Hawaiian has ( maybe not anymore after the email) some junior Fo s doing the exact same. Pick up a trip instantaneously and post it on the trade board a minute later

 

Blue shirt passing through, we have a lot of these same flica bot issues but the punishment has usually been 6mo loss of Flica access. Which is worth the risk for these guys running bots. Where many of them ultimately get in trouble is when the bot picks up a trip while the pilot is already in the air.

Hope they fry these guys that get caught red handed.

 

Alaska will revoke their access permanently... by firing them.

Definitely if they get caught, warned and do it again.

 

I think they’ve already been caught and warned. Hence the email.

Now they are in FAFO territory…

 

We have a major issue with people at frontier, and the company isn't doing anything about it. Extremely frustrating.

 

The curious thing is that people know what they are doing is wrong, they conceal and lie about it. If caught and brought to light there is no defense. Whatever lawyer defense playbook they’ve schemed, they know it was wrong and act fecklessly. The punishment has to be something. Regardless, I just want it to stop.

 

while I am not a computer scientist, there is a difference between what these Bots do and what a password manager and browser do. Password managers only store the password, but 2 factor authentication helps maintain security. Browsers only see and record (sometimes) when you are logged on.

These Bots are always logged on. Leaving a door open constantly.

 

The problem with ANY third party app is that you (or the company) don't know for sure what the underlying code is doing. Whether or not you're logged on has nothing to do with it, most such apps run in the background at all times anyway. To a software engineer, there's no inherent difference between a bot, password manager, or any other app... they all have a bunch of code which does stuff. Unless it's open source, the users have no insight whatsoever into the code details.

A perfectly legit app could have a code error which creates an exploit, that neither you nor the app vendor know about until it's too late. That includes password managers...

https://www.cloaked.com/post/the-top...issues-to-date



Some apparently "legit" apps have been known to have deliberate, covert functionality for various non-benign, obscure purposes.

https://www.theverge.com/24343913/pa...affiliate-fees


If your credentials got used to hack company systems, that would not reflect well on you. I suspect they'd let it slide if you were using a password manager, since those are actually intended to increase your security by allowing strong passwords that you wouldn't otherwise remember. Especially the password managers built into browsers. But technically, they could throw the book at you, per company policy.

 

that’s what 2 factor authentication is for. To prevent using your credentials to login. A bot stays logged in.

 

MFA can be circumvented, it's done about every 30 seconds, somewhere.

Previously, social engineering was the go-to work-around (ie convincing the victim to give you the code from the text) but there are now other technical means around MFA which are becoming more common, which don't require active engagement with the victim.