LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices



Reply
 
Search this Thread
Old 02-24-2006, 08:10 AM   #1
Robhogg
Member
 
Registered: Sep 2004
Location: Old York, North Yorks.
Distribution: Debian 7 (mainly)
Posts: 653

Rep: Reputation: 85
Amazon.co.uk security


This is something that I have contacted the company about, but have yet to get a reply:

Unlike some other online retail sites, Amazon's sign-in page is unencrypted (ordinary http://...), which so far as I can see means that your password is sent in the open. However, if you click the "Continue (using secure server)" button without entering anything, you are taken to abother page which gives you an error message and invites you to sign in again. The difference here is that the page is secure (https://...) which means, I believe, that your log-in details will be encrypted when they are sent.

Why don't Amazon automatically connect you to the secure server before log-in?
 
Old 02-24-2006, 08:16 AM   #2
b0uncer
Guru
 
Registered: Aug 2003
Distribution: CentOS, OS X
Posts: 5,131

Rep: Reputation: Disabled
hey, why don't every car out there have airbags everywhere?

maybe they just have some nifty reason for that..or are just unwilling to change it. and after all, why would it interest you (assuming you're not owner to Amazon.com in any way)?
 
Old 02-24-2006, 09:05 AM   #3
SaintsOfTheDiamond
Member
 
Registered: Jan 2006
Location: Lexington, KY
Distribution: Arch and a little Slack
Posts: 139

Rep: Reputation: 15
Quote:
Originally Posted by b0uncer
why would it interest you (assuming you're not owner to Amazon.com in any way)?
Because if you decide to use Amazon it's your information that's being sent unencrypted.
 
Old 02-24-2006, 08:32 PM   #4
Robhogg
Member
 
Registered: Sep 2004
Location: Old York, North Yorks.
Distribution: Debian 7 (mainly)
Posts: 653

Original Poster
Rep: Reputation: 85
Exactly.

So what I don't get is why they don't take a step that would improve their customers security while not presenting any significant technical difficulties that I can see.

In the meantime, I'll continue to annoy the server by clicking the button before entering my details.
 
Old 02-27-2006, 10:20 AM   #5
b0uncer
Guru
 
Registered: Aug 2003
Distribution: CentOS, OS X
Posts: 5,131

Rep: Reputation: Disabled
yeah, I guess..anyway, there is a simple solution - don't be their customer. and eve if you were, then I don't think the help for the problem really lies here if I could do something about it, I probably would..is's Amazon that does, or then nobody. I guess the latter one.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Amazon.com (spooky) Xswitch General 2 01-17-2006 05:57 PM
Colombian Amazon davholla General 11 03-24-2005 10:04 PM
Problems with Amazon.co.uk terryl Linux - General 6 02-18-2005 07:38 PM
Why is Amazon.com doing this? vharishankar General 9 09-19-2004 03:29 PM
Donations through Amazon Agalloch LQ Suggestions & Feedback 9 08-19-2003 04:02 AM


All times are GMT -5. The time now is 11:32 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration