 AutoAtlanta, just a suggestion |
|
|
|
Porsche, and the Porsche crest are registered trademarks of Dr. Ing. h.c. F. Porsche AG.
This site is not affiliated with Porsche in any way. Its only purpose is to provide an online forum for car enthusiasts. All other trademarks are property of their respective owners. |
|
|
| stateofidleness |
  Jun 11 2008, 11:10 PM
Post
#1
|
|
Senior Member  Group: Members Posts: 810 Joined: 1-September 07 From: Canyon Lake, Texas! Member No.: 8,065 Region Association: None  |
Just made my first order with AutoAtlanta and noticed that, once you go to checkout, for new customers where you fill out your Shipping and Billing as well as credit card info, the page is not a secure page??
So.. I would advise that if you are making a purchase with them, add an "s" after the "http" in the address bar before filling out the form. computer security major... kinda bugs me when i see stuff like that... so just a heads up maybe the AA webmaster can fix this (IMG:style_emoticons/default/wink.gif) would take all of 2 seconds anyways, can't wait to get the stuff!! |
   |
 
|
  |
Replies
| Jason.H |
Jun 12 2008, 01:57 PM
Post
#2
|
|
Newbie Group: Members Posts: 16 Joined: 22-November 05 From: Marietta, Ga Member No.: 5,168 |
QUOTE(stateofidleness @ Jun 12 2008, 08:33 AM)  Wow jason, thanks for the fix. I think by not being an SSL page when entering the information leaves it susceptible to being spoofed more easily? Because, someone won't know they're "secure" until they hit submit might deter some people. It would be harder to spoof an ALREADY SSL encrypted page than it would be to spoof the current page. Just throwin that out there, but awesome turn-around. OT: hey jason, do ya'll have company stickers or logos? I like to show support for who is aiding me in this addiction lol No problem. Any time you come across something that seems odd, or you have a question, you can let me know directly: jason<!at!>autoatlanta.com Generally SSL is more for sniffers than spoofing. Spoofing would be if someone got you to go to a malicious website designed to look like ours with the intent of collecting your information. Anyone with a few bucks can have an SSL set up so having https won't make much difference. Heck, when was the last time you inspected the security certificate issued by the server? Sniffers are designed to pull packets from the network for inspection. The packets carry the information you filled into the form. A secure connection encrypts the transmission so that anyone listening in can't tell what's being said, at least that's the idea. Again, the transmission has always been encrypted, I just made it a bit more obvious. I'm not sure if we have much in the way of stickers. I'll see if I can dig something up, otherwise I'll put it in the suggestions box. |
|
|
|
| SirAndy |
Jun 12 2008, 02:00 PM
Post
#3
|
|
Resident German Group: Admin Posts: 42,257 Joined: 21-January 03 From: Oakland, Kalifornia Member No.: 179 Region Association: Northern California |
QUOTE(Jason.H @ Jun 12 2008, 11:57 AM) Heck, when was the last time you inspected the security certificate issued by the server? this morning ... (IMG:style_emoticons/default/biggrin.gif) but then again, i work in that industry. the every day user probably does not even know how to check the validity of a SSL certificate ... (IMG:style_emoticons/default/type.gif) Andy |
|
|
|
Posts in this topic
stateofidleness AutoAtlanta Jun 11 2008, 11:10 PM
biosurfer1 wow, that suprises me. When we got our SSL it auto... Jun 11 2008, 11:18 PM Jason.H Hi Guys!
Manually creating a secure connectio... Jun 12 2008, 08:52 AM plymouth37 Well that was quick! Thanks Jason! Jun 12 2008, 08:57 AM stateofidleness Wow jason, thanks for the fix.
I think by not bein... Jun 12 2008, 10:33 AM ericread :agree:
I think the original post was excellent i... Jun 12 2008, 12:15 PM
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
|
Lo-Fi Version | Time is now: 9th July 2025 - 11:52 AM |
Invision Power Board
v9.1.4 © 2025 IPS, Inc.