Information Security News mailing list archives
Re: Hacking Demonstration Shows Dangers of E-Commerce
From: mea culpa <jericho () DIMENSIONAL COM>
Date: Sat, 6 Nov 1999 23:25:57 -0700
Reply From: "Jay D. Dyson" <jdyson () techreports jpl nasa gov> -----BEGIN PGP SIGNED MESSAGE----- On Thu, 4 Nov 1999, mea culpa wrote:
Before you get excited about doing all your Christmas shopping online, you might want to read this: Peggy Weigle is CEO of a Silicon Valley software company. She knows her way around a computer, and she's a regular Internet user. But you won't catch her doing any online shopping this holiday season. ``I probably would have done it last year,'' Weigle said. ``But knowing what I know now, I'm physically going to the stores.''
All told, while the risks of doing online business with one's credit card are indeed genuine, the risks bear little real difference than the risks of using plastic in the real world. Consider the last time you used your credit card to pay for dinner at a restaurant. You turn over the plastic (with your signature on it) to a perfect stranger who disappears with it for up to 10 minutes (sometimes longer). That's more than ample time to make a wax impression of the card, copy the magnetic stripe *and* acquire a sample of your signature on which to practice forgeries. In any case, if your card is forged on either the 'net or in real life, you're still only liable for the first $50 of fraudulent purchases. After that, the credit card company has to eat the rest. Given the above, I'm surprised that there isn't a bigger push by credit card companies to force online merchants to undergo something like an Underwriter's Laboratory (UL) sanctioned security audit. (I don't even know if such a beast exists, but it should. Hmmm...maybe I'm in the wrong line of work here.) - -Jay ( ______ )) .--- "There's always time for a good cup of coffee" ---. >===<--. C|~~| (>--- Jay D. Dyson - jdyson () techreports jpl nasa gov ---<) | = |-' `--' `------ When it's hot, it just ain't hot enough. ------' `-----' -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBOCHTrozYnY/37fGZAQEwVQQApRzEFXK/GwkklVsmYeS2uXA0xKQ16PRT QBdweRdyMANkMn4ySmCRRBTUrk4v7kn1mhmdS+dt/1DQK/RxTL7cQfOvhF6kIXvr fOWjSLhQTm/FAwtOuC4926xtlaDLBv4BFy/oHW5LZkpfIAtX9v4IaN27stfiFSPw DwQCvPK6F0E= =7G4y -----END PGP SIGNATURE----- ISN is sponsored by Security-Focus.COM
Current thread:
- Hacking Demonstration Shows Dangers of E-Commerce mea culpa (Nov 04)
- <Possible follow-ups>
- Re: Hacking Demonstration Shows Dangers of E-Commerce mea culpa (Nov 06)
- Re: Hacking Demonstration Shows Dangers of E-Commerce mea culpa (Nov 06)
- Re: Hacking Demonstration Shows Dangers of E-Commerce mea culpa (Nov 08)