Archive of UserLand's first discussion group, started October 5, 1998.
Re: Cookies Bad, says E. Schmidt (Novell)
Author: Eric Soroos Posted: 12/3/1999; 9:19:09 AM Topic: Cookies Bad, says E. Schmidt (Novell) Msg #: 13411 (In response to 13404) Prev/Next: 13410 / 13412
While embedding a credit card number in a cookie is bad, it's not the only way to comprimise security. Any company that stores or transmits your credit card numbers in an unencryped form is negligent.My recent example:
PCnation, has the following security policy http://www.pcnation.com/asp/security.asp With the following excerpt:
To safeguard all your shopping transactions we employ the latest security methods in protecting your personal information. ... When you begin the checkout procedure your browser will automatically be directed to our secure commerce server so that all your personal information will be encrypted before it is transmitted over the Internet.After all this, they email my name, address, order id, credit card number and expiration date back to me completely in the clear. No encryption, no xxxx'ing out the numbers. In the clear.
To call for the end to email because of this would be shortsighted. To call for a boycott of PCNation might be a better option.
eric
This page was archived on 6/13/2001; 4:53:39 PM.
© Copyright 1998-2001 UserLand Software, Inc.