A Revolution is the Solution
That whole exchange reminds me of the Abbott and Costello routine, 'Who's on first...?'
Good thing you know enough people to get things fixed
Haha, you're right!
Not sure why, but this blog entry was showing as having been published yesterday, even though I wrote it from scratch earlier :S
Seems like my publishing mechanism is as broken as their Live Support..
Ebay support is horrible at best. I commend your patience. When you think about it, Ebay does not care about these compromised accounts since they are not really 'losing' anything . What are they really losing if someone is using one of these stolen accounts to post an auction and collects payment, but never sends the item.
I think this shows why the people would rather look away from an incident like this rather than do something about it. Look at the grief you had to put up with to even get to someone who had no clue what they were doing.
Love the site, keep up the good work.
lolz @ that.
I'm still in awe that no one has released an XSS worm on that site yet. The auction listing pages make MySpace profile pages look as secure as Fort Knox. Gaming of the search results with hidden text via elementary CSS is fairly common but I've yet to see anything really malicious or OMGWTF worthy.
How is your head? No large lumps I hope or bandages after banging it against the brick wall that is Ebay lol
Not worth THAT much, because I'm just one guy, but if I'd come across that kind of info, I'd know just what to do.
Pass it to you.
You know, looking at how A wrote there, it reminds me of an automated response system looking for keywords...You sure it was a real person?
The responses did seem a little automatic I suspect a script was being used and he was busy looking at all the possible responses before answering that's why the repeats.
Ebay has never been the most helpful site on the net and given how many members it has I really cant see it getting much better in the future
Oh yeah, I've had the same problems. PayPal itself is a nightmare.
Here's the scenario - we discover that some third party is posting around the web pretending to be from our company and is offering high-value consumer goods for silly prices. One potential "victim" did the due diligence and contacted us about the fraud, giving us the full details of the transaction including the fraudster's PayPal account details. So far, so good.
So.. I thought I would report the problem to PayPal so they could monitor it. But you can't report it without logging into a PayPal account.. and remember, it isn't ME who is the victim.. getting a silly number and then ringing up someone useless who can't help. No amount of coaxing could get a telephone number or email address for a person who could actually help, so the problem went unreported.. even through PayPal would probably end up out of pocket in the end.
Oh well.
Seemed natural enough to me, if pretty stilted, the way most outsourced webchats go. I just realised I left out one or two lines from myself at the end which makes his / her closing passage seem very automated so I'll add that back in.
They also seem to make a lot of typos for bots, but who knows - maybe they're programed that way 
I will say though, that before I talked to the guy above, the two people before that operated in an entirely natural fashion with regards how they
1) realised they couldn't help me any further, and then
2) initiated the process of handing me over to someone else.
Strikes me as odd that the bots would handle what should be rather strange procedures for them to execute in a natural fashion realistically, but continually goof up the more basic stuff.
To be honest the live chat text flows the same way the outsourced paypal phone people talk - my suspicion is call centre with a livechat team stuffed in the corner ftw.
Or should that be ftl...
"Customer support" these days is just about making sure you can't contact anyone who can do anything more complicated than a password reset, since those people have Very Important things to do and it wouldn't do for someone to be able to distract them from their Very Important Tasks, would it?
It's a mad, mad world.
Indeed it is 
And of course if these chat people ARE bots, that just makes the whole situation with regards reporting stolen data even more broken because nobody is likely going to do anything with something reported, ever.
/ edit - apologies Steve, I deleted your post while trying to hose spam from another blog entry in Haloscan. Doh...
Had the same problem on MySpace when I tracked a phish link back and found a full net. Sorted the emails, deleted the duplicates and passwords, and tried to find an Admin there who would care.
Failed.
Repeatedly.
I finally just posted the list across their forums and as a "Please Repost" bulletin, notifying everyone that if their username was in that list, they needed to change their pwd asap.
This is the biggest problem of Web 2-Doh. You can run a website with a huge userbase with a couple of decent servers on a dedicated OC and a handful of admins. However, you cannot SERVICE those users without a support infrastructure similar to IRL companies (brick and mortar). As companies like eBay grew to gargantuan size, they tried to use technology, in the form of auto-responding emails and live-chats with bot assisted response mechanisms, and overall, those methods have completely failed.
That's exactly why these sites are playgrounds for script kiddies. How many people have gamed MySpace, and of that number, how many have suffered a consequence greater than account banning?
It's too easy to phish, with too low odds of getting caught, and little if any consequences. Combine that with a lack of any effective method of interaction with site Admins, and you've guaranteed a free ride for every /b/tard with a hackpack.
Commenting by HaloScan
