LINUX.IE, website of the Irish Linux Users' Group
Tux rules!

   
Home
New Users
Articles
Download
Projects
Community
Vendors

  Print Version
Email to...
 
Archives:


planetILUG

Recent News

News Archive


Join the
ILUG
on FaceBook


Join the
ILUG
on LinkedIn


Join the
ILUG SETI
Group



















 
 :: Mailing Lists

[ILUG] Domain Registration

[ILUG] Domain Registration

John Allen john.allen at dublinux.net
Tue Sep 25 17:11:59 IST 2007 

Brian Foster wrote:
>   | Date: Sun, 23 Sep 2007 19:38:27 +0100
>   | From: "Michele Neylon :: Blacknight" <michele at blacknight.ie>
>   | 
>   | Colm MacCarthaigh wrote:
>   | >> Most companies that ask for faxes of credit cards are doing it
>   | >> to make sure that a real person exists behind the email address
>   | >> and that person actually owns the card and not just the cards
>   | >> details
>   | > 
>   | > That's not a compromise, that is placing ordinary people at huge
>   | > increased risk to identity and monetary theft - merely for the
>   | > convenience of the business.  [ ... ]
>   | 
>   | Why?
>
>  my (current) objection to the procedure presumes the
>  receiving FAX machine has a memory and/or prints the
>  received FAXes.  any such machines used to receive
>  such FAXes *must* be in a secured location, accessible
>  only to duly authorised staff; the memory must be wiped
>  and the paper copies securely destroyed.  otherwise,
>  you've just created yet _another_ way to steal the
>  card's details.
>
>  ( and in addition, the receiver has the problem of
>   matching the incoming FAXes with the waiting-to-be-
>   "verified" orders.  I can imagine great scope here
>   for both confusion and mistakes, and hence possible
>   additional security problems. )
>   
It's a once off verification of you possession of the card. After that 
you don't have to send it again.
>  the procedure also supposes I have access to a suitable
>  transmitting FAX machine.  so, for instance, I'd never
>  send such a FAX from work, since that machine is not
>  secured and, more to the point, I've no idea how to
>  wipe it's memory.  (and I'm presuming the copier I
>  use to make the paper version to be FAXed does not
>  have issues of its own, and that I don't forget to
>  recover my card (hasn't everyone forgotten the original
>  at times?).)
>
>  I can obviously obtain control of the transmitting end
>  (e.g., get a FAX machine for home, or use my computer),
>  but I've *NO* control over the receiving end.  nor do I
>  have much confidence:  the institutions handling these
>  sensitive details cannot seem to keep the current data
>  secure, so I'm throughly unconvinced any new sensitive
>  "feature" would be be adequately handled.
>
> cheers!
> 	-blf-
>   


-- 
John Allen                          mailto:john.allen at codemountain.net
CodeMountain                        http://www.codemountain.net

Ubuntu gutsy (development branch), kernel 2.6.20-15-generic
up 16 min,  2 users,  load average: 0.03, 0.11, 0.11

More information about the ILUG mailing list
Read this without the formatting.
                                                                                                    

  

Hosted by HEAnet


 Maintained by the ILUG website team. The aim of Linux.ie is to support and help commercial and private users of Linux in Ireland. You can display ILUG news in your own webpages, read backend information to find out how. Networking services kindly provided by HEAnet, server kindly donated by Dell. Linux is a trademark of Linus Torvalds, used with permission. No penguins were harmed in the production or maintenance of this highly praised website. Looking for the Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
RSS Version
Powered by Dell