Low End Mac Reader Specials
TypeStyler For Mac OS X is Now Shipping! Download The Free Fully Functional 60 Day Tryout at www.typestyler.com
OWC: We Make DIY Upgrading Easy! Maximize your Apple MacBook / MacBook Pro. Up to 8.0GB Memory, up to 1.0TB HD & More. Easy Guide + Free, Detailed Installation Videos. Click here
Don't install Parallels to play poker online! Poker Mac will show you how
to download and install a native Mac poker application such as Full
Tilt Poker Mac.
Laptop Hardware Provided by TechRestore - Overnight Mac & iPod Repairs.
Compare products like desktop computers, apple laptops, apple macs, and LCD Monitors side by side! All the information and reviews to make the best purchasing decision for new mobile phones, sat nav systems, or MP3 players. The Ciao online shopping community makes searching products easy for you.
Mac Musings
PayPal Insecurity
Dan Knight - 2002.08.08 - Tip Jar
They also need to beef up security.
As I discovered on Tuesday, someone using the email address lilbb@spils.com (a free email service) managed to hack my password and add his/her email address at about 3:40 p.m. Central Time on Sunday. This individual then removed my email addresses, blocking me from access to my business account.
Fortunately, I usually have less than $100 in my PayPal account. I try to keep enough there to cover some hosting and access fees that I pay with my PayPal debit card.
Unfortunately, that PayPal account is also linked to my business checking account. On the up side, this means I can send funds via PayPal even if I don't have enough in my PayPal account. PayPal will simply do an electronic funds transfer from my Fifth Third bank account, and then forward the funds to the recipient.
So all it takes for someone to clear out my business account is guessing my password, adding their email address, and then removing my access to the account before I have a chance to respond. And that's exactly what happened.
lilbb then proceeded to clean me out with a $418 and a $1,026 transaction. Another $1,844.70 was attempted, but those funds didn't clear due to insufficient funds.
We've sent out a warning to others, suggesting anyone who uses PayPal reconsider their current password. We thought ours was good, since it wasn't a dictionary word, but that wasn't enough. We recommend using upper case and lower case letters along with numbers and punctuation - all allowed by PayPal - to create a more secure password.
We've also sent email to spils.com about the hack, but we have no idea how helpful they may be. We're also enlisting the assistance of Web savvy users, asking them to check their site logs - if their logs track user IDs, they may be able to help us track down lilbb.
We sure hope so, and also that the money can be recovered. We've just lost the funds needed to pay our bills.
Where Next?
We're going to think long and hard about using PayPal in the future. The system simply isn't secure enough if all it takes is hacking a password to rob someone blind.
If we do decide to continue using PayPal, we will be smart about it and set up a completely separate checking account linked to our PayPal account. That way if someone should hack our account again, our potential loss could be greatly reduced by keeping that account balance very, very low.
We strongly urge the folks at PayPal to beef up security. It's very convenient to be able to add more email addresses to an account with a single password, but it also creates the potential for situations like this.
PayPal needs to provide more security, such as requiring use of a code emailed to an address already on the account before allowing use of any new email address. That simple step would have eliminated our problem.
PayPal should also flag suspicious behavior, such as a lightly used account suddenly being used for several transactions totaling over $3,300. Credit card companies do that kind of thing; PayPal should also.
That said, PayPal has been very helpful in locking the account. I've already filed affidavits electronically about this mess. The only disappointment is that PayPal's investigators have yet to call me back. It's been two days, I'm out $1,500 or so, and they need to do better on callbacks.
Do I recommend against using PayPal? No, or at least not yet. The service is very convenient. Users need to be much more aware of the pitfalls. Make sure your password is obscure, and don't keep much money in the bank account linked to your PayPal account.
Dan Knight has been using Macs since 1986, sold Macs for several years, supported them for many more years, and has been publishing Low End Mac since April 1997. If you find Dan's articles helpful, please consider making a donation to his tip jar.
Recent Mac Musings
- Why Is Apple Ditching Netbook Support Now?, 11.16. Mac OS X 10.6.2 deliberately removes Atom support. What does Apple have to gain by doing so?
- IDE Is Dead; Long Live SATA!, 11.04. SATA has displaced parallel ATA. While IDE hard drives haven't disappeared, the best deals are in SATA hard drives.
- The Future of Personal Computing: Personal Servers and Low Cost Portables, 11.02. With WiFi everywhere, virtual network computing, and remote access, your iPhone, iTouch, iTablet, or MacBook Air becomes a gateway to your home or office computer.
- The Late 2009 Mac mini Value Equation, 10.21. We called the Mac mini 'the best value in desktop Macs' two months ago, and the refreshed Mac mini only improves that value.
- More in the Mac Musings index.
Links for the Day
- Mac of the Day: 15" MacBook Pro Core Duo, Jan. 2006 - The first Intel-based MacBook launched at 1.83-2.0 GHz, had several teething problems.
- Group of the Day: System 6 is the email list for those who choose System 6.
- November 22 in LEM history: 99: Gradebooks - 00: Leveraging Apple design - Quadra 630 to Power Mac 5200 - 02: Laptop or desktop? - 04: SuperDuper: Quick, easy, efficient backup - Cross-platform programming for the rest of us - 05: Mac video surveillance on the cheap - Which OS is best for my vintage Mac? - No 'best browser' for the Mac - Sorry state of browsers for classic Macs - 06: Core 2 means cooler running 'Books - 2.0 GHz G4 upgrade
- Support Low End Mac
Recent Content on Low End Mac
- Apple's Tablet an End Run Beyond Netbooks, Frank Fox, Stop the Noiz, 11.20. Whatever Apple has planned will leverage existing technologies while going beyond what its competitors can offer.
- i5 iMac Benchmarked, Mac mini 'Shouldn't Be Overlooked', Twitter Client for Classic Mac OS, and More, Mac News Review, 11.20. Also why Apple leaves the low end to others, 10.6.2 fixes video playback problem in 27" iMac, 3D Leopard and Snow Leopard performance, and more.
- NASA Chemical Sensor for iPhone, Smartphone Death Match, iPhone Earrings, and More, Ian R Campbell, 11.20. Also mobile phone dangers, new apps, GPS solution for iPod touch, new iPod and iPhone cases, and more.
- Apple #4 in Reliability, Apple Tablet a Gadget for All?, HP's i7 Notebook Outdoes Mac Rivals, and More, The 'Book Review, 11.20. Also Flash 10.1 improves video on Hackintosh netbooks, thin-and-light notebooks impress, Windows XP finally on the way out, and more.
- Replacing the Hard Drive in a Clamshell iBook, John Hatchett, Recycled Computing, 11.19. Yes, it is one of the most difficult Apple notebooks to disassemble and reassemble, but a 10 GB hard drive just will not do.
- IBM Model F: A Great Old Keyboard with an Outdated Layout, Tommy Thomas, Welcome to Macintosh, 11.19. Although it used a different technology than the revered IBM Model M keyboard, the Model F was a great keyboard in its own right.
- Soft Touch Keyboards, Wireless Mouse Options, Loving SeaMonkey 2, and More, Charles W. Moore, Miscellaneous Ramblings, 11.18. Also the future of browsing with PowerPC Macs and the multiple mouse input bug introduced with OS X 10.5.8.
- More links in our archive.
Recent Deals
- Best eMac Deals, 11.18. Used 1 GHz Combo, $100; SuperDrive, $269; 1.25 GHz Combo, $119; SD, $319; 1.42 GHz Combo, $289; SD, $498.
- Best Mac OS X 10.6 and Mac Box Set Deals, 11.18. "Snow Leopard", single user, $25; 5 users, $45; Mac Box Set, single user, $139; 5 users, $180; Server, $414. Shipping included.
- Best Xserve Deals, 11.18. Used 1 GHz dual G4, $649; 2.3 dual G5, $795; 3.0 4-core Xeon, $1,899; refurb 2.26 4-core, $2,499; new, $2,888; refurb 8-core, $2,999; new, $3,449; more.
- Best 15" MacBook Pro Deals, 11.17. Used 1.83 GHz, $750; 2.16, $800; 2.33, $900; refurb 2.4, $1,299; 2.53, $1,449; 2.66, $1,699; 2.8, $1,899; new 2.53, $1,579; 2.66, $1,799; more.
- Best Power Mac G4 and AGP Video Card Deals, 11.17. Used 400 MHz, $50; 933 MHz, $80; 500 dual, $60; 867 dual, $90; 1 GHz dual, $150; 1.25 GHz dual, $225; 1.42 GHz, $499.
- Best Mac OS X 10.5 Deals, 11.17. "Leopard" upgrade, $80; single user license, $135; 5 users, $173; Mac Box Set, 5 users, $230; Server, 10 users, $340; unlimited, $850. Shipping included.
- Best Mac mini Deals, 11.16. Used 1.42 GHz G4 mini, $379; 1.66 GHz Core Solo, $419; 2.0 Core 2, $450; new 2.26 GHz nVidia, $580; 2.53 GHz, $769; Server, $990.
- Best iBook G4 Deals, 11.16. Used 12" 1.07 GHz Combo, $210; 1.33 GHz, $298; 14" 1.33 GHz, $398; 1.42 GHz, $479; SuperDrive, $498.
- Best iPod shuffle Deals, 11.16. Used 1 GB, $35; 4 GB, $65; refurb 1 GB, $39; 2 GB, $59; new 2 GB, $55, 4 GB, $75. New and refurb prices include shipping.
- More deals in our archive.
About LEM | Support | Usage | Privacy | Contacts
Navigation
Used Mac Dealers
Apple History
Video Cards
Email Lists
Favorite Sites
MacSurfer
MacMinute
MacInTouch
MyAppleMenu
InfoMac
Macs Only!
The Mac Observer
Accelerate Your Mac
RetroMacCast
PB Central
MacWindows
The Vintage Mac
Museum
DealMac
DealsOnTheWeb
Mac2Sell
ramseeker
Mac Driver Museum
JAG's House
System
6 Heaven
System 7 Today
the pickle's Low-End
Mac FAQ
Abandonware
Petition
Mac vs. PC Info
Affiliates
The Apple
Store
Mac
Connection
B&H
MacMall
TechRestore
ExperCom
Crucial
Memory
batteries.com
Advertise
MacMinute
MacInTouch
MyAppleMenu
InfoMac
Macs Only!
The Mac Observer
Accelerate Your Mac
RetroMacCast
PB Central
MacWindows
The Vintage Mac
Museum
DealMac
DealsOnTheWeb
Mac2Sell
ramseeker
Mac Driver Museum
JAG's House
System 6 Heaven
System 7 Today
the pickle's Low-End
Mac FAQ
Abandonware
Petition
Mac vs. PC Info
Mac Connection
B&H
MacMall
TechRestore
ExperCom
Crucial Memory
batteries.com
