Microsoft Tries To Censor Bing Vulnerability 275
An anonymous reader writes "Microsoft's Bing search engine has a vulnerability with its cash-back promotion, which impacts both merchants and customers. In traditional Microsoft fashion, the company has responded to the author of the breaking Bing cash-back exploit with a cease & desist letter, rather than by fixing the underlying security problem. It is possible for a malicious user to create fake Bing cash-back requests, resulting in not only fake cash-back costs for the merchant, but also blocking legitimate customers from receiving their cash-back from Bing. The original post is currently available in Bing's cache, although perhaps not for long. But no worries, the author makes it clear that the exploit should be painfully obvious to anyone who reads the Bing cash-back SDK."
Re:And now thanks to /. and microsoft (Score:5, Funny)
~Barbara
Re:Mirror (Score:5, Funny)
Another fun trick was to take a $1 and a $20 and cut them both in half. Then tape half of the $1 and the $20 to make two $21 dollar bills. Silly I know, but if you put them in a change machine, it would look for the numbers in the corners, it would read a 20 then a 1 and then give you $21 in change. You then took the other part and got $21 in change as well. Quick way to double your money. Now the machines check to make sure that all four numbers on the corners match up.
Re:How does he know MS isn't doing anything else? (Score:3, Funny)
Uh? Cash back is negative income for Microsoft, and as a lawyer who sends C&Ds for a living, I am offended by the fact that you call that "doing nothing".
Re:And now thanks to /. and microsoft (Score:1, Funny)
Except, by the time it turns up on slashdot, it already is all over the rest of the internet.
Even if bing removes it from their cahce.
Re:How does he know MS isn't doing anything else? (Score:3, Funny)
You're right, sending C&Ds isn't doing nothing.
It's actively producing negative work, turning productively spent time into wasted time.
So congratulations, you're doing less than nothing!
Re:Mirror (Score:1, Funny)
I'd just keep the two $21 dollar bills myself. Quick way to double your money!
MS Response (Score:3, Funny)
Microsoft has posted this page in response:
http://www.bing.com/search?q=bing+cashback+vulnerability&go=&form=QBLH&filt=all&qs=n [bing.com]
Re:And now thanks to /. and microsoft (Score:5, Funny)
The results are so haphazard, it feels like their parody of google is what actually drives Bing.
I don't know how this late in the game a search engine can be so bad.
answer:
Because
:D
It's
Not
Google
It's all in the name
Re:And now thanks to /. and microsoft (Score:5, Funny)
Bing
Is
Not
Google