Feeds

'I don't understand why they feel like they own the word CANDY'

Plus: 'There was my user ID and password, in plain text, along with everyone else's'

Top 5 reasons to deploy VMware with Tegile

Quotw This was the week when remote access app LogMeIn pulled its free version, uniting freeboards in a resounding cry of "Hell no! We don't pay for stuff on the internet!"

The app may not have had quite the poor reception to its announcement of going from free to not-free if it hadn't a) been providing its service gratis for TEN YEARS and b) hadn't given folks almost no notice about the change. One Reg reader moaned:

Okay, so it's generous of them to offer 50 percent off a subscription for controlling two of the eight or so PCs I have previously shepherded, and the tools are great, but I really don't appreciate being given less than 24 hours notice. The only real choice I have is to hear the click of the loaded revolver being held to my cranium and pony up for a year's subscription for the two that really matter, in order to have time to come up with another approach that I can afford.

Now I know this could come across as 'freetard whinges as profit-making entity takes away his free toys' - I prefer to think of it as 'hopelessly addicted cracktard's free supply dries up as dealer hits him for national debt of a small Eastern European republic to pay for next fix'. Nice one, LogMeIn. You could have just asked nicely for a reasonable amount of money for a domestic user.

While on Twitter, folks were equally annoyed about the short notice. One said:

So logmein free is no more! Got an email today saying I need to pay from today! As in no days notice!

And another told the firm:

@LogMeIn because of the way you have handled the termination of your 'free' product, you will *never* get my custom.

This was also the week when telcos KC and Plusnet were outed as less-than-secure for customers' personal data. First, a customer of Hull-based firm KC let The Reg know that when one of its engineers popped round to plug him in, he inadvertently showed the customer a spreadsheet with telephone numbers, user IDs and unencrypted passwords for all subscribers.

Chris Hill explained:

He used a laptop to connect to the router and as he came to the user ID and password for my connection he opened a spreadsheet and looked my phone number up in it. There was my user ID and password, in plain text, along with everyone else's. He tried to shield it from me when he realised I was looking at the list.

I asked him if he had my password with him, he said 'yes - it makes our job much easier', then changed the subject. I said that I wasn't happy that our passwords are not encrypted and that I realised it wasn't his fault.

He didn't reply.

Hill said the same username and password combos were used to access the Karoo email service and there was no advice to change the password handed out by KC. The company told The Reg:

The security of our customers’ information is of primary importance to us and we are aware of and take very seriously our obligations under the Data Protection Act. We investigate any alleged data security incidents promptly and thoroughly, and we act quickly to make any improvements such investigations identify.

I can assure you that all of our laptops are encrypted, password-protected and fitted with tracking technology and the facility to remotely wipe data.

Yorkshire's Plusnet, owned by BT, was in a similar situation when an anonymous tipster told The Reg that the company was transmitting personal details over an unencrypted web page. The company was asking potential subscribers to fill in a form online that could be seen by other people while in transit once submitted. The source, who reported the problem to Plusnet, said:

I was just shocked by the way the sales rep brushed off my reporting of this during the contract setup (after discovering the vulnerability I used the phone instead).

She assured me that the security team would deal with it right away. In my opinion, over two weeks is more than enough time to sort this out.

Also, factor in the point that (as many new customers ordering an initial broadband setup are likely to do) I was using an open Wi-Fi hotspot to visit their site!

Another source said:

Plusnet ... store user passwords in unencrypted form, as I learnt when considering opening an account with them last summer [yes, six months ago]. When I told the 'tech' person I was talking to that many of the credentials could be used to access users' accounts with third party services, he replied that that was impossible. Though he didn't say why. I got broadband from someone else in the end.

The company said:

All Plusnet customer passwords are stored with full encryption. Our customer sign up page is currently unencrypted, and we are in the process of fixing this urgently.

In more tales of the mad, mad world of intellectual property, it appears that King, makers of insanely popular game Candy Crush Saga have trademarked the word CANDY in Europe and are on 30-day approval to do the same in the US. The company said:

We have trademarked the word 'CANDY' in the EU, as our IP is constantly being infringed and we have to enforce our rights and to protect our players from confusion.

We don't enforce against all uses of CANDY - some are legitimate and of course, we would not ask App developers who use the term legitimately to stop doing so.

But it turned out that the company had already found some use that it considered illegitimate, by a game whose full title was All Candy Casino Slots – Jewels Craze Connect: Big Blast Mania Land, but which appeared on the App store as Candy Slots. King said:

Its icon in the App store just says 'Candy Slots', focussing heavily on our trademark. We believe this App name was a calculated attempt to use other companies’ IP to enhance its own games through means such as search rankings.

But Candy Slots developer Benny Hsu insisted that he never intended to infringe on anyone's IP and said King had gone "too far" with its trademark by enforcing on an app that had only been out for a week. He told The Reg:

Candy is something we have all loved since we were children. I just wanted to create a game with a fun theme.

If anyone saw my icon or played my game, they would know that there was nothing in it that tried to copy Candy Crush. Also there are so many games in the App Store that have a candy theme. Candy Crush was not the first candy-themed game to be created and it won't be the last. So I don't understand why they feel like they own the word CANDY.

Despite the fact that Hsu thinks he could have fought off a takedown notice from the App Store, he's decided to change the name of the app to All Sweet Casino Slots and avoid the lawyer's fees. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
Win a year’s supply of chocolate (no tech knowledge required)
Over £200 worth of the good stuff up for grabs
Facebook's Zuckerberg in EBOLA VIRUS FIGHT: Billionaire battles bug
US Centers for Disease Control and Prevention contacted as site supremo coughs up
Space exploration is just so lame. NEW APPS are mankind's future
We feel obliged to point out the headline statement is total, utter cobblers
Red Bull does NOT give you wings, $13.5m lawsuit says so
Website letting consumers claim $10 cash back crashes after stampede
Down-under record: Australian gets $140k for pussy
'Tiffany' closes deal - 'it's more common to offer your wife', says agent
Internet finally ready to replace answering machine cassette tape
It's a simple message and I'm leaving out the whistles and bells
Swiss wildlife park serves up furry residents to visitors
'It's ecological' says spokesman, now how would you like your Bambi done?
The iPAD launch BEFORE it happened: SPECULATIVE GUFF ahead of actual event
Nerve-shattering run-up to the pre-planned known event
STONER SHEEP get the MUNCHIES after feasting on £4k worth of cannabis plants
Baaaaaa! Fanny's Farm's woolly flock is high, maaaaaan
FedEx helps deliver THOUSANDS of spam messages DIRECT to its Blighty customers
Don't worry Wilson, I'll do all the paddling. You just hang on
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.