That one time I didn't beta-test two Mile2 exams

2022-01-22 16:00:00

Mile2 are a training company, aiming to provide vendor-neutral InfoSec training and certification exams. I've heard their name a few times, but have never taken any of their trainings. Reddit and TechExams also have little experiences posted about them.

That's why I was very curious and interested to join Mile2's beta program for their C)ISSO and C)PTE exams. These new versions are ANSI accredited (meaning they will require CPE points every three years) and have been renewed in a few other ways. Sounds like a great opportunity to give them a shot. Besides, taking beta exams is a hobby of mine.

Requesting access was a solid process, as you needed to submit a bit of a resumé to prove you'd be a valued reviewer/tester. I was approved for the program pretty swiftly, with clear instructions from their marketing team. 

I reported back to the team, with a few doubts about the sign-up process.

• Their Wordpress backend already sent me a proper password setup email. So it was a bit odd that their team had set me up with a weak, default password which looked like it was used for every single beta tester. 
• Their cookie warning (because of GDPR regulations) also had an easily overlooked link, in small text, which said "Do not sell my personal information". This means that students need to opt-out from their info being sold.
• Their login system allows the enumeration of valid usernames, showing "Unknown email address" when trying a non-existent account.

Half an hour later my access was revoked and I was ejected from the beta program, the team citing my "obvious distrust of their organization". Oh well.

kilala.nl tags: studies, work,

View or add comments (curr. 0)