Slashdot Mirror
Online Retailers Cruising Tor To Hunt For Fraudsters
Daniel_Stuckey writes "This week, the verification company Service Objects announced a new tool to help websites detect 'suspicious' visitors using Tor and other anonymous proxies. Its updated DOTS IP Address Validation product identifies 'suspicious' discrepancies between the user's home location and the location of the IP address the order's coming from. It joins a handful of other tools on the market promising Tor-detection for retailers. It's a logical strategy: If you're trying to buy something with a stolen credit card, you're obviously going to want to block your real identity and location while doing it. But it also raises the question of whether targeting anonymity services to hunt out fraudsters could have chilling effects for harmless Tor users trying to protect their privacy online—particularly this year in light of the NSA-spying scandal."
So... it's going to see my address is Florida but I'm making an online purchase from Toronto? And disallow it?
That's probably the last time I'd do business with that company.
". But it also raises the question of whether targeting anonymity services to hunt out fraudsters could have chilling effects for harmless Tor users trying to protect their privacy online—particularly this year in light of the NSA-spying scandal."
Seriously?
Why would you ever need to "protect your privacy" via Tor etc, from an ONLINE SHOPPING SITE that you are GIVING YOUR CREDIT CARD AND SHIPPING INFORMATION TO?
I mean, I'm as much anti NSA crap as the next guy. but come on. That said, cool tech. It would make sense that retailers would do this. I see this is a good thing, not a reason to slam the lizards running our government.
I am 31337 or something.
Oh, you don't? Well, ok, nice not doing business with you.
NEXT!
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
The parent wrote it down for you. You are placing an order with your credit card and shipping address. What MORE could they possible need in your "dossier"? Or do you think a webstores order database is magically of limits? Or that the NSA is only snooping on your internet connection and not the webstore?
If you don't want people to know your weird hobby, don't pay it online with your registered credit card and home address. The moment you do, privacy doesn't exist anymore.
And you do deserve being called a MORON because clearly you have no clue about security and/or TOR and/or anonimity.
Remember the Silk Road story? How was he caught? By sleuthing, by connection anonymous messages together through identifiers.
You want to use TOR to place an order, a MESSAGE, with in that message your CREDIT CARD and HOME ADDRESS? Why not also include that amazingly funny nick you thought of that you also use in all your "lets blow up the government" posts and make their job extra easy?
This stuff should really be obvious, if you use an anonymous message service, don't include personal identifiers. The general advice is to avoid any mention of GENDER, TIMEZONE, use of slang, catchphrases etc etc. And you think it is a good idea to include your fucking HOME ADDRESS and credit card details.
Tor has one use, to hide your IP, and you just gave them your address instead. If you don't get the stupidity of your idea, you really just shouldn't bother with TOR, you are just going to screw up anyway.
You are not alone in this, the other responder below also just doesn't get it. What does your IP have to do with your credit card? Both are registered to the same person?
Security, it is a LOT harder then people think.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
You are so wrong it's not even funny. The retailer is almost always held responsible for any fraud. If a charge is determined to be fraudulent the retailer is out the money plus a chargeback fee and on top of that, the event is kept track of so if the overall total gets too high, the merchant account gets terminated.