Hot Dorkage

The dork is featured again in Issue #4 (August 1) of Information Security Short Takes that I was in last month. This blog features a monthly blog carnival potpourri webzine of useful selection of security related articles. I know, I know, nobody wants to hear about security. It’s boring as all get out, and it’ll probably not happen to you. Except that it is happening, to more and more of us each year. Knowledge is power in this game. Know how it works, what to do and what not to do, and diminish your chance of being ripped off.
Continue Reading…

Another database: CRACKED A recent security breach of a local online merchant prompted me to write this post. As a shopping cart software author and former security analyst at Symantec I know the nuts and bolts of security from several perspectives. Credit card fraud is a huge and growing problem. See my article about credit card security online for a detailed discussion on how credit card security works and what the vulnerabilities are. There is a solution, but it will not be implemented until pressure is brought to bear on the key players.
Continue Reading…

Some people are cavalier about giving out their credit card number online.   “Oh well,”  they think,  “it’s bound to get stolen some day….”  The other end of the scale is the “better safe than sorry” people who refuse to buy anything online ever because they don’t understand  it and can’t tell the safe from the scary.   I hope that after reading this post you’ll be able to tell the difference.

Here are the key aspects of credit card security:

• Encryption
• Certificates
• Gateways
• PCI Compliance
• AI in the credit card companies
• Data validation
• What should be added

Continue Reading…