21 December 2014

Please Engage Brain

Archive for: June, 2011
Keith Appleyardavailable for hire - Bromley

Citi demonstrates lack of good Security practice - ditto BBC

16 June 2011  |  5258 views  |  1  |  Recommends 0

As reported, this greatly surprises me - apparently placing the Credit Card number within the URL, and thus by changing the URL exposes other Credit Card details within having to go through the Access Validation routine. On the one hand you'd assume the system designers didn't 'actually' specify it to be this way, but that the programmer didn't ask...

TagsCardsSecurityGroupWhatever...
Previous 1 Next
 
1,272
Active bloggers
24,685
Members
8,344
Posts
11,687
Comments

Top bloggers: 30 days

Most viewed Engaging
Laurence Leyden

Responsible for SAP Business Development...

Robert Siciliano

Security analyst, published author, tele...

Paul Love

A payments professional, consultant, SME...

Lu Zurawski

Bipolar electronic payments expert. Curi...

Iain Montgomery

Innovation & Growth Consultant for M...

Who is commenting on these posts

Rozar Fid
Eric Lindeen
Sreeram Yegappan
Ketharaman Swaminathan
Simon Sanderson
enrico camerinelli
Alex Letts
Andrew Miller
Iain Montgomery
Lu Zurawski
Alexander Peschkoff
Chetan Ghadge