Wednesday, January 16, 2008

Why connections are not needed

Late in the evening, Paul Simon - I mean Robert Scoble - made his official announcement of the fact that he was joining FastCompany. He also listed several reasons why he was doing this, rather than striking out on his own. Here's one of his reasons:

Getting access to things, when running your own business, is tougher. Yeah, I can get access to a lot of things, but did Steve Jobs invite me to attend his keynote at MacWorld? No. If I was part of a bigger team with a more established brand, would it be more likely that I’d get invited? Yes.

I responded in the comments.

One minor correction - you don’t NEED Steve Jobs to invite you to the keynote. If you haven’t heard, it’s possible to hack the MacWorld site to get a VIP pass for free. Not to discount connections, but there are other ways to get things (if you ignore the question of legality). Not sure whether this fits into the category of a stunt Woz would pull… :)

My final comment was related to the WWWD question that was circulating earlier in the week. My comment on hacking the MacWorld site was related to this post. Excerpt:

Last year at this time I disclosed an issue with the IDG/MacWorld Expo registration that allowed people Free Platinum Passes (valued at $1,695). I communicated this issue with IDG the week of MacWorld and they removed all the codes, fixed the site, and said thanks. Questions were asked on how to write better code and I gave them a few tips (don't trust user input, don't give your secret codes to everyone, encryption is not one-way, etc). Did they listen?

Nope.


Because basically the same trick worked in 2008. Kurt Grutzmacher posted the details, which prompted this question from yours truly:

From the text, I'm assuming that you posted this AFTER Jobs' keynote, but I wonder if it would have been better to post it AFTER the entire show had concluded?

Kurt replied:

The timing was after the keynote for a reason. It could have been earlier because the 'free' code had already been removed from the back-end.

In other words, if I understand this correctly, by the time Kurt posted about the exploit, it could no longer be duplicated by nefarious forces.

[mrontemp business] | [mrontemp politics] | [mrontemp technology] | [mrontemp del.icio.us tags]

Sphere: Related Content

0 comments: