It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Surrendering to Microsoft and Bing Cashback
page: 12
share:
Surrendering to Microsoft and Bing Cashback
bountii.com
(visit the link for the full news article)
The purpose of my post was to show an implementation problem, not to encourage defrauding Microsoft. I am surprised they would go through this much trouble to make me take down information that is obvious to anyone reading their documentation.
This is the original article by the author,
still available in the Bing cache.
Microsoft responds by sending threatening emails, bringing in lawyers and closing down his Bing account. To me, this is a typical Microsoft response to a problem with their software and I would like people to realize the kind of company they are dealing with here.
To me, this kind of response is disgusting and the direct opposite of what I would like to see from a company serious about making quality software.
bountii.com
(visit the link for the full news article)
[edit on 10-11-2009 by Copernicus]
Microsoft responds by sending threatening emails, bringing in lawyers and closing down his Bing account. To me, this is a typical Microsoft response to a problem with their software and I would like people to realize the kind of company they are dealing with here.
To me, this kind of response is disgusting and the direct opposite of what I would like to see from a company serious about making quality software.
bountii.com
(visit the link for the full news article)
[edit on 10-11-2009 by Copernicus]
Yep, I agree. Microsoft's lawyers went over board on this. I found a copy of the article out there. Nothing in the article is remotely hackerish..
It would be pretty obvious in fact to anyone with medium to high level development experience.
I am quoting the original article here in case Bing clears it from cache. Mods, if you feel this is a violation or risk, I'll remove it, but it helps understand the context.
Sourced from ninet.org...
[edit on 11-10-2009 by rogerstigers]
I am quoting the original article here in case Bing clears it from cache. Mods, if you feel this is a violation or risk, I'll remove it, but it helps understand the context.
I’ve never bought anything using Bing Cashback, but the balance of my account is $2080.06. Apparently, I placed two $1 orders on January 24th of this year, and spent another $104,000 on October 24th. Let’s see how these transactions might have “accidentally” got credited to my account.
First, we need to try to figure out how transactions get into Bing Cashback. Microsoft posted some documentation here. The explanation of how a merchant reports transactions to Bing starts on page 20. Merchants have a few options for reporting, but Bing suggests using a tracking pixel. Basically, the merchant adds a tracking pixel to their order confirmation page, which will report the the transaction details back to Bing. The request for the tracking pixel looks something like this:
ssl.search.live.com...[0]=&p[0]=&q[0]=
This implementation, while easy for the merchant, has an obvious flaw. Anyone can simulate the tracking pixel requests, and post fake transactions to Bing. I’m not going to explain exactly how to generate the fake requests so that they actually post, but it’s not complicated. Bing doesn’t seem to be able to detect these fake transactions, at least not right away. The six cents I earned in January have “cleared,” and I’m guessing the remaining $2080 will clear on schedule, unless there is some manual intervention.
Even if Bing detects these fake transactions at some point in the future, the current implementation might have another interesting side effect. I haven’t done enough work to say it with confidence, but a malicious user might be able to block another user’s legitimate purchases from being reported correctly by Bing (I only tried this once, but it seemed to work). Posting a transaction to Bing requires sending them an order ID in the request. Bing performs a reasonable sanity check on the order ID, and will not post a transaction that repeats a previously reported order ID. When a store uses predictable order ID’s (e.g. sequential), a malicious user can “use up” all the future order ID’s, and cause legitimate transactions to be ignored. Reporting would be effectively down for days, causing a customer service nightmare for both Bing and the merchant.
Based on what I’ve found, I wouldn’t implement Bing Cashback if I were a merchant. And, as an end user and bargain hunter, it does not seem smart to rely on Bing Cashback for savings. In our next blog post, I’ll demonstrate some other subtle but important reasons to avoid using Bing Cashback.
Sourced from ninet.org...
[edit on 11-10-2009 by rogerstigers]
Microsoft has always sucked.
They're a criminal business outfit: just look at all the antitrust cases they've lost.
They have killed many better companies with very shady business practices such as announcing the realease of THEIR version of a msall company's software in such a way as to discourage buyers from trying it, then blowing the dates because they weren't real in the first place, while strong-arming the small outfit to buy their software for a pittance while the small company's cash flow dried up. They've seldom done good original work on their own.
They have always been unethical because Gates is a sociopath. A very successful one, but a sociopath nonetheless.
They're a criminal business outfit: just look at all the antitrust cases they've lost.
They have killed many better companies with very shady business practices such as announcing the realease of THEIR version of a msall company's software in such a way as to discourage buyers from trying it, then blowing the dates because they weren't real in the first place, while strong-arming the small outfit to buy their software for a pittance while the small company's cash flow dried up. They've seldom done good original work on their own.
They have always been unethical because Gates is a sociopath. A very successful one, but a sociopath nonetheless.
I thought Bing was a search engine.
So Bing is a search engine like Google with arrangements to the links.
Can I trust Clusty to give me plain links without monetary arrangements.
So Bing is a search engine like Google with arrangements to the links.
Can I trust Clusty to give me plain links without monetary arrangements.
Does not this basically amount to fraud? In which case the person's proper response should have been to inform Microsoft, not broadcast the exploit
for the world to see. Of course if he had already informed Microsoft (who then did nothing), then he should disclose with proof of concept in an
attempt to force Microsoft to rectify the problem. The whole concept of disclosure in this context has been talked to death and openly exposing a
vulnerability is just as irresponsible if not more so than the existence of the vulnerability in the first place (or knowledge thereof).
[edit on 10-11-2009 by quackers]
[edit on 10-11-2009 by quackers]
utter BS
If I tell you xyz business downtown doesn't lock their back doors at night and why i think it is bad and how it could go wrong for that business and you and me.....due to the fact our instore details are in danger, because they don't lock the rear doors....
Am I irresponsible
It's a ridiculous remark, that seems to be a stock std remark when anybody talks about the digital world....The digital world then some how becomes a higher plane than the real world. Some of the fines, prosecutions, sentences, gorilla tactics that are forth coming from anything on a friggin computer are not consistent or semi realistic when compared to the real world.
It seems to be that the digital companies can flood the market with poor quality, buggy, non safe products (software) and then sue, bully, steal, wipe loose, close down....anything any time they want from some poor sod that pipes up and says any thing that is fact or truthful, and the whole time have no worries of reprisal.
Apart from corporations suing corporations, or corporations suing ave joe's........how many ave joe suing digital corporations have been successful?
I wont stand for buggy faulty unsafe software, I dont put up with it on new cars, tv, carpet, houses, toys, fishtanks, timber, food....why the digital corps allowed to get away with it is beyond me...while getting away with this type of crap...
[edit on 10-11-2009 by 297GT]
If I tell you xyz business downtown doesn't lock their back doors at night and why i think it is bad and how it could go wrong for that business and you and me.....due to the fact our instore details are in danger, because they don't lock the rear doors....
Am I irresponsible
It's a ridiculous remark, that seems to be a stock std remark when anybody talks about the digital world....The digital world then some how becomes a higher plane than the real world. Some of the fines, prosecutions, sentences, gorilla tactics that are forth coming from anything on a friggin computer are not consistent or semi realistic when compared to the real world.
It seems to be that the digital companies can flood the market with poor quality, buggy, non safe products (software) and then sue, bully, steal, wipe loose, close down....anything any time they want from some poor sod that pipes up and says any thing that is fact or truthful, and the whole time have no worries of reprisal.
Apart from corporations suing corporations, or corporations suing ave joe's........how many ave joe suing digital corporations have been successful?
I wont stand for buggy faulty unsafe software, I dont put up with it on new cars, tv, carpet, houses, toys, fishtanks, timber, food....why the digital corps allowed to get away with it is beyond me...while getting away with this type of crap...
[edit on 10-11-2009 by 297GT]
new topics
-
A Warning to America: 25 Ways the US is Being Destroyed
New World Order: 3 hours ago -
President BIDEN's FBI Raided Donald Trump's Florida Home for OBAMA-NORTH KOREA Documents.
Political Conspiracies: 8 hours ago -
Maestro Benedetto
Literature: 10 hours ago -
Is AI Better Than the Hollywood Elite?
Movies: 10 hours ago
top topics
-
President BIDEN's FBI Raided Donald Trump's Florida Home for OBAMA-NORTH KOREA Documents.
Political Conspiracies: 8 hours ago, 28 flags -
Gaza Terrorists Attack US Humanitarian Pier During Construction
Middle East Issues: 15 hours ago, 8 flags -
Massachusetts Drag Queen Leads Young Kids in Free Palestine Chant
Social Issues and Civil Unrest: 17 hours ago, 7 flags -
Las Vegas UFO Spotting Teen Traumatized by Demon Creature in Backyard
Aliens and UFOs: 14 hours ago, 6 flags -
A Warning to America: 25 Ways the US is Being Destroyed
New World Order: 3 hours ago, 6 flags -
Meadows, Giuliani Among 11 Indicted in Arizona in Latest 2020 Election Subversion Case
Mainstream News: 17 hours ago, 5 flags -
2024 Pigeon Forge Rod Run - On the Strip (Video made for you)
Automotive Discussion: 14 hours ago, 4 flags -
Is AI Better Than the Hollywood Elite?
Movies: 10 hours ago, 3 flags -
The functionality of boldening and italics is clunky and no post char limit warning?
ATS Freshman's Forum: 16 hours ago, 1 flags -
Maestro Benedetto
Literature: 10 hours ago, 1 flags
active topics
-
Victoria government has cancelled the commmonwealth games, no money.
Regional Politics • 3 • : nazaretalazareta -
A Warning to America: 25 Ways the US is Being Destroyed
New World Order • 2 • : Disgusted123 -
President BIDEN's FBI Raided Donald Trump's Florida Home for OBAMA-NORTH KOREA Documents.
Political Conspiracies • 19 • : ADVISOR -
When an Angel gets his or her wings
Religion, Faith, And Theology • 22 • : AcrobaticDreams1 -
King Charles 111 Diagnosed with Cancer
Mainstream News • 321 • : FlyersFan -
Is there a hole at the North Pole?
ATS Skunk Works • 41 • : burritocat -
Massachusetts Drag Queen Leads Young Kids in Free Palestine Chant
Social Issues and Civil Unrest • 16 • : FlyersFan -
Gaza Terrorists Attack US Humanitarian Pier During Construction
Middle East Issues • 33 • : FlyersFan -
Weinstein's conviction overturned
Mainstream News • 24 • : burritocat -
-@TH3WH17ERABB17- -Q- ---TIME TO SHOW THE WORLD--- -Part- --44--
Dissecting Disinformation • 690 • : burritocat
2