Get the E-Commerce Minute Newsletter from the E-Commerce Times » View Sample | Subscribe
Welcome Guest | Sign In
ECTNews.com
E-Commerce Times TechNewsWorld CRM Buyer LinuxInsider
Discussions

E-Commerce Times Talkback

 
ECT News Community   »   E-Commerce Times Talkback   »   Re: E-Commerce Sites Fail Security 101



Re: E-Commerce Sites Fail Security 101
Posted by: Paul A. Greenberg 2002-01-10 12:48:09
See Full Story

If online merchants expect longevity and prosperity, now is the time to find
vulnerabilities and repair them. After all, if an e-commerce novice gets burned, that
consumer's trust in online transactions will be irretrievably lost.
If there are four words e-commerce can always live
by those words are: Never Get Too Comfortable.


Re: E-Commerce Sites Fail Security 101
Posted by: devitry 2002-01-10 23:55:08 In reply to: Paul A. Greenberg
Hey everyone. I just wanted to clarify one thing about the c2it hole. It's a front end attack where there are three parties involved ( attacker, c2it.com, and a c2it user ). The attacker send a script to the user, which can then accesses their c2it account. The script, which runs on the c2it site, could then have transfered money or accessed that users account information.

The statement "More ambitious hackers could access entire lists of credit card numbers. " it a little overstated. The "entire list" is only the list of credit card numbers that the attacked user has on their account, not all the credit card numbers in the c2it system.

-dave

Jump to:
Which review rating influences you most when researching a business?
5 Stars - I want to know what others found amazing.
4 Stars - I want to find out why it's liked for the most part, but not without faults.
3 Stars - I want to understand why the business is neither loved nor hated.
2 Stars - I want to learn why the weaknesses outweigh the strengths.
1 Star - I want to know why anybody says they are completely dissatisfied with the business.