Shoppers' details considerably easier to get hold of this Christmas than this year's Buzz Lightyear...
By silicon.com
Published: 17 November 2003 18:20 GMT
In the space of four days silicon.com has revealed two serious security flaws on major UK shopping websites.
Argos and B&Q were leaving customers' details vulnerable - and not just to crackers or experienced techies with the knowledge to circumvent security. These details could be accessed by anybody on the internet - you didn't even need a password. In security terms the doors were wide open.
This is an appalling lapse in security and shows a worrying level of awareness among two companies who are at the forefront of the drive towards ecommerce dominance. We hope they are the only two.
After all if 'Joe and Joanne Public' can't trust Argos and B&Q then what chance the little vendors? Those at the top may be unfairly tarnishing the reputations of far more reliable, security-conscious companies.
In truth ecommerce is by and large safe - everybody at silicon.com is an advocate and this publication stresses most sites are secure. But that's why this news is so difficult to swallow.
If this was an advanced hack it would still be a failing on the part of the victim site but it would also be more understandable - as criminals' raison d'être is to stay one step ahead of measures in place to block them - but the fact these sites gave up the information without much of a fight is unforgivable.
It's been three-and-a-half years since silicon.com exposed the Powergen scandal and still we are writing stories such as these.
It would make it a lot easier to push forward ecommerce if the companies concerned were fighting only the most devious minds out there, rather than trying to remember whether they locked the back door.
This is a side issue but never the less related to...
Anonymous
The problem remains that anyone attempting to find...
Anonymous
Job Title Content ManagerLocation: London WC2Key Words: Ecommerce, Web, Online, Content, Analytics, Conversions and Drop Outs, Landing Page, ...
eCommerce Product Manager The successful eCommerce Product Manager will be responsible for the product management of Moneybookers new business ...
A leading Investment Bank is currently undergoing a major programme to deliver a new eCommerce FX distribution platform. To be successful you must ...
Agenda Setters 2008
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Naked CIO Naked CIO: Should you monitor staff? Somebody's watching you
Elinor Mills Why 1970s hackers had 'whiz kid' status Q&A: Kevin Mitnick - blackhat hacker turned good guy