Pete Freitag Pete Freitag

How To Scream Unsecured


I was considering purchasing something from a foreign site today (I'm not going to name names), but then I noticed this link on the order form page:

Use our Secure server (If you prefer to send your credit card number encrypted.)

I'm speechless!

Like this? Follow me ↯

How To Scream Unsecured was first published on May 02, 2006.

If you like reading about security, ssl, or https then you might also like:

Want Security Advisories via Email?

Advisory Week is a new weekly email containing security advisories published by major software vendors (Adobe, Apple, Microsoft, etc).


Strange, if you click through they also give you the option to "Return to regular (not secure) mode"
by kola on 05/02/2006 at 12:19:13 PM UTC
Was there also a box checked by default titled "Please share my credit card information with 3rd parties"?
by Dan Roberts on 05/02/2006 at 1:48:14 PM UTC
Just a little safety tip. Get a pre-paid cash card such as AMX Gift Card or their Traveler Check Card. or from Visa which has similar options. Only put in a small amount and use that card for your online purchases. That way if someone lifts your card, you'll only be out what was on the card, and there's a good chance the card will have safety measures as well and there's no danger of identity theft.
by Christopher Wigginton on 05/02/2006 at 3:25:51 PM UTC
haha ... I've seen that around ... I can't remember where, but was it a flower shop? Anyhow, I remember my brother used the site and didn't notice that link and yes, his card got used in Britain - but he was lucky and the credit card company reembursed him.
by noname on 05/03/2006 at 10:47:51 AM UTC
No it wasn't a flower shop, it was a domain registrar.

I wouldn't order from an overseas flower shop anyways because they keep spamming my blog comments.
by Pete Freitag on 05/03/2006 at 11:06:57 AM UTC
On the topic of going that "extra step". I generally use Discover Card's "Secure Online Account Numbers". These are one time use numbers for use online. That way if anyone get's ahold of the CC number it doesn't much matter. Though I still would never use a site without a secure server.
by Frank Thompson on 06/01/2006 at 5:50:51 PM UTC