28 July 2016

Please Engage Brain

Archive for: June, 2011
Keith Appleyardavailable for hire - Bromley

Citi demonstrates lack of good Security practice - ditto BBC

16 June 2011  |  5585 views  |  1 comments | recommendations Recommends 0

As reported, this greatly surprises me - apparently placing the Credit Card number within the URL, and thus by changing the URL exposes other Credit Card details within having to go through the Access Validation routine. On the one hand you'd assume the system designers didn't 'actually' specify it to be this way, but that the programmer didn't ask...

TagsCardsSecurityGroupWhatever...
Previous 1 Next
members
27,381
Members
comments
15,778
Comments
blogs
10,320
Posts
bloggers 
1,091
Active bloggers

Top bloggers: 30 days

Most viewed Engaging
Robert Siciliano
Robert Siciliano

Security analyst, published author, tele...

Graham Seel
Graham Seel

Consultant to Fintech firms selling to,...

Christian Voigt
Christian Voigt

I'm a Senior Regulatory Adviser at Fides...

Cornelius Nandyal
Cornelius Nandyal

Partner at Associates in Capital Markets...

Caroline McClelland
Caroline McClelland

Digital Account Manager at Waracle Mobil...

Who is commenting on these posts

Fal Falafel
Sanjeev Ahuja
Alex Vince
Graham Seel
João Bohner
Ketharaman Swaminathan
Ger Clancy
Vicente Quesada
Laura Glynn
Tayloe Draughon
Sreeram Yegappan
Michael King