin) will pop in here overnight and mention something about the legitamacy of this. It probably is legit, but I'm elevated to the level of paranoia right about now.
If I don't see anything by morning, I'll send an e-mail along these lines to the address Jason left for us before. My wife still wants this item, but it would be nice to have assurances that this matter is being resolved and that their site's security is a paramount issue...especially since this e-mail requires us to click on one link to say we're still committed to buying (enough to pay all costs up front) or click on the other link in order to cancel the whole deal.
Opinions?
Markus Lidstrom
Stunt Coordinator
- Joined
- Jan 25, 2002
- Messages
- 134
What was the domain of the email adress used? (@shaw.ca for example)
David Lambert
Senior HTF Member
- Joined
- Aug 3, 2001
- Messages
- 11,377
The new e-mail y'mean?
It came from "[email protected]". But as we all know, such things can be faked, and upon responding the hackers can sniff the information they might want.
For instance, if the original secure form WAS hacked and they have our e-mail addresses and credit card #'s, then this could be a way of verifying card-to-address identity, in order to take the next step in identity theft.
Yeppers, I'm being paranoid. But just because I am, it doesn't mean their not out to get me!
It came from "[email protected]". But as we all know, such things can be faked, and upon responding the hackers can sniff the information they might want.
For instance, if the original secure form WAS hacked and they have our e-mail addresses and credit card #'s, then this could be a way of verifying card-to-address identity, in order to take the next step in identity theft.
Yeppers, I'm being paranoid. But just because I am, it doesn't mean their not out to get me!
BrianB
Senior HTF Member
- Joined
- Apr 29, 2000
- Messages
- 5,205
just to be clear - the reply-to address on that new email is: [email protected]
David Lambert
Senior HTF Member
- Joined
- Aug 3, 2001
- Messages
- 11,377
Actually, no it wasn't...and that's part of my problem with it!
Look again at what I posted. One of the n's is missing...the first "n" in "universe", making it "uiverse".
It came from [email protected]
I copied-and-pasted directly from the header!!!
Which is, again, why I'm acting so paranoid.
Look again at what I posted. One of the n's is missing...the first "n" in "universe", making it "uiverse".
It came from [email protected]
I copied-and-pasted directly from the header!!!
Which is, again, why I'm acting so paranoid.
BrianB
Senior HTF Member
- Joined
- Apr 29, 2000
- Messages
- 5,205
But the /reply-to/ address is correct. That's where the replies would be addressed to. It doesn't exactly fill me with faith when the postmaster can't correctly write out his/her own email address though, I have to say.
Justin Lane
Senior HTF Member
- Joined
- Jan 18, 2000
- Messages
- 2,149
Guys,
I was just looking through my deleted e-mail, and noticed I got the same e-mail for kiddie porn...thing is, I never placed an oreder from another universe nor am on their mailing list.
The e-mail the message was sent to, is not my usual e-mail either, but it was an e-mail I posted here on the HTF when I was selling some stuff. Could these porn sites be filtering this board for e-mail addresses or IP addresses? The Home Theater Forum is beginning to look like a common link.
J
I was just looking through my deleted e-mail, and noticed I got the same e-mail for kiddie porn...thing is, I never placed an oreder from another universe nor am on their mailing list.
The e-mail the message was sent to, is not my usual e-mail either, but it was an e-mail I posted here on the HTF when I was selling some stuff. Could these porn sites be filtering this board for e-mail addresses or IP addresses? The Home Theater Forum is beginning to look like a common link.
J
- Joined
- Aug 23, 1998
- Messages
- 5,582
David, I got the same email that you did with the "pay now or cancel" message, and no mention of the porn spam - and I STILL don't have confirmation of the order after two phone calls and being told I'd get one, even though they have charged my card!
I still don't know what the final cost will be since they haven't said what shipping outside the US is, and the guy at AU I spoke to not 2 days ago said they had no idea what was going on with this at that time, so how do they have it all worked out now?
As for HTF being a hub for this, the email they used to spam me was specific to that order, so they couldn't leach it from HTF.
It is too bad, because this series has some great moments, and done properly would be a joy to own. However, the experience thus far seems like they can't manage much in the way of customer service, and there are serious security issues at the store. Considering the fishiness of what has transpired, I can't say I'm too confidant that we aren't getting scammed to start with, or that the final product will live up to expectations, if it even comes out.
I have no beef with the company, but there is an extreme lack of professionalism in how this is all being handled, which doesn't give me much faith.
I still don't know what the final cost will be since they haven't said what shipping outside the US is, and the guy at AU I spoke to not 2 days ago said they had no idea what was going on with this at that time, so how do they have it all worked out now?
As for HTF being a hub for this, the email they used to spam me was specific to that order, so they couldn't leach it from HTF.
It is too bad, because this series has some great moments, and done properly would be a joy to own. However, the experience thus far seems like they can't manage much in the way of customer service, and there are serious security issues at the store. Considering the fishiness of what has transpired, I can't say I'm too confidant that we aren't getting scammed to start with, or that the final product will live up to expectations, if it even comes out.
I have no beef with the company, but there is an extreme lack of professionalism in how this is all being handled, which doesn't give me much faith.
David Lambert
Senior HTF Member
- Joined
- Aug 3, 2001
- Messages
- 11,377
Okay, Gord of TVShowsOnDVD has been in touch with these guys about the kiddie porn spam thing, which they are investigating still. He talked to Jason personally about it, and at the time Jason mentioned being concerned about the credit card authorization 30-day limit, and said he was planning to send out a note along this line. So Gord assumes this note is legit, since it's exactly what Jason described was going to happen.
As with Jeff Ulmer, there's no way anyone could have leached the e-mail address I used from HTF, and HTF has good security in place for protection of e-mail addresses anyway, so I'm sure we're not the target. In fact, Gord informs me this morning that when Jason spoke to him, the fact was that the investigation was hampered because "he's only received a few messages from members of HTF about it so it's becomming very hard to track down the cause/source of it". But I'm sure that the only reason HTFers are complaining is because of our "community" ability to figure out that we're all involved from this one common source!
After work tonight I'll probably officially respond to Jason's e-mail, despite my paranoia and fishiness. I'll have to talk it over with the missus to decide what that response will be, but I know she still wants the set!
As with Jeff Ulmer, there's no way anyone could have leached the e-mail address I used from HTF, and HTF has good security in place for protection of e-mail addresses anyway, so I'm sure we're not the target. In fact, Gord informs me this morning that when Jason spoke to him, the fact was that the investigation was hampered because "he's only received a few messages from members of HTF about it so it's becomming very hard to track down the cause/source of it". But I'm sure that the only reason HTFers are complaining is because of our "community" ability to figure out that we're all involved from this one common source!
After work tonight I'll probably officially respond to Jason's e-mail, despite my paranoia and fishiness. I'll have to talk it over with the missus to decide what that response will be, but I know she still wants the set!
Count me as another person who has ordered the My So-Called Life set, and received the porn email.
I briefly considered cancelling my order over this breach of security, but I really don't want to pass on the chance to get this terrific series on disc.
I briefly considered cancelling my order over this breach of security, but I really don't want to pass on the chance to get this terrific series on disc.
Cynthia
Stunt Coordinator
- Joined
- Jan 2, 2001
- Messages
- 196
I haven't received that "pay now or cancel" email, yet. Has everyone received it? I wouldn't want to miss out on getting the set.
Derek Miner
Screenwriter
- Joined
- Feb 22, 1999
- Messages
- 1,662
I just checked over at the "My So-Called Life" order page at Another Universe, and there haven't been any notices of changes to the production or payments. I didn't find any news at http://www.mscl.com/dvd.php either.
I pre-ordered the set and have neither received the "kiddie porn" spam (unless it automatically went in my trash via filters) or an email from Another Universe to "pay or cancel".
I pre-ordered the set and have neither received the "kiddie porn" spam (unless it automatically went in my trash via filters) or an email from Another Universe to "pay or cancel".
Mike_G
Screenwriter
- Joined
- Jun 1, 2000
- Messages
- 1,477
- Real Name
- Mike
Lance Nichols
Supporting Actor
- Joined
- Dec 29, 1998
- Messages
- 726
Huh, I preordered, and have not gotten any "Pay now or else" type messages. Last I checked, the pre-order campaign had 2500 orders placed. Sounds like a goodly number, IMHO. I know it's not the millions Shrek, or good god American Pie, sold, but it s respectable number for a short lived TV series.
Now, I would be quite reluctant to pay for a DVD set that not shipped, yet alone has not been mastered yet. IF they can set a firm date on the release, then I would consider putting more down as a down payment.
Now, I would be quite reluctant to pay for a DVD set that not shipped, yet alone has not been mastered yet. IF they can set a firm date on the release, then I would consider putting more down as a down payment.
- Joined
- Aug 23, 1998
- Messages
- 5,582
I don't want to sound alarm bells yet, but I would suggest you keep an eye on your credit cards. I called mine today to discover that two authorisations of an equal amount from a company I do not recognise have been applied to my card today. This doesn't look good.
I also asked about this preorder situation and was told that if this set was paid for and was never delivered there is a good chance the money would be gone, especially with two month's lead time.
I have yet to hear from AU at all on this matter: no order confirmation email, no return call regarding the porn spam. Jason has emailed, by AFAIK he is not a representative of the company, yet his signature is on the last payment email.
I also asked about this preorder situation and was told that if this set was paid for and was never delivered there is a good chance the money would be gone, especially with two month's lead time.
I have yet to hear from AU at all on this matter: no order confirmation email, no return call regarding the porn spam. Jason has emailed, by AFAIK he is not a representative of the company, yet his signature is on the last payment email.
Similar threads
