[TCLUG] OT: Secure web without https?

Fri Jan 5 17:02:43 CST 2001

>I bet many vendor web sites don't bother even encrypting your CC info in
>their databases... 

Awhile back, I was trying to help with a really sweet PHP shopping cart
(http://www.theexchangeproject.org).  One of the fields in the database at
the time stored the credit card number unencrypted.  I don't know if they've
changed it since, but I know if I had started using that shopping cart,
there's no way in hell I would have stored card numbers.  Plus, no one would
give me a merchant account anyway since I have crappy credit.  :(

I'll probably be setting up http://www.peltiercoolers.com sometime within
the next couple of months and just end up using a Paypal business account.  

Jay

> -----Original Message-----
> From: tim [mailto:tim at tneu.visi.com]
> Sent: Friday, January 05, 2001 10:50 AM
> To: 'tclug-list at mn-linux.org'
> Subject: RE: [TCLUG] OT: Secure web without https?
> 
> 
> On Fri, 5 Jan 2001, Austad, Jay wrote:
> 
> > You might wanna yell at them for being stupid too.  :)
> 
> That's nuthin. 
> 
> How about web sites which have secure (https) web pages, but 
> then email
> back to you your order confirmation INCLUDING YOUR ENTIRE CREDIT CARD
> NUMBER in plain text. (heck, usually in all upper case too!  ;-)
> 
> The problem is there is no standard (other than common sense) for what
> happens to your information AFTER the information is 
> retreived from the
> web page.   There is no guarentee that the company will handle it
> responsibly. 
> 
> I bet many vendor web sites don't bother even encrypting your 
> CC info in
> their databases... 
> 
> -- 
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> =-=-=-=-=-=-=-
> What the president of the Motion Picture Association of 
> America says about 
> taking away your constitutional rights:
> 
> "I'm rather jubilant now. What Judge Kaplan did was blow away 
> every one of 
> these brittle and fragile rebuttals. He threw out fair use; 
> he threw out 
> reverse engineering; he threw out linking."
> 
> - Jack Valenti, president of the Motion Picture Association 
> of America.
> 
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> =-=-=-=-=-=-=-
> ______         _ __         "If you don't have the freedom to 
> use what you
>   /           ' )  )               own - then you do not own 
> anything."
>  / o ______    /  / _  . .    No apologies to Jack Valenti or the MPAA
> / <_/ / / <   /  (_</_(_/_  -- tneu at visi.com / 
http://www.visi.com/~tneu --

_______________________________________________
tclug-list mailing list
tclug-list at mn-linux.org
https://mailman.mn-linux.org/mailman/listinfo/tclug-list