How is this still a thing? | Off Topic | unofficial empeg BBS

Quick Links: Empeg FAQ | RioCar.Org | Hijack | BigDisk Builder | jEmplode | emphatic
Repairs: Repairs

You are not logged in. [Log In] empegbbs.com » Forums » General Discussion » Off Topic » How is this still a thing?

Topic Options

#365231 - 07/11/2015 21:47 Re: How is this still a thing? [Re: Dignan]
tfabris carpal tunnel Registered: 20/12/1999 Posts: 31614 Loc: Seattle, WA	I agree that their web site tech is outdated in this case, and that not using HTTPS will open up the transaction to a possible chance of a man-in-the-middle attack. I'd place the order anyway. Why? Man-in-the-middle attacks aren't a certainty, and if this particular transaction turns out to get grabbed by one, what's the worst that could happen? You get some unwanted charges on your card. Call your card company to get them fixed and to send you a new card. This could happen anywhere, not just online. I once had a restaurant skim my card and had to get a new card issued. Whatever. More recently, my girlfriend and I got cleverly phished for card information at a hotel in DC by a phone call purporting to be room service needing to verify the card number (we fell for it, unfortunately, so she needed to reissue her card). So think about how much you would enjoy attending that show, then, think about the level of hassle it would be to get issued a new credit card in a worst-case scenario. Think of the tradeoff between pleasure versus pain there. For me it would be a no-brainer: Get the tickets. Then there is this to consider... HTTPS is no guarantee that your data is safe after it reaches them. I agree that lack of HTTPS is sort of a "character witness" situation, where you might be less trusting of the company that handles the back end. But in contrast, the presence of HTTPS doesn't mean they handle the back-end well, either. Once upon a time, I made a purchase from a web site with HTTPS. Moments after the purchase, I got an email bounce in my mailbox: The email server was down and it would retry for 48 hours. Why did I get this email bounce? Their system was set up to work like this: 1. Accept the order on the web site, which was just a third-party e-commerce web site hosting company. 2. The e-commerce web site emailed the order to the actual company to fulfill the order and process the credit card. With all my data, including my credit card number, in clear text. 3. The emails were configured so that the customer's email address (my email address) was the return address on said email. 4. So when the real company's email was down, I was the one who got the bounce, and thus found out their dirty little secret. The moral of the story: You CAN'T WIN, ever, with any kind of credit card transaction, online or otherwise. Just live with the fact that you're going to need to reissue your credit card a few times in your life, and get on with enjoying yourself. _________________________ Tony Fabris
Top

View All Topics

Entire topic
Subject	Posted by	Posted
How is this still a thing?	Dignan	07/11/2015 19:51
Re: How is this still a thing?	K447	07/11/2015 19:56
Re: How is this still a thing?	tfabris	07/11/2015 21:47
Re: How is this still a thing?	tfabris	07/11/2015 21:51
Re: How is this still a thing?	tanstaafl.	08/11/2015 18:34
Re: How is this still a thing?	Roger	08/11/2015 19:06
Re: How is this still a thing?	tanstaafl.	08/11/2015 20:32
Re: How is this still a thing?	tfabris	08/11/2015 21:43
Re: How is this still a thing?	Dignan	08/11/2015 03:55
Re: How is this still a thing?	Daria	12/11/2015 12:56