Slashdot Mirror

← Back to Stories (view on slashdot.org)

Websites Still Failing Basic Privacy Practices

Posted by kdawson on from the after-all-these-years dept.

DigitAl56K writes "Large companies still can't seem to get the basics of privacy and security on the Web pulled together. Today I went to enter a competition from Duracell to win a Nintendo Wii by filling out an online form. It requires entering your full name, address, and date of birth, and then proceeds to submit it via an unencrypted HTTP POST. The ultimate irony is the message at the bottom of the page that reads: 'Trust is a cornerstone of our corporate mission, and the success of our business depends on it. P&G is committed to maintaining your trust by protecting personal information we collect.' Which websites have you found to be lacking in their basic privacy practices?"

26 of 205 comments (clear)

  1. It's a good thing by XanC · · Score: 5, Insightful

    That Firefox saves the nasty warnings for Web sites that are encrypted!

    1. Re:It's a good thing by palegray.net · · Score: 3, Insightful

      While the responsibility does lie with the consumer to take appropriate technical measures to safeguard his personal information, is it too much to ask for a company to make SSL the default when submitting information?

      It only takes adding an "s" in the form element...

      --
      512 MB RAM, 20 GB disk, 200 GB transfer, five datacenters. $19.95/month.
  2. but realistically by Anonymous Coward · · Score: 5, Insightful

    HTTP is sent unencrypted, but it's not that easy for a random person who wants to steal your address to be on the correct subnet at exactly the right time to sniff it. Also, address and date of birth aren't usually considered confidential, even if you might not want to publish them.

    This isn't a lot different than many of those post-card questionnaires many people fill out and mail in.

    I think in this case, it's more important what they do with the information once they receive it.

    That said, I think there should be default encryption wherever possible automatically.

    1. Re:but realistically by Anonymous Coward · · Score: 0, Insightful

      HTTP is sent unencrypted, but it's not that easy for a random person who wants to steal your address to be on the correct subnet at exactly the right time to sniff it.

      You've fallen for the birthday paradox. The relevant probability is not whether somebody who wants your data is on the same subnet as you. The relevant probability is whether somebody who wants personal data is on the same subnet as somebody who doesn't want to give it to them. This is a massively more probable event.

    2. Re:but realistically by blueg3 · · Score: 4, Insightful

      What they're trying to point out is that while it may be rare that anyone is out to steal your personal information, people stealing personal information in general is quite common.

      While this may bear a passing resemblance to the birthday paradox, it isn't the birthday paradox. It's like when people claim that X has something to do with relativity. They're almost always wrong. The birthday paradox is a very particular statistical error, and this isn't it. :-)

      It's actually easier, anyway, to point out that someone trying to specifically steal "your" credentials just isn't the way it's done. That's a rare attack, because the investment is high compared to the reward. It's far easier to, say, run a credential-harvesting script in a local Starbucks with free wireless every day for a couple of weeks. (It's also rare, though more devastating, to just grab the personal information off of their server.)

    3. Re:but realistically by Anonymous Coward · · Score: 2, Insightful

      The birthday paradox is a very particular statistical error, and this isn't it.

      Yes, it is. The birthday problem is simply this:

      Given a set S, what is the probability P(S) that there exist elements (x, y) in S such that x <> y and p(x, y) is true?

      The "paradox" comes about because most people misread the above to mean:

      Given a set S and an element of the set x, what is the probability P(S, x) that there exists an element y in S such that x <> y and p(x, y) is true?

      They're two different problems, but when worded right most people don't recognize that they're different.

    4. Re:but realistically by holophrastic · · Score: 3, Insightful

      I certainly agree with your first sentiment -- not everything needs to be encrypted. I certainly see the value in encrypting cash and effetively-cash information -- like credit card information. But honestly when it comes to simple privacy information, https is way over-kill. I don't want to slow the web down by 300% just to encrypt everything. Not only is it not necessary -- it's not like packets are intercepted frequently -- but it's by far no where near the weakest link.

      I've been to, and photographed, bank machines that use external modems, loose and visible cables, and simple network jacks that could be easily by-passed. You're mail in most physical mailboxes is wide open for viewing. Hey, your licence plate is just sitting in your driveway.

      But by far, don't worry about the guy stealing your packets. Worry about the 16 year-old at the gas station that takes your credit card. The secretary at whatever company that answers the phone, the customer service agent. These people are all effectively able to intercept your packets, and you talk to them willingly as customer service for every company you've ever called where you weren't talknig to the owner.

      Our industry here is one where the principles of security have matured to the point where it seems like everything needs to be high-security. But in reality, every other industry on this planet is wide open by comparison.

      I'm reminded of something as simple as the sign at my local performing arts theatre that reads "no audience members beyond this point", engraved into a plackard beside the door to back-stage. However the door itself is unlocked. I go back after every performance to express my appreciation.

      Security for security sake is not only stupid, it's dangerous. It's what had me removing my shoes crossing the border last week. And in the end, after all of the security, I still wound up flying into and out of the U.S. with a knife in my pocket that everyone -- including myself -- missed entirely.

      Security is necessary only to the point where something needs securing -- that means it has value, someone wants it, and someone is trying to take it. That last part is vital to the equasion. Securing something that no one is trying to steal is a waste of effort, money, resources, time, and other liberties. You know, like three hours at an airport to take a $35, 25 minute flight.

    5. Re:but realistically by speedingant · · Score: 3, Insightful

      If information is freely flying through the air, without encryption, does that mean he is doing something wrong?

    6. Re:but realistically by Library+Spoff · · Score: 2, Insightful

      my online dvd rental company (dvdrental.cd-wow.com) emailed me to tell me i needed to update my credit card details - my card runs out at the end of the month. Their ssl cert ran out the end of July. When i contacted them to tell them this they basically said "Don't worry about it, it's all secure, your details don't leave the uk" etc.

      As i'll be adding new card info they won't be getting my business until it's fixed...

      --
      Acid House saves Souls
  3. Right... by Anonymous Coward · · Score: 4, Insightful

    "XXXXX is committed to maintaining your trust by protecting personal information we collect."

    Means nothing when every website harvesting your info says that.

    1. Re:Right... by Ethanol-fueled · · Score: 4, Insightful

      Today I went to enter a competition from Duracell to win a Nintendo Wii by filling out an online form

      People actually do that? Legend has it that some folks still fill out meatspace paper rebate forms so that they could wait 60 days to receive a 65-cent check in the mail.

  4. Re:Nobody considers that import by DigitAl56K · · Score: 4, Insightful

    That level of privacy is not considered important by anybody.

    It is by me (obviously) ;)

    You don't think a name, address, DOB, and password all going plaintext is troublesome? How many people use the same password for half a dozen websites? How many password recovery systems use address or DOB?

    With specific regard to "trust", here you have a website asking for a bunch of personal information without taking the most basic precautions to protect it in transit and without an SSL certificate that identifies the owners to inform you where the data might really be going to.

    It was enough to make me cancel out.

  5. Re:Nobody considers that import by tokenturtle · · Score: 5, Insightful

    Exactly. The junk mail that's in my mailbox every day has more detailed information on the outside of the envelope. This is really a non-issue.

  6. Re:Taxcut http by rriven · · Score: 3, Insightful

    It does not matter when you fill the form. As long as when you clicked submit and it went to a https page you are safe.

    That is how all the sites that don't handle CC or SSN's do it. It reduces overhead and load time. Even gmail did until recently.

    --
    Dan
  7. Re:Nobody considers that import by DigitAl56K · · Score: 4, Insightful

    If your junk mail shows your date of birth and password I'd be worried. It's also a little harder for an observer to collect millions of records from junk mail than it is to sniff at a router and log all the traffic automatically.

    BTW what has happened to /. tonight? If Google switched their login page to http would nobody care?

  8. Re:Nobody considers that import by dreohio99 · · Score: 2, Insightful

    Your information is already out there in public records. Google your phone number and see what comes up. If the form asked for SSN or driver's license number I would be a bit more cautious. As far as passwords, it is already considered a bad practice to use the same one on a shopping website as your bank or credit card account websites.

  9. Re:Taxcut http by FLEB · · Score: 3, Insightful

    Actually, I've heard this discussion come up before-- generally, you want the login form SSL encrypted, as well, to verify the identity and integrity of the form. Otherwise, it leaves the possibility for phishing, poisoned DNS, or a man-in-the-middle attack that rewrites the form to submit to a malicious intermediary. (Granted, a person viewing the code could see that last one, but I know I certainly don't eagle-eye the action param on every form I submit before I hit "go".)

    --
    Information wants to be free.
    Entertainment wants to be paid.
    You just want to be cheap.
  10. Re:Nobody considers that import by Zero__Kelvin · · Score: 4, Insightful

    You missed the real story, to wit:

    "Internet users still can't seem to get the basics of privacy and security on the Web pulled together. Web users still offer up information they consider to be private and sensitive, on the almost zero chance they will win a Wii, to companies about which they know little or nothing. They still believe the company can and should be trusted with their data, based solely on the fact that the companies products have a little brand recognition ..."

    --
    Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
  11. Re:Nobody considers that import by Kent+Recal · · Score: 4, Insightful

    Exactly. This "article" is yet another bad joke (slashdot disappoints a lot lately).

    Dear "DigitAl56K": If you're so worried about losing your first and lastname on the interwebs then why the hell do you participate in retarded lotteries?
    Here's a little secret: If you don't push that submit button then nobody will ever get your information!

  12. Re:Nobody considers that import by cycleguy55 · · Score: 3, Insightful

    Yeah, the only people that want that level of data are those involved in identity theft. Given the number of people who have had their lives turned upside down through identity theft, we should all be vigilant - including challenging any and all Web sites that don't use proper practices to protect personal information.

  13. "maintaining your trust" by iminplaya · · Score: 3, Insightful

    How can they maintain something they'll never have?

    --
    What?
  14. Re:Nobody considers that import by antic · · Score: 2, Insightful

    Easy publicity for Duracell. Have someone complain about a non-issue with your competition, and get free press.

    --
    'Thats they exact same thing a banana wrench monkey.'
  15. Re:Nobody considers that import by Ash-Fox · · Score: 2, Insightful

    Your information is already out there in public records.

    And I know which ones too.

    Google your phone number and see what comes up.

    Three results, all of which, not even related.

    --
    Change is certain; progress is not obligatory.
  16. What the OP fails... by BrokenHalo · · Score: 2, Insightful

    ...to mention is that the whole point of a lot of those online forms (such as competitions etc) is to provide an opt-in to any kind of marketing dreck the the site owner (or any of his mates) cares to send you.

    The best way to keep your personal information private is to not hand it out. I know that should be obvious, but the fact seems to escape people when they appear to be being offered free ponies (or whatever).

  17. Re:Nobody considers that import by whoisjoe · · Score: 2, Insightful

    I did google my phone number (although I admit that its a mobile phone). All I got were references to the area code and exchange, and one reference to my wireless provider.

  18. Re:slashdot by blitzkrieg3 · · Score: 2, Insightful

    Except that doesn't make any sense. How do they know you're a subscriber when you haven't logged in yet?