Vodafone fail

Vodafone need to disable logging to the page. They're leaking information (hostname, port, that they're using weblogic). I don't know if that's exploitable... but even if it isn't yet, it might be sometime.

I was going to add credit so my BestMates rate wouldn't expire. Maybe I'll just let it expire if they won't let me pay for it. This has happened before. I also pay for Sol's and her sister's prepay accounts and I had a similar problem with trying to pay once before.

Huh, I gave up on posting to their forums since it requires logging in. And when I tried to "contact by email", after I typed in the message (just a link to her and some short text suggesting they turn off logging to the page) and gave them my email address, the next page was a registration page. I'm already registered. I don't want to register again. I don't want to login. Damn. I think it might be time to switch to 2-degrees. And if I do, we'll switch as a family.

The other time this happened (weblogic errors on the top-up page) I called the 777 support number and was confronted with a call tree. I don't like call trees. When I pressed zero though, I was informed that talking to an operator would be pay-per-minute. I'm even more averse to paying for support. So I cancelled the call immediately.

Aha, I could probably click on the "Top-up online now" link and prepay with no problems. But that requires registering the credit card with them. I don't want to do that either. I'm a Luddite in many ways. I want to type in the card info everytime. It probably doesn't help security any, but I feel better about Vodafone (or any other company that uses my credit card) having one less place it stores my credit card info. It's bad enough that they actually take the credit card information instead of having the credit card company and not storing the credit card information locally.

top-up does finally succeed a few hours later. But this isn't about eventually topping-up (if I forget to try on the same day, BestMates *will* expire and then I might cancel it because I don't really need it anymore), it's about that logging error. Don't log to the browser in production pages.