|
Posted 1/15/2008 by PeterV, VP, Marketing
|
| |
OK, so I have to take my shoes off now (even though there is technology in some airports where I can place my feet on a sensor to tell me if there is metal in my shoe). That's fine. I'll wear the nice socks on travel days. Now it's liquids. I guess with the amount of hair gel I use (see avatar) that I won't be carrying on anymore. Goodbye, luggage. But exposing my personal information to the Web? TSA, you've gone too far.
A blogger uncovered serious security flaws, including things as basic as no SSL certificate, in a TSA Web site that collects personal data from travelers mistakenly placed on terror watch lists. You'd think with all the wiretapping, they'd know by know exactly who the terrorists are, but I digress. A House Oversight Committee has scolded the organization for its serious vunerabilities in the site, which could offer a wealth of personal data to even amateur hackers.
Maybe I'm being hard on the TSA. This problem doesn't really affect me, because my name wouldn't put me on any watch lists except the "extremely caucasian and pale" list. Lindsay Lohan and I are the founding members. However I just can't imagine how this happened. I mean everyone checks their site for general security concerns before going live. Most of the issues would've been caught. But when you're the TSA, dealing with social security numbers, driver's license numbers, etc, wouldn't you take some extra steps?
Makes you wonder where all their advertising revenue is going. That's right...there are now ads in some of the trays where I place my personal belongings for the x-ray machine. Talk about a captive audience!
Share: 
rating:
|
|
Posted 8/27/2007 by PeterV, VP, Marketing
|
| |
I've poo-pooed nike.com in the past on my blog, and thought I'd follow up after watching an interesting video about their e-commerce functionality. Cnet.com noted while nike.com's checkout process says it's secure, you don't get the warm fuzzies from the "https" in the address or the ever comforting padlock icon on your browser. The reason? Nike.com uses Adobe Flash in their e-commerce. As the video points out, most sites that use flash switch over to html when it's time to buy, but nike.com doesn't.
Check out the fill video and the verdict on the site's security here.
That got me thinking about one of our sites that we created for a gift fruit company in Florida called Gregory's Groves. The site uses a flash Rich Internet Application (RIA) shopping cart which allows users to easily access their address book, toggle through shipping dates and rates. It's a very cool feature.
Our shopping cart, though in flash, still employs the https and padlock security features. We did this by creating the pages in .aspx. I'd show it to you, but like many of the fruit stands here in florida this time of year, Gregory's essentially "closes up" for the summer while the fruit is out of season. But be sure to check them out for the holidays for some great gift ideas! And now you know your shipping will be safe!
Share:
rating:
