[ale] a quick test of web site stupid

Lightner, Jeff JLightner at water.com
Fri Mar 1 08:32:14 EST 2013


I used to work for Alltel but NOT that part of it.

Interestingly when I turned in my notice at Alltel finally after 7 years the bozos that had become my management team in Little Rock said it was "policy" to disable accounts of IT personnel that resigned.   That was total BS - I'd seen many a person resign in that time and we'd never disabled their accounts for resigning though of course we did for people we'd fired.

The funny thing about it was they told me about it after they'd supposedly disabled my accounts.    The only problem with that was I had an ISDN connection into them and at the point I was supposedly disabled I was already on the security server that gave me access to all the other systems as root.   If I'd been the type I could have trashed all their systems then later if they accused me I could have said "You disabled my accounts so how could I be the culprit?"   Luckily for them I was more professional than that so I logged myself out and turned off the ISDN connection myself.

The other funny thing about it was that because I'd turned in my notice a REAL policy required them to pay me through the 2 weeks of the notice.  Since I didn't have access it essentially meant I got a paid 2 week vacation.   Boy, they really showed me!

Alltel was a Fortune 500 company so like most organizations they had some really good and talented people but also some really dumb or PHB types.   My last year with them I was working for the Little Rock UNIX PHBs that couldn't understand why you might run an ERP system affecting the entire company with tighter controls than your average standalone POS in a store.   That crew was finally able to make me fed up enough to leave.

Most of Alltel was bought by Verizon and few years back with the wireline stuff being spun off to Windstream.   I was surprised to see recently there was actually still a business running under the Alltel name for other wireless assets (presumably those that overlapped existing Verizon markets) and it was bought by AT&T.





-----Original Message-----
From: ale-bounces at ale.org [mailto:ale-bounces at ale.org] On Behalf Of Erik Mathis
Sent: Thursday, February 28, 2013 3:01 PM
To: ale at ale.org
Subject: Re: [ale] a quick test of web site stupid

A loooong time ago I got a dialup account with alltel, they asked me my what I wanted my username to be, I said root. I was getting their root emails. I never tried to "hack" anything but I got a call the next day asking me what I wanted my new username to be.

I dont know why this thread reminded me of that, but I got a sorely needed smile.

-Erik-

On 02/28/2013 02:22 PM, Jim Kinney wrote:
> for a web site like, say, a utility company or a shopping site that
> stores my credit card, I like to test the security of their coding
> practices by trying to use a password that has a '.' and a '!' in it.
> When they password checker complains, I take that as a good sign their
> coders don't properly escape user input data and thus are pro

_______________________________________________
Ale mailing list
Ale at ale.org
http://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo




Athena(r), Created for the Cause(tm)
Making a Difference in the Fight Against Breast Cancer

---------------------------------
CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you.
----------------------------------




More information about the Ale mailing list