Just a few days after discovering a flaw that compromised millions of user accounts, a 19-year-old British university student found another flaw on ebay’s website. It’s not as bad as the one that forced pretty much everybody to change their ebay passwords. But it’s not good either.
Jones apparently contacted ebay on Friday about this second flaw, but when he still hadn’t heard back from them he went ahead and published details on his blog on Monday. “Ebay should be on top of their stuff,” he told PC World soon thereafter. At the very least, Ebay should pay attention to the white hat hackers who are trying to help them.
If you’re wondering what you can do about this new flaw, the answer is unfortunately: not much. It’s on ebay to fix the vulnerability in its new code, and as long as you changed your password last week, you should be OK. On a related note, a new statistic just revealed by security researchers says that about 50 per cent of Americans have been hacked in the last 12 months. So get used to it. [PC World]