Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsOff topicDriver fail on toll website
nate

6473 posts

Uber Geek
+1 received by user: 458

Retired Mod
Trusted
Lifetime subscriber

#29481 8-Jan-2009 17:09
Send private message

Stuff: Mr Godman said he took them at their word and completed his online application using his credit card.

"I will be taking them to task should I notice any unlawful use of my credit card."

 

No padlock at the bottom of the screen = insecure, not matter what the website says.  Mr Godman should've seen that there was no padlock and not submitted his credit card details.

 

I have a secure, unhackable website for entering credit card details - I should send it to him...

Create new topic
zocster
1994 posts

Uber Geek
+1 received by user: 105

ID Verified
Trusted
Lifetime subscriber

  #188257 8-Jan-2009 17:40
Send private message

lol, I know exactly what you mean, hmm a bit OT but I like the LTNZ website :)



sbiddle
30853 posts

Uber Geek
+1 received by user: 9996

Retired Mod
Trusted
Biddle Corp
Lifetime subscriber

  #188258 8-Jan-2009 17:43
Send private message

From a security perspective it's not great. In reality though the risk of that data being intercepted is very minimal.

Where is your data going to be captured over a non SSL connection? An ISP who decided to capture every packet and look for credit card numbers?

The reality is the greatest risk of fraud comes from having a keylogger trojan on your PC which throws SSL security out the door. Even if accessing a secure site somebody can scan through the logs and know that when they come across a 16 digit number that will typically have a name and expiry date close by that they're stumbled onto your credit card details. That's dead easy.

Given the choice of giving my credit card details over a non SSL connection on a guaranteed spyware free machine or giving them on a spyware infested machine with SSL I'd take the non spyware option any day.

nate

6473 posts

Uber Geek
+1 received by user: 458

Retired Mod
Trusted
Lifetime subscriber

  #188260 8-Jan-2009 17:49
Send private message

How about a lax administrator password on the box hosting that website? Instead of just capturing one person's credit card details, you could download the whole database.

BUT the site has SSL so all is safe in the world, since SSL also secures the database your card details are stored in.

Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright