LINUX.IE, website of the Irish Linux Users' Group
Tux rules!

   
Home
New Users
Articles
Download
Projects
Community
Vendors

  Print Version
Email to...
 
Archives:


planetILUG

Recent News

News Archive


Join the
ILUG
on FaceBook


Join the
ILUG
on LinkedIn


Join the
ILUG SETI
Group



















 
 :: Mailing Lists

[ILUG] Domain Registration

[ILUG] Domain Registration

Brian Foster blf at utvinternet.ie
Sun Sep 23 20:08:00 IST 2007 

  | Date: Sun, 23 Sep 2007 19:38:27 +0100
  | From: "Michele Neylon :: Blacknight" <michele at blacknight.ie>
  | 
  | Colm MacCarthaigh wrote:
  | >> Most companies that ask for faxes of credit cards are doing it
  | >> to make sure that a real person exists behind the email address
  | >> and that person actually owns the card and not just the cards
  | >> details
  | > 
  | > That's not a compromise, that is placing ordinary people at huge
  | > increased risk to identity and monetary theft - merely for the
  | > convenience of the business.  [ ... ]
  | 
  | Why?

 my (current) objection to the procedure presumes the
 receiving FAX machine has a memory and/or prints the
 received FAXes.  any such machines used to receive
 such FAXes *must* be in a secured location, accessible
 only to duly authorised staff; the memory must be wiped
 and the paper copies securely destroyed.  otherwise,
 you've just created yet _another_ way to steal the
 card's details.

 ( and in addition, the receiver has the problem of
  matching the incoming FAXes with the waiting-to-be-
  "verified" orders.  I can imagine great scope here
  for both confusion and mistakes, and hence possible
  additional security problems. )

 the procedure also supposes I have access to a suitable
 transmitting FAX machine.  so, for instance, I'd never
 send such a FAX from work, since that machine is not
 secured and, more to the point, I've no idea how to
 wipe it's memory.  (and I'm presuming the copier I
 use to make the paper version to be FAXed does not
 have issues of its own, and that I don't forget to
 recover my card (hasn't everyone forgotten the original
 at times?).)

 I can obviously obtain control of the transmitting end
 (e.g., get a FAX machine for home, or use my computer),
 but I've *NO* control over the receiving end.  nor do I
 have much confidence:  the institutions handling these
 sensitive details cannot seem to keep the current data
 secure, so I'm throughly unconvinced any new sensitive
 "feature" would be be adequately handled.

cheers!
	-blf-
-- 
▶ ▶  I AM CURRENTLY LOOKING FOR A JOB!  ◀ ◀ | Brian Foster
Experienced (>25 yrs) software engineer:    |        Montpellier, FRANCE
 • Unix, Linux, embedded, design-for-test;  | Stop E$$o (ExxonMobile)!
 • Software/hardware co-design, debugging;  |     http:/www.stopesso.com
 • Kernels, drivers, filesystems, &tc;    Résumé (CV) & contact details:
 • IDL, automated testing, process, &tc.   http://www.blf.utvinternet.ie

More information about the ILUG mailing list
Read this without the formatting.
                                                                                                    

  

Hosted by HEAnet


 Maintained by the ILUG website team. The aim of Linux.ie is to support and help commercial and private users of Linux in Ireland. You can display ILUG news in your own webpages, read backend information to find out how. Networking services kindly provided by HEAnet, server kindly donated by Dell. Linux is a trademark of Linus Torvalds, used with permission. No penguins were harmed in the production or maintenance of this highly praised website. Looking for the Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
RSS Version
Powered by Dell