
I don't want the notice of insecure password/log-in on my website - BinaryIdiot
https://bugzilla.mozilla.org/show_bug.cgi?id=1348902
======
wyldfire
> Your notice of insecure password and/or log-in automatically appearing on
> the log-in for my website, Oil and Gas International, is not wanted and was
> put there without our permission

Just wait until he finds out that firefox is blitting pixels to the display
buffer! Who invited them anyways?

------
grawlinson
Quick question regarding this security pop-up. I don't have much experience
with the security side of things apart from HTTPS certs/etc, but isn't Dell's
NZ website a bit iffy?

i.e. dell.com/nz/ -> 'My Account' looks like it's done over plain HTTP. Is my
assumption correct?

------
deevus
Oh no.. they've locked it to authorised users only. Anyone get a screengrab?

~~~
romuloab42
[http://archive.is/53Cbd](http://archive.is/53Cbd)

~~~
aruggirello
>> Your notice of insecure password and/or log-in automatically appearing on
the log-in for my website, Oil and Gas International is not wanted and was put
there without our permission. Please remove it immediately. We have our own
security system and it has never been breached in more than 15 years. Your
notice is causing concern by our subscribers and is detrimental to our
business.

Oh my... HTTPS was already well established 15 years ago... are people like
this in charge of nuclear facilities, too?

------
Nadya
It's unfortunate the IT had to find out the hard way just how broken their
site security was. It's worse that this isn't the only site out there that is
_that_ broken. It's common, they just happened to publicize their lack of
knowledge of security and then users went poking around. "Oh hey, SQLi works."
and that's that...

Here's hoping they manage to give proper disclosure to their customers/users
(hah...doubtful).

------
bhhaskin
Oh man, that site is a blast from the past in terms of web development.

------
rayboy1995
Users or all tables were dropped, site is entirely a 500 now. I seriously
doubt they have any backups either...

------
sqldba
You have to login to view this bug. No thanks.

~~~
BinaryIdiot
Yeah it was locked due to the attention it got. You can view it here:
[http://archive.is/53Cbd](http://archive.is/53Cbd)

