Comments on: Announcing Burner Profiles

By: Sheri Davenport

Sheri Davenport — Sun, 10 Feb 2013 16:52:01 +0000

I filled out my profile on Feb 7 to register but never got a confirming email. So last night I filled out another profile and used another email address…I didn’t get a confirmation email for the profile either. Now I’m panicked because I’m afraid I’m not pre-registered at all and won’t be able to buy a ticket on Wednesday. Help!
Sheri

Report this comment

By: Diana

Diana — Thu, 07 Feb 2013 21:35:31 +0000

Hey, just a quick question. I applied for a Low Income Ticket and was flipping crazy happy when I saw that I was accepted. Thank you guys for the opportunity. I just wanted to know if it is required of me to create a Burner Profile. I see that it’s like registering for the next ticket sale, but I’m not going to buy any more tickets! And I don’t want to mess this up either! So, should I? Thanks.

Report this comment

By: Celia

Celia — Sat, 02 Feb 2013 20:58:35 +0000

Trying to register my profile, but received message thru Firefox after trying to log back in from email I received that site not secure.. ?? Okay to continue or not. Don’t want to mess this up.

Report this comment

By: Steven

Steven — Thu, 31 Jan 2013 22:33:47 +0000

Nevermind! I found it. It’s at profiles.burningman.com in case anyone else needs it.

Report this comment

By: Steven

Steven — Thu, 31 Jan 2013 16:07:30 +0000

Soooo, where’s the link to the page that lets me create a profile? I can’t seem to find it in this article, nor is it on tickets.burningman.com (I did a search on that page and the word “profile” appears nowhere.)

Am I going crazy?

Report this comment

By: Ghost

Ghost — Sun, 27 Jan 2013 20:22:07 +0000

Well, I got registered, even got the confirmation letter. HOWEVER, everytime I use Exporer 9 I get a certificate warning, if I use Chrome no problem goes straight through. So if the Borg is monitoring, you might consider fixing it as I have a bad feeling that your security may have been screwed with, especially if you are going to require Explorer as the browser du jour on ticket day.
So, what are we to expect from the Borg, continued sloppiness which is an upgrade from last year, maybe we should be happy offer up some ding dongs in sacrafice to the ‘gods’ and kick back.

Report this comment

By: Marcus

Marcus — Thu, 24 Jan 2013 21:19:21 +0000

I’m very confused on how to make a profile for the registrations.. I see some others comments about that their profiles have been created, can someone help me or give me some info on creating a profile.. Thank you. My email is marcusmonstur here: marcusmonstur (at) gmail.com if anyone is willing to send me info…

Report this comment

By: Spock the Cow

Spock the Cow — Tue, 22 Jan 2013 21:17:38 +0000

I agree with Tripod about the security issue here.

The main registration page ( http://profiles.burningman.com/register/ ) is not encrypted. So you send your email address, real name, and your chosen user name in plaintext. The system then replies to that email address with a password, but they recommend you change your password after you log on. You then go to a login page that is SSL encrypted ( https://profiles.burningman.com/wp-login.php ). After you log in, pages are no longer encrypted. The ‘change your password’ section is on an unencrypted page. Those fields are sent as standard HTTP Post.

So if someone is intercepting my traffic (on any public wifi, for example), they will first get my email address, user name and real name in unencrypted packets. Then if I’m using an email client that doesn’t continue SSL after the login page, they’ll get my password in the response email. But even if I am using secure email, if I change my password as directed in the email then the new password will be intercepted.

I verified by capturing my own packets with a sniffer that the email address, user name, real name and new password are all sent plaintext.

Given that the Burner Profile system is intended to aggregate personal information and also somehow interface with the ticketing system, this is at least a privacy concern and possibly also a vector for ticket or credit card theft.

Report this comment

By: simon of the playa

simon of the playa — Mon, 21 Jan 2013 00:12:37 +0000

i’d like to report that early beta testing with the embedded neural probe is going great.

one small glitch involving some impulsive face-painting ala Paul Addis (RIP) at the local Macy’s cosmetic counter and subsequent arrest for lighting the hosiery department on fire, but besides that, i am very happy with the new tracking system, designed to protect us, and find us on the C-Grid, should we really freak out on mushrooms one night and spend 6 hours in the porta potty.

all in all, i like it.

Report this comment

By: Ralph Dosser

Ralph Dosser — Sun, 20 Jan 2013 15:21:03 +0000

I signed up, was told that I would be sent a confirmation email….that was two days ago. Not in my spam filter, nothing. A friend who tried to register reported the process stalling out a little later in the process.

I used the “contact us” form to report the problem, and haven’t heard back. So this thing that I’m required to do to get my ticket doesn’t appear to work, and there’s apparently nothing I can do about it?

Report this comment