Also used 'your' instead of 'you're' in several spots. Who does this guy think he's kidding. I see a seriousl lack of discipline. My advice would be "go back to college" even part time (at least 2 courses per semester. I dropped out of school at 20, my grades sucked. But I got a great job making $25K/year and that was back in 1981! Eventually I looked at the guys at my company that were around 30 and never had a degree. They were only making a few thousand more than me (surprise!). I didn't want to be them in 10 years. So I went back to school full time, working 40 hours and taking a full course load for the next 2-1/2 years, paying tuition myself. Seriously, I didn't take a dime from my parents for tuition, books, food, gas, or car insurance. This guy just typifies the new generation that thinks it has carte blanche in the tech industry. Grow the f--- up.
Buy.com, Ebay and (I think) Amazon let you recall card numbers you used before and use them on new orders. So they keep your old card around. I suggest heavy 2-way encryption with the key very well protected. The question is whether the card numbers are exposed, that is, if one of their employees or business partners can get to the data, is it readable or easily decryptable. If not, I say, you've done your job.
I used to like knowing that companies that collect my credit card for payment don't keep it around. So the inconvenience of having to enter it again was OK given the security of their back end. However, having designed e-commerce systems myself, I realized that the lack of the recall feature has absolutely no bearing on the security of my credit card info. So I decided, screw it. Once you've used your card on a site to pay for something, you're vulnerable, at least to the dishonest employees of the vendor or his ISP. Now that I've settled, I really enjoy the convenience of being able to recall my card without having to type it in again. I would design every e-commerce system to have this feature if my clients decided it was right for their business.
Norm
Slashdot Mirror
Also used 'your' instead of 'you're' in several spots. Who does this guy think he's kidding. I see a seriousl lack of discipline. My advice would be "go back to college" even part time (at least 2 courses per semester. I dropped out of school at 20, my grades sucked. But I got a great job making $25K/year and that was back in 1981! Eventually I looked at the guys at my company that were around 30 and never had a degree. They were only making a few thousand more than me (surprise!). I didn't want to be them in 10 years. So I went back to school full time, working 40 hours and taking a full course load for the next 2-1/2 years, paying tuition myself. Seriously, I didn't take a dime from my parents for tuition, books, food, gas, or car insurance. This guy just typifies the new generation that thinks it has carte blanche in the tech industry. Grow the f--- up.
full-time security staff? what company can afford this anymore other than the F10 (maybe). My former employer can't even afford good developers.
Buy.com, Ebay and (I think) Amazon let you recall card numbers you used before and use them on new orders. So they keep your old card around. I suggest heavy 2-way encryption with the key very well protected. The question is whether the card numbers are exposed, that is, if one of their employees or business partners can get to the data, is it readable or easily decryptable. If not, I say, you've done your job. I used to like knowing that companies that collect my credit card for payment don't keep it around. So the inconvenience of having to enter it again was OK given the security of their back end. However, having designed e-commerce systems myself, I realized that the lack of the recall feature has absolutely no bearing on the security of my credit card info. So I decided, screw it. Once you've used your card on a site to pay for something, you're vulnerable, at least to the dishonest employees of the vendor or his ISP. Now that I've settled, I really enjoy the convenience of being able to recall my card without having to type it in again. I would design every e-commerce system to have this feature if my clients decided it was right for their business. Norm