Aer Lingus mobile app leaking credit card data

Impetus

An item in "the Enquirer" suggests that the Aer Lingus mobile app is leaking personal information, including payment card details.

While any ejit who uses their mobile phone for payment or banking transactions probably deserves the high risk/price of their bad judgement, it is incumbent on IAG group to fix the issue. Or disable the mobile app in question. Back in the day when I used to use this airline, before they sold out to a high risk of terrorism state, which is engaged in a military/cultural war with a large portion of the world, anytime I used the EI app (eg to check flight status), it never worked well. It does not surprise me that there may be problems processing payment cards securely using this product.

http://www.theinquirer.net/inquirer/news/2438647/aer-lingus-easyjet-and-chiltern-railways-accused-of-leaking-credit-card-details

L1011

Impetus wrote: »

before they sold out to a high risk of terrorism state, which is engaged in a military/cultural war with a large portion of the world,

Spain?

(your attempt to bring your clearly insane views in here are rather screwed up by the fact that IAG aren't British)

Impetus

L1011 wrote: »

Spain?

(your attempt to bring your clearly insane views in here are rather screwed up by the fact that IAG aren't British)

While IAG is registered in Madrid, it is headquartered in London, its primary listing is on the London stock exchange, its primary asset is BA (in value terms).

As an aside Spain too was engaged in "military action" against the Arab world - which was almost certainly the driver of the Madrid bombings. Inexcusable etc. But they add to the risk of making use of this group's transportation assets.

syklops

While any ejit who uses their mobile phone for payment or banking transactions probably deserves the high risk/price of their bad judgement,

I'm an eejit who sometimes uses my phone for bank transactions. I'm also a pen tester and regularly test the apps I use for leakage, or just poor implementation.

I have two questions for you. The first is:

You have brought numerous security issues to the attention of this board, many of them pertaining to Ryanair. When asked about it you said you didn't bother contact Ryanair. Did you contact Aer Lingus or AIG about this issue?

Second question, how do you get away being so offensive?

dbit

I dare not say a word in here ......... Scarper !

Graham

Holy crap, since when did The Enquirer become a credible source of information security news anything.

I know it's probably difficult for anyone to read an entire "article" on the enquirer so let me help with the relevant detail:

"We are pleased to say we have learned that easyJet, Chiltern Railways, San Diego Zoo, CN Tower, Aer Lingus and Air Canada have now confirmed there is no ongoing issue, it said in a statement.

As to the other threats mentioned in the thread I have prepared myself with an appropriate security response:

Capt'n Midnight

Graham wrote: »

As to the other threats mentioned in the thread I have prepared myself with an appropriate security response:

Actually all that does is put your brain at the focal point of a parabolic dish :P

http://www.theregister.co.uk/2005/11/11/tinfoil_hats_as_government_plot/

"the helmets amplify frequency bands that coincide with those allocated to the US government between 1.2 Ghz and 1.4 Ghz. According to the FCC, These bands are supposedly reserved for 'radio location' (ie, GPS), and other communications with satellites."

The researchers speculate that the government is behind the rumour that tinfoil hats protect people from invasive radio signals in order to encourage their use and therefore to enhance the effectiveness of their radio control program.

Graham

Capt'n Midnight wrote: »

Actually all that does is put your brain at the focal point of a parabolic dish :P

http://www.theregister.co.uk/2005/11/11/tinfoil_hats_as_government_plot/

I understand in further scientific studies medical professionals agreed that a bit of parabolic radio wave amplification to the head might be just what some of the tinfoil hat brigade need.