bet: (Bunny: Ded o.o)
[personal profile] bet
YO LJ. Not happy with you now.

My friend just posted this and since I'm lazy, you just get a copypasta

Yesterday, I logged in over at LJ, and went to edit an entry. Instead of redirecting to an edit entry, it dumped me into the log-in page, logged into an unfamiliar journal. (For logistic purposes, I was on a mac running Snow Leopard, using Firefox 7, and my LJ account type is a permanent account. I was not using LJ-Login at the time, but logging in manually, as I already knew LJ Login was borked.)

I was mostly kind of baffled at first, and clicked on the journal I was logged into, whereupon I saw their journal, including obviously locked entries. This was not a journal I had ever seen before, or should have had any permissions to read f-lock or private entries with, obviously.

I scanned the page enough to see what had happened, and the user was, I believe, Russian, but had entries in English as well. I then rapidly logged out, when I realized, and was unsettled. Not sure what had happened, I made my last entry, and then started reading around.

I logged back onto LJ, changed my password, just in case, and filed a support request. As far as I could tell at the time, that report quest was PUBLIC. As of now, it is listed as PRIVATE, but has not been responded to. I can't see anything in the public support queue about this problem, so I'm guessing that all support requests about it are being set to private by the support team/admins. (This may just be standard procedure with login/security related problems, for all I know, but I find it ANNOYING that they're hiding the problem without offering any kind of official response yet.) [E.T.A. - in comments, [personal profile] azurelunatic pointed out that as far as they knew, it IS standard to private anything security related, or requiring higher-ups to address.]


here's her entry with lots of links that tell us she's not the only one!! u.u
Anonymous( )Anonymous This account has disabled anonymous posting.
OpenID( )OpenID You can comment on this post while signed in with an account from many other sites, once you have confirmed your email address. Sign in using OpenID.
Account name:
If you don't have an account you can create one now.
HTML doesn't work in the subject.


Notice: This account is set to log the IP addresses of everyone who comments.
Links will be displayed as unclickable URLs to help prevent spam.


bet: (Default)

February 2012

567 891011

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags