Fourth
4. Vimeo should fix its account creation and upload policy. The current one is borderline criminally complicit with the extortion racket gang.
At present it is just asking to be exploited.
An unpleasant Monday morning kicked off when my personal email account popped up a message of thanks for joining YouTube rival Vimeo. Seven minutes later, I visited the website, where I was confronted by a sexually explicit video stating I was a pedophile. The video depicted a bearded young man lying back on a bed, pleasuring …
That's all I could think about is how Vimeo allow that. Just seems silly.
This is a lot like another scam they're trying to do where you click a link and you're taken to the West Kent Police Page or Europol page where they display your IP address and say you've been caught looking at things you shouldn't have (kiddie porn, animal porn, plasticine porn etc) and you should click a link to pay a fine.
"Vimeo and others want no part of this kind of traffic" implies they should be doing something about it before it escalates to a blackmail scenario. Put some effort into vetting accounts and the content that is uploaded and the problem vanished.
But that costs money. Better to fall back on the tried and tested view that nothing needs to be done until someone complains...
Yes. My reaction when I read that was "Holy shit, how? This is 2016 and supposed to be a reputable site competing with Google!"
I can't pay my broadband bill without a bunch of security questions and a recaptcha that checks if I am able to distinguish all the pictures that contain donkey balls for however long it decides to show me such things.
I suspect that Vimeo have forgone security in order to make it easier to get more signups. More accounts = more ad revenue after all.
Re: I suspect that Vimeo have forgone security in order to make it easier to get more signups. More accounts = more ad revenue after all.
Try:
More signups == more users == more VC money. Ad revenue and other "traditional" revenue streams tend not to feature in these plans...
Reference: just about any public Internet service
"I can't pay my broadband bill without a bunch of security questions and a recaptcha that checks if I am able to distinguish all the pictures that contain donkey balls for however long it decides to show me such things."
It would be interesting to have a CAPTCHA where you check all of the pictures showing child-pornography images. If you succeed, a warrant is issued for your arrest.
I suspect in this instance, it's more a matter of hindsight. It's not like this kind of thing is new, any more than the idea that reality television exploits hopeful talent in really depressing and disgusting ways.
The pig thing, though, that was a fluke. Even he said he didn't mean to make a documentary.
...is your friend.
{NO, not for doing anything like that! - you have a filthy mind! - I mean a small piece across the webcam works wonders at blocking unauthorised filming of you lying in bed pleasuring youself with a cup of hot chocolate and an old episode of 'The Good Life' on DVD)
This post has been deleted by its author
"Oh look! Some of Felicity Kendall's underwear, and it's really dirty!"
There's one episode where she bent over while wearing a nightdress with a fairly loose top - for a brief moment there's a lot more than her underwear to see (she wasn't wearing a bra for that shot).
"Felicity Kendall is sweetly pretty, and just what a real girlie should be. Why, speaking as a feminist myself, I can safely say this: that Felicity Kendall is a wonderful woman, and I want to protect her."
How that sugar-flavoured snob Briers pulled her, I shall never know.
"Hmmmm... Penny Keith / Margot was hot!"
Felicity Kendal would be my preferred lady on that show, my God she did terrible things to my teenage febrile mind.
Oooohhhhh, the mere thought is enough to solicit a furtive glance over the should as in days of yore to make sure nobody in the family can see the rapt attention I pay to her nether regions.
"lying in bed pleasuring youself with a cup of hot chocolate and an old episode of 'The Good Life' on DVD"
That sounds like it might be painful. And somewhat messy. Still, takes all kinds...
(Oh, you mean like *that*. My apologies. Still, you shouldn't have said it that way, you might confuse a stupid person...)
Talking about not confirming email addresses to open an account: Someone managed to open up an Amazon merchant account using my Amazon "consumer" login - I did receive a "congratulations" email from Amazon, but no necessity to confirm. Looking back through my email history at the time the hack occurred I found this and a few others that I thought were spam with a spoofed address, but in fact they were legitimate Amazon emails.
The only way I realised this had happened was when I tried to login to my account and found it blocked. Amazon told me it was because I had a "poor seller reputation." I did regain control of my account, but here's the thing, they have never acknowledged the fact my account had been hacked and that it was not me that had opened that sub-account - so I've closed my "consumer" account.
They seem oblivious to the consequences that this flags up.
Anyone else had this?
> They seem oblivious to the consequences that this flags up.
Quite the reverse.
There's no consequences for them for situations like this - they just get to shift more tat in their war with eBay.
The consequences of admitting to a problem are more of a concern - hence why they'll not admit to the possibility of one.
Ahh, now that might have been what happened with me.
The thing I couldn't get my head round was if they'd hacked my account, why did they not do anything with, say, my delivery addresses, adding in one they had access to, for example, or having access to my credit card details?
Your post totally explains why they didn't, but I would have thought email address should be a unique key on their database. (Sorry, you can't open an account, you already have one). That is a worry that it isn't a unique key. Smacks to me of a replication issue on a distributed database. Something that could happen in a Cloud topology perhaps?
Seems like this is something known about for a long time:-
https://www.amazon.com/forum/amazon?_encoding=UTF8&cdForum=Fx1UE1R6VSVMXK7&cdThread=Tx43HXCA2S5IBQ
A lot of concern in the thread about merging accounts. I'm more concerned about the security aspects!
> Bruce Schneier gave some excellent advice in the first interview I had with him: never write or post anything online that you couldn’t justify publishing in your local paper.
Bruce obviously hasn't seen my local newspaper. This would be quite tame by their standards. :-(
"However, as a tech journalist I know people at Vimeo, and so I went to the company to find out what was going on"
Why not have a go at your mates to sort it out rather than pander to their failure to do things properly.
The most disgusting sort of journalism, and I don't want to read it.
Go away Mr Thomson.
"Why not have a go at your mates to sort it out rather than pander to their failure to do things properly."
I was wondering the same, but with a bit less veracity. I was expecting to eventually reach a paragraph telling us that Vimeo have now fixed this "hole" which allows the blackmailers easy access.
How about you start ringing up all of your mates, demanding that they demand their boss immediately changes every aspect of their business model they don't like, and wait to see how long it takes before one of the bosses tells your mate to pass on a "Fuck off" to you?
This has always been true. Yet people still get caught by it.
Before that, when analogue mobile phones were just begining to become common among the few who could afford them, there were scandals over what was sometimes said. this was because anyone with a radio scanner could hear them. A friend commented to me, "Don't they get it? Never say anything on a mobile that you wouldn't want across the front page of the <major city broadsheet newspaper>."
Don't have sex with someone you don't know?
That's at least as bad as telling someone you don't know about your sex life.
You could take the common-sense a bit further... don't commit yourself physically and emotionally to someone who is holding out for someone better than you. If they aren't holding out, get them to say so, publicly and legally.
(no not in THAT way)
I must have got this wrong. Potentially, you can get anyone's email address, use that to sign up to Vimeo and then without activation/authorisation upload video content to the site which is then published? Attached to their eamil address? Surely not?
If so I may visit the Conservative Home website and get cracking.
(only joking; they will have all registered themselves long ago and have been sending grumbly pics to young Tory interns ever since). Good old Baxter Basics.
"typically, a victim is tricked into performing sex acts on webcam by someone pretending to be a potential paramour."
And this is how people are 'introduced' to each other these days is it? I still prefer meeting a young lady under the station clock at 8pm. I'll be wearing a white carnation in my buttonhole and carrying a copy of The Times.
In your quest to post a breaking news article - You appear to have provided a great deal of information that can be used to identify the victim - your doppelganger.
(Name, facial hair, weight, iphone)
This is not good journalism and I suspect any person that fits your identification may have a legal case against your publication for deformation of character etc?
Geoff
"and the police are more clued in than they used to be."
But because their numbers are falling will pretty much do fuck all about it. Considering a friend has reported a known banned driver who passes their house daily, yet he's still driving over a month after reporting. And yes, 100% known to be banned.
Unfortunately, due to the rapid development of the Internet and the amount of personal data of people in it, it has become an excellent platform for many scammers who want to make money on you. I myself have experienced this, scammers sent me an email in which they demanded money from me and if I refuse to pay, they would send all my friends and colleagues fake information that I am a pedophile. I refused to pay and so they did and it just created a bunch of problems for me. But I'm lucky the guys are out of here minclaw.com helped me clean up my reputation and this story ended quickly.