Finnish sayings can be stupid, but this has got to be the most stupid ever:
"If you let a piece of cake fall sideways when you take it from the tray, you will get a bad mother-in-law." ("Jos kaataa kakkupalan, saa huonon anopin.")
I mean - COME ON! Your entire relationship with a possibly completely perfect human ENTIRELY RUINED by one fumbled feat of dexterity? Of which any regularly social person will have about a MILLION opportunities to fail before the wedding bells ring?
What about if the cake is just badly constructed? How would it look like if, after several years of torment from a mother-in-law-from-hell someone turned up to your doorstep with a hatchet and demanded revenge over one slippery frosting? Imagine the responsibility and diligence one would have to exercise to ensure a good life for all friends?
This is just fucking insane: Kaleva Travels (and/or Amadeus, not sure which one is the real culprit here) not only stores the user passwords in plaintext, they also routinely share them with the service desk. Check out this email I got (real password blocked out, duh, and some not-so-useful mail headers removed):
Date: Wed, 25 Apr 2012 13:33:02 +0000 (GMT) From: webmaster@amadeus.net To: xxxxxxxxxxxxxxx Cc: e-servicecenter@kalevatravel.fi Message-ID: <19272339.55056.1335360782390.JavaMail.SYSTEM@relay.amadeus.net> Subject: Oma salasanasi Hyvä Janne Jalkanen, Salasanasi on: xxxxxxxx Kiitos, että käytit yrityksesi online-varausjärjestelmää. Arvostamme asiointiasi.
Note the CC-line.
How could a company at this day and age so blithely ignore customer security is completely beyond me; storing plain text passwords is bad enough, but sharing them with who knows how many people...? In this case, I didn't even request a password reset; they just decided to send it to me at random and made it useless.
I fully realize that this is all done in the name of customer service, but there are far better ways - and secure - ways of doing this than just sharing the password around like it were a big box of cookies.
Also, this highlights the importance of using a different password across all the systems. You never know who's going to leak it.
Update: Our assistant just let me know that she also received the email with my password in it. So now I have no idea how many people have received my email/password combination. This is just fucking great.
Update, May 9th: Someone from Kaleva's Marketing called me and wanted to have a chat about what they could do about this. That's a good response.
Private comments? Drop me an email. Or complain in a nearby pub - that'll help.
More info...
|
"Main" last changed on 10-Aug-2015 21:44:03 EEST by JanneJalkanen. |