09 February 2016

Please Engage Brain

Archive for: June, 2011
Keith Appleyardavailable for hire - Bromley

Citi demonstrates lack of good Security practice - ditto BBC

16 June 2011  |  5499 views  |  1  |  Recommends 0

As reported, this greatly surprises me - apparently placing the Credit Card number within the URL, and thus by changing the URL exposes other Credit Card details within having to go through the Access Validation routine. On the one hand you'd assume the system designers didn't 'actually' specify it to be this way, but that the programmer didn't ask...

TagsCardsSecurityGroupWhatever...
Previous 1 Next
26,185
Members
14,646
Comments
9,737
Posts
 
1,050
Active bloggers

Top bloggers: 30 days

Most viewed Engaging
Robert Siciliano

Security analyst, published author, tele...

Neil Crammond

trading manager

Christian Voigt

I'm a Senior Regulatory Adviser at Fides...

Who is commenting on these posts

Ketharaman Swaminathan
Munaeem Jamal
Hamza Abu-Musa
Tapan Agarwal
Charmaine Oak
Jeremy Mugridge
Ray Kenny
Vivek Singh
Neil Crammond
Ian Davis
Manish Grover
Balasubramaniam GD