There are some emails you just don’t expect. The ones that surprise you. The ones that make your heart pound in your chest and your hands sweat with anticipation.
The day before yesterday, I received exactly such an email. With a message that a new course had been assigned to me in the Security Bez Tabu Academy. But what? How? Where? What course? Why?? So many questions, zero answers. After being relegated from the list of students, such an email was truly a surprise for me. Because I don’t receive any newsletters or other information to this email address.
The invitation was in English, which thankfully I know 🙂 There’s no information anywhere about the course name, whether it’s paid or not; at first glance, it looks like some kind of scam or phishing attempt. So, I open the link in an isolated environment
Excitedly, I click the blue Start Course button. After all, blue is the color of hope, a good omen.
A login page appears in Polish. Oh, wait… Forgot Password? that’s English, isn’t it?
I can figure out the course name from the URL – Podstawy CTI (CTI Fundamentals). Hmm, now it’s getting interesting.
But first, I check the Store Rules (a link to it is at the bottom of the page). And I already know it’s the same regulations as before, which are missing, among other things, §7 and §8, and still contain an entry that training fees include 23% VAT, even though the entity is not listed in the VAT register. So, nothing new, nothing has changed.
Okay, time to try logging in. I enter the password I used before, but it was changed when I was kicked out of the course.
The password doesn’t work. I click the Nie pamiętasz hasła? (Forgot password?) link. I don’t remember it, or rather, Wojciech Ciemski changed it.
It redirects me to a page with the URL: lost password.
And that’s where my access ends for now, because the Rejestracja (Registration) link leads to https://securitybeztabu.pl/akademia/moje-konto/lost-password/#. So, we have a classic loop.
After one day, I was able to reset my password, and I also received an email assigning me to another course, the OWASP one, but when I tried to log in, it turned out I was “permanently blocked“. Nice, nice, awesome. Whatever this error means for the Academy owner, for me it means one thing: I can’t log in.
It reminds me of all those migrations in companies. We supposedly have a new, great environment, but the old problems remain. And all those “creators” who believe there’s no such thing as constructive and genuine criticism, only hate. Training is for EVERYONE, but…
In summary, I’m getting emails informing me I have access to courses, two of them even! But I can’t log in because I’m blocked. Adding to this the fact that a few days ago the owner of Security Bez Tabu wrote that he had lost access to the mailing list, I’m left wondering how Security Bez Tabu manages these lists and personal data. If I’m blocked, why am I still getting these emails? Who is managing my data now? Why send an email to someone who’s on the naughty list??
Is anyone else on such a list?
