[ic] RE: Interchaneg & Credit Card Numbers...

Anton Vandeplas interchange-users@interchange.redhat.com
Mon Nov 5 10:27:20 2001 

Hi John:

Apparently you think that everybody is out to steal CC numbers. Won't it be
easier to look around in restaurant, gas stations etc. to collect numbers
than to try to hack into a server?

And why do you think that my company is collecting CC numbers and not
encrypt them? Will you be the hacker to try and find out?

How somebody handles security over the Internet is for everybody himself
like some people don't keep an eye on their wallets. When you order
something on the Internet with a CC you never know what that person might do
with your card :-)

Anton


-----Original Message-----
From: John Beima [mailto:jbeima@palb.com]
Sent: Sunday, November 04, 2001 2:31 PM
To: BWP-BookCenter
Subject: Interchaneg & Credit Card Numbers...


G'Day Anton,


I was reading your posts on the list about how you would like to be soo
stupid
and irresponsible with credit card handling...

You do realize that ehen this e-mail goes out 1000s if not more can read
it...
YOU are responsibile for proecting card numbers that come to you...

This also means there was NO poiont to using SSL to get the information from
your clients in the first place, since you send it out plain text later. If
you
clients knew this they would NEVER buy anything from you...

Maybe ou should let them decide with a disclaimer on your order page like
"We
know we are using SSL to make you feel secure and to give us your credit
card
number, but after that, we store it in about 8 places in plain old text...
We
then send it though plain old e-mail where anyone can packet sniff it, and
it
gets sent to every machine on our ISP's network while it is in route to
ours..."

What do you think they would say?

I bet you cc company would yank your ability to take cc's if they knew you
were
doing this.

If your ISP won't allow you to run PGP then it is YOUR responsibility to
find a
real ISP that does thing right...


John Beima
jbeima@palb.com, support@alocalagent.com, and support@alocalchurch.com

P.A.L.B. Systems - Phone: (780)451-1086 - Fax: (780)447-4760
11639-122 Street, Edmonton, Alberta, Canada, T5M 0B6

Affordable Web Pages - Phone: (888)932-9990 - Fax: (256)351-7297
2713B Spring Place SW, Decatur, Alabama, United States, 35603