Multiple Hover.com Security Issues

5 minute read Feb 28, 2013 Comments
I’m a customer of Hover for my domain name needs. However, that will be changing because I don’t believe that they take issues seriously. The first security issue I was browsing their site, looking for a new domain, and being the constant tinkerer I am, I entered a single quote into the textfield. I noticed an error, and eventually crafted this url: https://www.hover.com/domains/results?q=%27%3E%3Cscript%3Ealert%28%27xss%27%29%3B%3C%2Fscript%3E There’s nothing magical in that URL, however it demonstrated a real vulnerability in their code:

Sprint iPhone 4S pre-order fiasco

5 minute read Oct 7, 2011 Comments
So like many people, I wanted the new iPhone 4S. Since the wife unit is on Sprint, and I’m on AT&T, we started looking at plans. Sprint offers a nicer family plan and lets her upgrade to a smartphone, while letting me have the iPhone. So we decided to make the switch, and do the pre-order. I called last night to verify the ordering process, and make sure that I could still get the $200 price while not using her upgrade credit.