10 Jun
2010
10 Jun
'10
10:56 p.m.
I'm ok with whatever system they provide if the functionality stays the same. I don't understand what they gain by making a human login and download the file.
Accountability. If versions X and Y of database got abused (breach of ToS), and only user U has downloaded such versions, gotcha. Using honeytokens on the downloaded file can be interesting to quickly connect the dots: if one of the handles on the list is comeonspammer32767@wannahaveapieceofme.com, dynamically generated to match a download session, and suddenly this account starts to get spam... Rubens