Plain text, open directory.... Been such....dammit, you were supposed to just contact harzem! lol
But instead of alerting me, which a professional would do, you posted it publicly, not only allowing multiple people to access the data, but also run the email script over and over again, causing multiple emails per person.
Really professional thing to do.
Well hey, today's email blast would indicate that there is a definite reason to distrust @harzem and that his word doesn't mean crap.As for the "emailing practices involved", this was a single e-mail which will be the last according to Harzem. If he does send another e-mail then there's something to discuss but so far Harzem hasn't given me any reason to distrust him.
I'd be happy if SecuredDragon and WiredTree would actually act on SPAM reports instead of giving this spammer @harzem a free pass to continue spamming from the same IP addresses he spammed from and was reported for in December.It's offline due to DDoS now. Hope you guys are happy now.
In house manual checking, as well as Kount and/or Authorize.net's fraud suite here. The difference between using services like Kount/Authorize.net fraud suite which are registered companies and using a 1-man show unregistered business "fraud prevention" outfit like FraudRecord is like the difference between night and day in terms of properly safeguarding consumer's info.And this is why I have always done in-house, and will continue to do so.
This was already discussed in December I think it was... about the ad spamming - started with selling ad in the module area, then to outright email.I got an email earlier about Phychz or something network dedicates. Although I like the service, I do not like the fact that I get emails which do not pertain to anything that I signed up with them for. I do not care about those dedicated servers. I care about using FraudRecord. Not being spammed by crap none of us care about.
@harzem, how much do you need to run FraudRecord? I can donate some money if needed, but the emails need to stop.
Where did you hear this? I see a few attacks today but nothing above 2Gbps which isn't enough to even cause any packet loss. Unless they are targeting their webserver directly, in which case I'm curious how the IP got leaked this time.It's offline due to DDoS now. Hope you guys are happy now.
[snip] all I can see is there was a problem uploading the blank index.html so the directory got exposed.
[snip] but also run the email script over and over again, causing multiple emails per person.
KEK :lol: :lol:Thanks, by constantly visiting the email script, which I mistakenly left vulnerable temporarily, you have re-sent the emails all over again. Apologies for those who received multiple copies of the email due to re-runs. If you have any questions or criticism, you may direct them at [email protected] - Harzem Yalçýnkaya FraudRecord
If you were professional you'd recognise that:Really professional thing to do.
The whole "our emails are exposed" could be prevented if i had checked the directory integrity, or if you contacted me first instead of posting publicly right away.
Exposure didn't "happen". You exposed it to everyone.