is this for real

ChicoMendez

in this day an age :
http://www.backpacker.ie/subscribe.php
love to see secure credit card booking facilities..


who is this crowd.... 4L ????

egan007

Unless I'm mistaken this crowd -backpacker.ie were in last years entrepreneur awards !
I suppose no secrity it's innovative - nobody else would try it!

ChicoMendez

this 4L crowd are really on top of things.....

heres another one:

http://www.abroadmagazine.com/subscribe.php


i have sent them a mail asking them to post a message here explaining why they choose to go for the unsecure option. Perhaps they feel security is not on the top of thier clients agenda?

buddy

No https and I won't touch it, but most users wouldn't know.

ChicoMendez

buddy wrote:

but most users wouldn't know.

So is that any reason to put your customers credit card details at risk....

buddy

No, I meant that most web users wouldn't know it wasn't secure and would trust that it would be.

Its appalling to even consider collecting credit card details on an unsecured page.

cgarvey

Is it not a breach of their Visa/MC contract .. to not take due care to protect the numbers? If not is there something in the DPA that you must take due care to protect all customer information (whether or not you're registered)? Surely, this day in age, the lack of https for such sensitive information would not be considered due care, in the courts?
.cg

seamus

Classy workmanship....

4l.ie = [ ]

domain: 4l.ie
descr: 4L Communications Ltd
descr: BODY CORPORATE (LTD PLC COMPANY)
descr: Corporate Name
admin-c: AAR847-IEDR
tech-c: AAR847-IEDR
nserver: DNS1.DNS.ONLINE.IE
nserver: DNS2.DNS.ONLINE.IE
source: IEDR
person: Ronan Mullally
nic-hdl: AAR847-IEDR
source: IEDR

The Web site cannot be found
The Web site you are looking for is unavailable due to its identification configuration settings.

Please try the following:

* Click the Refresh button, or try again later.
* If you typed the page address in the Address bar, make sure that it is spelled correctly.
* Click the Back button to try another link.

11001 - Host not found
Internet Security and Acceleration Server

Perhaps someone ought to drop these magazine companies a line and give them a few pointers...

ChicoMendez

its a question of your get what you pay for i guess...

seamus u can give them a few pointers your self.....

Michael Collins publisher from Abroad replyed to my mail asking for the link to this thread, therefore i guess hell enlighten us shortly...

dynamic.ie

Am I missing something or did they see this thread and change their site to say they will contact you by phone for credit card details and remove being able to enter the info in on the site!

ChicoMendez

dynamic.ie wrote:

Am I missing something or did they see this thread and change their site to say they will contact you by phone for credit card details and remove being able to enter the info in on the site!

yes looks like they did... very nice of them to finally take thier customers credit card details secure... Very nice indeed.

A big tap on the back to 4L and Abroad

seamus

Better....but it still doesn't stop anyone getting a hold of customer's contact info, then using it to ring them back, claim they're from backpacker magazine, and take some credit card info. Now granted, protecting against this is a bit like working to protect the Dail from Islamic terrorists (i.e. it's quite unlikely). Nevertheless, it's a very real threat to security.

But...better.

ChicoMendez

seamus,
thats very true, very true indeed.

if the people i mailed had the good sense to come on here perhaps they could be given a bit of valuable advise. but then again perhaps they think thier customers credit card info is not valuable enough to seek advise (besides that of 4L of course!)

Seth Brundle

ChicoMendez wrote:

its a question of your get what you pay for i guess...

true but as has been said about this before, they could have paid a fortune for this, not knowing any better!

On a side issue - the designer obviously liked to copy & paste this piece of code

<img src="images/grey_dot.gif" width="3" height="3" hspace="4" vspace="0">

ChicoMendez

kbannon wrote:

On a side issue - the designer obviously liked to copy & paste this piece of code

<img src="images/grey_dot.gif" width="3" height="3" hspace="4" vspace="0">

but it is such a lovely grey dot , why ever not copy and paste it!

buddy

Well done Chico, Backpacker should be thanking you for your observance.

andersde10

I'm not so sure about the laws in Ireland with regards to data protection but I think it's probably similar to those in England, which basically says if you are asking for any info on a user that could allow someone to track down that user then it must be secure. i.e. once you have an address or phone number then it must be over https. It'd be a lot worse to have some nutter using your personal information then getting your credit card, i.e. at least the credit card company's have insurance etc if someone gets your number, dunno what would happen if someone got and abused your personal information.

Seth Brundle

ChicoMendez wrote:

but it is such a lovely grey dot , why ever not copy and paste it!

personally (if using the lovely grey dot!) I would have gone with <img src="long_image_of_15_grey_dots.gif" width="150" height="3" /> and not bloated my code!

ChicoMendez

buddy wrote:

Well done Chico, Backpacker should be thanking you for your observance.

tnx - not looking for tnx - just that people think about thier web solutions instead of going off and getting johnny's younger brother to throw something together for half nothing
this route can often come back to haunt you in the future - thankfully Backpacker has and is taking messures to address the issues above in time.


would not mind a free subscription though!

or they could join up to boards and add to my rep!! :cool:

dangerman

good work chico.

This is the problem with web design. You can pay a fortune and get a whole heap of rubbish and the customer just wont know until problems like this arise.