RE: credit card numbers

["Justin Shin" <zorkshin () tampabay rr com>]

carding is still very much the same as it was 10 years ago, before online shopping kicked off. basically its a ring of 
losers who dig in the trash cans, use deceptive web pages (ie fake logins for paypal, ebay, etc.), steal numbers from 
cc vendors databases, and then trade them off because they are too much of pussies to actually try to use any of them...

for example if you ever visit an irc carding room or a carding newsgroup its all the same:

Thrash1: i have 10 gazillion ccs w/cvv2 and full info, selling for $25 each
Thrash2: huh, i dont understand. how do u use these credit cards online
Thrash3: newbie, get out, go screw yourself
Thrash2: whats cvv2

Although it can be a serious problem carding remains largely the same deal as before. The best thing online vendors can 
do is to encrypt cc information as well as any accounts tied to those numbers (ie user/pass) in case another one of 
those 0day shopping cart sploits come out. Another thing they can do is to delete cc info after "x" days or just not 
store it at all ... after all, doesn't that eliminate the problem all together?

Also, sorry about the stupid vacation message. I got about 20 million emails that said something along the lines of:

> Its July, dipshit.

:)

-- Justin Shin

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html