Slashdot Mirror
Online Trust Failing Overall
twitter writes "The BBC and ZDNet are reporting on an RSA poll of 1,000 users about failing confidence in ecommerce. 43% of respondents were reluctant to give details to online sites and 70% said that firms were not doing enough to keep their data secure. The BBC goes on to quote experts who back up the perception, ZDNet claims that action is being taken and is well."
ZDNET is well?
bluespaceradio.com - New Wave, Indie and Alternative
I was born in 1984, a body builder making over 250k a year. Female and my occupation is the fist item in the drop down list. Whats the problem you guys have?
Most people who distrust internet commerce will gladly hand their credit card over to minimum-wage waiters, who disappear into the back room of the restaurant with it for ten minutes. It's all a matter of image and perception.
Have you read my blog lately?
or not taking the security concerns seriously. If you are saving peoples Social Security Numbers and CC Numbers then you should be encrypting that data. Venture to guess how many places actually encrypt that in a database?
But then again i would say most larger places do take these steps. More often than not I won't buy from somewhere I am unsure of or if they are not in the http://www.bbb.org/. Plus, how many people know how to always use SSL when sending sensitive stuff? I would venture my grandparents and mother have no idea.
On a side not to the last statement, i would like to say, office depot does NOT use SSL for their secure communications when you order something from in store.
I just got a really nice email from a DR. VICENTE A. SOUSA from the DEPARTMENT OF OIL & DOWNSTREAM SECTOR in ANGOLA.
... you know, the email was really long with all sorts of details (kind of like those agreements when you put a CD in the computer) so I just said yes because it's supposed to be easy money. :)
Very polite, humble (he even SAYS so) and
While I'm somewhat surprised the average user pays attention to such things, I'm not surprised trust is failing in light of recent large scale compromises.
Until the industry as a whole adopts a strategy of preventing compromises, this is not going to improve. Most companies would rather pay a PR guy to fix their image after the fact than a security consultant to keep it from happening in the first place. That's certainly not how I want my information taken care of.
I rarely criticize things I don't care about.
Dear God, ain't this the truth??? I'm a network admin at a large company (please don't ask which), and the password situation here would be laughable if it weren't so sad. I ran LC5 on our hash file here, and was shocked and dismayed at the number of passwords cracked within 10 seconds. I'm constantly finding passwords on sticky notes on monitors and under keyboards, and many users haven't even bothered to change the default Lotus password ('password') to something else! >:(
Last year, a street survey found that more than 70% of people would reveal their password for a bar of chocolate.
That seems to be about the right figure for users in my company.
____
~ |rip/\/\aster /\/\onkey
Kind of like the great majority of child kidnappings involve a non-custodial parent. But that's not a scary enough story to draw viewers, so doesn't get reported much.
(at this point the child-kidnapping activists will rise up and smite me with their negative mod-point hammers, I'm sure. :)
Have you read my blog lately?
I like using MBNA bank's credit card number proxy feature whereby you create a onetime use CC# with a limited spending limit to give out online. It's a great feature for paying at Sam's Shady Online Store with a CC# that has a $30 limit and expires in a month.
I TOTALLY know! I saw a video of this girl who had confidence that this guy WASN'T going to do this thing to her... AND HE DID! I was like, "I SO don't have confidence in the net anymore!" ...I'm sorry, I don't know where that came from. It must be time to go home...
Note: This sig contains nine S's, nine I's and five O's which... means absolutely nothing.
Here in GA we have ChoicePoint, a company which recently allowed a criminal gang to make off with something like half-a-million IDs.
Only people in California were notified of the leak, because CA has a law requiring notification. Everyone else is going to have to wait 'til their identity gets stolen.
The GA legislature is taking up a bill to require notification of GA residents when their personal information is stolen or accidentally leaked.
Part of the problem, IMHO, is that companies won't tell you when they've shared your information with a non-trusted third party. So, a good first step would be voluntary disclosure.
668: Neighbour of the Beast
I'm not liable for any $$ amount on my credit card or my debit. I'll say, though, I use debit card rather than my credit card. Why? Cause the bank doesn't have as much to lose as the CC company. With the bank it's all your money, with the CC company, it's their's until you pay it back, which means you have one more person in your corner - and with better lawyers, probably ;).
Ladies and gentlemen: this is why you shouldn't trust any legal advice obtained from Slashdot.
All employees must wash hands before seeking equitable relief.
In Denmark we have very good consumer protection on online trades. Whenever the card holder challenges a withdrawal, the issuing bank shall reverse the transfer immediatly. Afterwards, the burden of proof for actual goods delivery lies with the bank. The banks of course passes the burden on to the online merchants, so we have very few fradulent online traders here in denmark.
I'm not sure how it works for foreign trades, but as the banks must make the refund, no matter what, the general confidence in denmark is pretty high.
//Wegge
The problem is that Credit Card companies, banks and anyone else whose revenue is generated by transaction volume have a vested interest in making transactions easier and more frequent.
As big a problem as fraud is, the reality is that there is far more to be gained from lowering barriers to credit card use than there are to raising barriers. The other sad corrolary is that the real losers when it comes to fraud are the consumers.
We have voluntarily traded security for convenience. Now it seems we want our cake too.
------ The best brain training is now totally free : )
You miss the point. I trust the guy nextdoor, I trust the lady down the road, I trust my friends. I don't trust the world outside of this because it's clearly put "we want your money, heres a brainwashing so we get it".
Take it how you want it.
I like muppets.