Comments on: Paying on the web? Look for the small padlock, not the big one http://www.itwriting.com/blog/353-paying-on-the-web-look-for-the-small-padlock-not-the-big-one.html Tech writing blog Thu, 18 Mar 2010 12:56:06 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: Globus http://www.itwriting.com/blog/353-paying-on-the-web-look-for-the-small-padlock-not-the-big-one.html/comment-page-1#comment-50892 Globus Mon, 10 Dec 2007 16:07:39 +0000 http://www.itwriting.com/blog/?p=353#comment-50892 globus has had nothing but trouble with thetrainline over the past two months. they advised to contact the card issuer, but barclaycard advise it is a problem with thetrainline. it's still not fixed, and globus is still frustrated having to contact them by telephone to book travel - grrr. globus has had nothing but trouble with thetrainline over the past two months. they advised to contact the card issuer, but barclaycard advise it is a problem with thetrainline. it’s still not fixed, and globus is still frustrated having to contact them by telephone to book travel – grrr.

]]> By: Geordie http://www.itwriting.com/blog/353-paying-on-the-web-look-for-the-small-padlock-not-the-big-one.html/comment-page-1#comment-47461 Geordie Thu, 22 Nov 2007 19:36:13 +0000 http://www.itwriting.com/blog/?p=353#comment-47461 You think that's bad Have a look at this... An invitation form a government organisation that has already lost 54,00 records not six months ago to send your full credit card details across an insecure medium http://www.newcastle.gov.uk/core.nsf/a/paybyphonetextmessage You think that’s bad

Have a look at this…
An invitation form a government organisation that has already lost 54,00 records not six months ago to send your full credit card details across an insecure medium

http://www.newcastle.gov.uk/core.nsf/a/paybyphonetextmessage

]]> By: Tim http://www.itwriting.com/blog/353-paying-on-the-web-look-for-the-small-padlock-not-the-big-one.html/comment-page-1#comment-39944 Tim Wed, 24 Oct 2007 16:57:36 +0000 http://www.itwriting.com/blog/?p=353#comment-39944 <blockquote> I was just purchasing my tickets on the trainline and have found the exact same problem. </blockquote> Not good, at least 16 days after this was reported. See also: http://blogs.verisign.com/ssl-blog/ Tim

I was just purchasing my tickets on the trainline and have found the exact same problem.

Not good, at least 16 days after this was reported.

See also:

http://blogs.verisign.com/ssl-blog/

Tim

]]> By: Dave Sutherland http://www.itwriting.com/blog/353-paying-on-the-web-look-for-the-small-padlock-not-the-big-one.html/comment-page-1#comment-39942 Dave Sutherland Wed, 24 Oct 2007 16:51:15 +0000 http://www.itwriting.com/blog/?p=353#comment-39942 I was just purchasing my tickets on the trainline and have found the exact same problem. I promptly phoned the number on the website and they tried to convince me that it was a problem with the firewall settings on my machine! I tried to tell them i had a wireshark dump proving that the credit card number was sent in plain text but this was clearly over their heads. They told me I should complain in writing! Perhaps someone should report these guys to Visa so that their 'Verified By Visa' status gets revoked. - Dave I was just purchasing my tickets on the trainline and have found the exact same problem.

I promptly phoned the number on the website and they tried to convince me that it was a problem with the firewall settings on my machine! I tried to tell them i had a wireshark dump proving that the credit card number was sent in plain text but this was clearly over their heads.

They told me I should complain in writing!

Perhaps someone should report these guys to Visa so that their ‘Verified By Visa’ status gets revoked.

- Dave

]]> By: Tim http://www.itwriting.com/blog/353-paying-on-the-web-look-for-the-small-padlock-not-the-big-one.html/comment-page-1#comment-38387 Tim Thu, 11 Oct 2007 18:44:10 +0000 http://www.itwriting.com/blog/?p=353#comment-38387 <blockquote> “Safari can’t verify the identify of the website “www.thetrainline.com” </blockquote> I get this too - but only with Safari on the Mac. FireFox on the Mac is happy with it; so is IE and FireFox on Windows. That suggests to me that Safari has it wrong; but it's curious. Tim

“Safari can’t verify the identify of the website “www.thetrainline.com”

I get this too – but only with Safari on the Mac. FireFox on the Mac is happy with it; so is IE and FireFox on Windows. That suggests to me that Safari has it wrong; but it’s curious.

Tim

]]> By: Kaye C http://www.itwriting.com/blog/353-paying-on-the-web-look-for-the-small-padlock-not-the-big-one.html/comment-page-1#comment-38382 Kaye C Thu, 11 Oct 2007 17:31:04 +0000 http://www.itwriting.com/blog/?p=353#comment-38382 Dear Tim, I'm not technical, but found your page due to security certificate error on www.thetrainline.com: "Safari can't verify the identify of the website "www.thetrainline.com" The certificate for this website was signed by an unknown certifying authority. You might be connecting to a website that is pretending to be www.thetrainline.com which could put your confidential information at risk. Would you like to connect to the website anyway?" "This certificate was signed by an unknown authority" My problem is: do I use the site or not? Do I ignore the error and book or not? (sigh!) For newbies like myself, this is a dilmna Dear Tim,
I’m not technical, but found your page due to security certificate error on http://www.thetrainline.com:

“Safari can’t verify the identify of the website “www.thetrainline.com”
The certificate for this website was signed by an unknown certifying authority. You might be connecting to a website that is pretending to be http://www.thetrainline.com which could put your confidential information at risk. Would you like to connect to the website anyway?”

“This certificate was signed by an unknown authority”

My problem is: do I use the site or not? Do I ignore the error and book or not? (sigh!) For newbies like myself, this is a dilmna

]]>