Low End Mac Reader Specials
TypeStyler For Mac OS X is Now Shipping! Download The Free Fully Functional 60 Day Tryout at www.typestyler.com
Don't install Parallels to play poker online! Poker Mac will show you how
to download and install a native Mac poker application such as Full
Tilt Poker Mac.
Laptop Hardware Provided by TechRestore - Overnight Mac & iPod Repairs.
Compare products like desktop computers, apple laptops, apple macs, and LCD Monitors side by side! All the information and reviews to make the best purchasing decision for new mobile phones, sat nav systems, or MP3 players. The Ciao online shopping community makes searching products easy for you.
Mac Musings
PayPal Insecurity
Dan Knight - 2002.08.08 - Tip Jar
They also need to beef up security.
As I discovered on Tuesday, someone using the email address lilbb@spils.com (a free email service) managed to hack my password and add his/her email address at about 3:40 p.m. Central Time on Sunday. This individual then removed my email addresses, blocking me from access to my business account.
Fortunately, I usually have less than $100 in my PayPal account. I try to keep enough there to cover some hosting and access fees that I pay with my PayPal debit card.
Unfortunately, that PayPal account is also linked to my business checking account. On the up side, this means I can send funds via PayPal even if I don't have enough in my PayPal account. PayPal will simply do an electronic funds transfer from my Fifth Third bank account, and then forward the funds to the recipient.
So all it takes for someone to clear out my business account is guessing my password, adding their email address, and then removing my access to the account before I have a chance to respond. And that's exactly what happened.
lilbb then proceeded to clean me out with a $418 and a $1,026 transaction. Another $1,844.70 was attempted, but those funds didn't clear due to insufficient funds.
We've sent out a warning to others, suggesting anyone who uses PayPal reconsider their current password. We thought ours was good, since it wasn't a dictionary word, but that wasn't enough. We recommend using upper case and lower case letters along with numbers and punctuation - all allowed by PayPal - to create a more secure password.
We've also sent email to spils.com about the hack, but we have no idea how helpful they may be. We're also enlisting the assistance of Web savvy users, asking them to check their site logs - if their logs track user IDs, they may be able to help us track down lilbb.
We sure hope so, and also that the money can be recovered. We've just lost the funds needed to pay our bills.
Where Next?
We're going to think long and hard about using PayPal in the future. The system simply isn't secure enough if all it takes is hacking a password to rob someone blind.
If we do decide to continue using PayPal, we will be smart about it and set up a completely separate checking account linked to our PayPal account. That way if someone should hack our account again, our potential loss could be greatly reduced by keeping that account balance very, very low.
We strongly urge the folks at PayPal to beef up security. It's very convenient to be able to add more email addresses to an account with a single password, but it also creates the potential for situations like this.
PayPal needs to provide more security, such as requiring use of a code emailed to an address already on the account before allowing use of any new email address. That simple step would have eliminated our problem.
PayPal should also flag suspicious behavior, such as a lightly used account suddenly being used for several transactions totaling over $3,300. Credit card companies do that kind of thing; PayPal should also.
That said, PayPal has been very helpful in locking the account. I've already filed affidavits electronically about this mess. The only disappointment is that PayPal's investigators have yet to call me back. It's been two days, I'm out $1,500 or so, and they need to do better on callbacks.
Do I recommend against using PayPal? No, or at least not yet. The service is very convenient. Users need to be much more aware of the pitfalls. Make sure your password is obscure, and don't keep much money in the bank account linked to your PayPal account.
Dan Knight has been using Macs since 1986, sold Macs for several years, supported them for many more years, and has been publishing Low End Mac since April 1997. If you find Dan's articles helpful, please consider making a donation to his tip jar.
Recent Mac Musings
- Why Is Apple Ditching Netbook Support Now?, 11.16. Mac OS X 10.6.2 deliberately removes Atom support. What does Apple have to gain by doing so?
- IDE Is Dead; Long Live SATA!, 11.04. SATA has displaced parallel ATA. While IDE hard drives haven't disappeared, the best deals are in SATA hard drives.
- The Future of Personal Computing: Personal Servers and Low Cost Portables, 11.02. With WiFi everywhere, virtual network computing, and remote access, your iPhone, iTouch, iTablet, or MacBook Air becomes a gateway to your home or office computer.
- The Late 2009 Mac mini Value Equation, 10.21. We called the Mac mini 'the best value in desktop Macs' two months ago, and the refreshed Mac mini only improves that value.
- More in the Mac Musings index.
Links for the Day
- Mac of the Day: 17" MacBook Pro Core Duo, Apr. 2006 - The top-end MacBook Pro includes a 1680 x 1050, 2.16 GHz Core Duo CPU, and supports Apple 30" Cinema Display.
- Group of the Day: G4 List is for those using Power Mac G4s or G4 upgrades.
- Support Low End Mac
Recent Content on Low End Mac
- Pismo WiFi Networking Issue Finally Solved?, Charles W. Moore, Miscellaneous Ramblings, 11.24. It turns out the problems wasn't the Pismo, the Buffalo WiFi card, or Mac OS X 10.4. It was the Wireless G router - Linksys to the rescue!
- Mini VGA to S-video Adapter a No Go for eMacs, Dan Bashur, Apple, Tech, and Gaming, 11.24. You might think that Apple's Mini VGA S-video adapter is a cheap way to connect your eMac or G4 iMac to your TV. You would be wrong.
- Google Calendar with iPhone or iTouch Is Great for Scheduling, John Hatchett, Recycled Computing, 11.24. Web-based Google Calendar allows access and updates from any computing platform, including Mac, Windows, Linux, and iPhone OS.
- Why Spaces is My Favorite Leopard (and Snow Leopard) Feature, Charles W. Moore, Miscellaneous Ramblings, 11.23. Spaces, a feature introduced with OS X 10.5, is like having several monitors on your Mac without the cost and space of using multiple displays.
- i5 iMac Benchmarked, Mac mini 'Shouldn't Be Overlooked', Twitter Client for Classic Mac OS, and More, Mac News Review, 11.20. Also why Apple leaves the low end to others, 10.6.2 fixes video playback problem in 27" iMac, 3D Leopard and Snow Leopard performance, and more.
- Apple's Tablet an End Run Beyond Netbooks, Frank Fox, Stop the Noiz, 11.20. Whatever Apple has planned will leverage existing technologies while going beyond what its competitors can offer.
- Apple #4 in Reliability, Apple Tablet a Gadget for All?, HP's i7 Notebook Outdoes Mac Rivals, and More, The 'Book Review, 11.20. Also Flash 10.1 improves video on Hackintosh netbooks, thin-and-light notebooks impress, Windows XP finally on the way out, and more.
- NASA Chemical Sensor for iPhone, Smartphone Death Match, iPhone Earrings, and More, Ian R Campbell, 11.20. Also mobile phone dangers, new apps, GPS solution for iPod touch, new iPod and iPhone cases, and more.
- More links in our archive.
Recent Deals
- Best iPod nano Deals, 11.25. Refurb 8 GB 4G nano, $99; new, $126; refurb 16 GB, $129; new, $150; new 5G/8 GB, $134.60; 16 GB, $161.12. Shipping included.
- Best Classic Mac OS Deals, 11.25. System 6.0.8 floppies, $10; 7.1, $12; 7.5, $20; 7.6 $13; 8.1, $11; 8.5, $20; 8.6, $90; 9.0, $20; 9.2.2, $30.
- Best 15" PowerBook G4 Deals, 11.25. Used 1 GHz Combo, $400; 1.5 GHz SuperDrive, $449; 1.67 GHz hi-res, $600.
- Best G4 iMac Deals, 11.24. Used 15" 700 MHz CD-RW, $150; 800 MHz Combo, $229; 1 GHz, $289; 17" 1.25 GHz, $200; 20" 1.25 GHz, $509.
- Best MacBook Air Deals, 11.24. Used from $899; refurb from $1,099; new 1.6 GHz/120 HD, $1,150 after rebate; 1.8/64 SSD, $1,150 a/r; 1.86/128 SSD, $1,350 a/r; 2.13/128 SSD, $1,694 a/r.
- Best PowerBook G3 Deals, 11.24. Used 233 MHz WallStreet, $75; 266 MHz, $160; 400 MHz Lombard, $199; 400 MHz Pismo, $289; 500 MHz, $350.
- Best 12" PowerBook G4 Deals, 11.23. Used 867 MHz SuperDrive, $348; 1 GHz Combo, $379; SD, $519; 1.33 GHz, $529; 1.5 GHz Combo, $549; SuperDrive, $609.
- Best Mac Pro Deals, 11.23. Used 2.66 GHz 4-core, $1,300; 3.0 4-core. $1,919; refurb 2.66 4-core Nehalem, $2,149; 2.93, $2,549; 2.93 8-core, $4,999; new 2.26 8-core, $2,290.
- Best Time Capsule and AirPort Deals, 11.23. Used 802.11g AirPort Extreme, $49; 500 GB Time Capsule, $150; new, $190; 1 TB dual-band, $280; 2 TB, $469; 802.11n AirPort Extreme, $170.
- More deals in our archive.
About LEM | Support | Usage | Privacy | Contacts
Navigation
Used Mac Dealers
Apple History
Video Cards
Email Lists
Favorite Sites
MacSurfer
MacMinute
MacInTouch
MyAppleMenu
InfoMac
Macs Only!
The Mac Observer
Accelerate Your Mac
RetroMacCast
PB Central
MacWindows
The Vintage Mac
Museum
DealMac
DealsOnTheWeb
Mac2Sell
ramseeker
Mac Driver Museum
JAG's House
System
6 Heaven
System 7 Today
the pickle's Low-End
Mac FAQ
Abandonware
Petition
Mac vs. PC Info
Affiliates
The Apple
Store
Mac
Connection
B&H
MacMall
TechRestore
ExperCom
Crucial
Memory
batteries.com
Advertise
MacMinute
MacInTouch
MyAppleMenu
InfoMac
Macs Only!
The Mac Observer
Accelerate Your Mac
RetroMacCast
PB Central
MacWindows
The Vintage Mac
Museum
DealMac
DealsOnTheWeb
Mac2Sell
ramseeker
Mac Driver Museum
JAG's House
System 6 Heaven
System 7 Today
the pickle's Low-End
Mac FAQ
Abandonware
Petition
Mac vs. PC Info
Mac Connection
B&H
MacMall
TechRestore
ExperCom
Crucial Memory
batteries.com
