W3C home > Mailing lists > Public > www-talk@w3.org > May to June 1997

Re: security on the web

From: Arnoud <galactus@htmlhelp.com>
Date: Mon, 12 May 1997 20:30:42 +0200
To: www-talk@w3.org
Message-ID: <SH2dz4uYOhqN089yn@htmlhelp.com>
In article <v03102805af9cea5be60d@[207.87.104.26]>,
Sarra Mossoff <sarra@smallworld.com> wrote:
> Intercepting a credit card number that has been sent over the phone lines
> via a web connection is, in contrast, nearly impossible.  You'd need a

Well, it's indeed harder for the average thief to set up. For
someone with a good connection, and some knowledge, it shouldn't
be that hard to set up. I think you could even set up an 
automated filter that scans for packets with a known format (the
CC fill-in formats from the HTML forms of popular online shops)
and extract the information from that. 

I do think that someone who can pull that kind of stunt would 
be able to find a job as expert programmer, so he wouldn't need to
do it. :-)

> I see a "scare tactic" -- the vast majority of people are afraid of
> internet commerce, and ads like this certainly don't help.  I think

The main problem is that it's going through computers. A lot of
people don't know what computers can and cannot do. The stories
in the media do nothing to help this. The only serious risk I can
see is that automated scanning/intercepting is only possible on
the Internet, because there the data is digital and in standard format
so programs can be written to intercept it. For a telephone call,
that's not possible with the current state of voice recognition.

-- 
E-mail: galactus@htmlhelp.com .................... PGP Key: 512/63B0E665
Maintainer of WDG's HTML reference: <http://www.htmlhelp.com/reference/>
Received on Monday, 12 May 1997 15:31:17 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 27 October 2010 18:14:22 GMT