Results 1 to 7 of 7
- 11-27-2004, 04:16 PM #1GeorgeGuest
Hi,
I don't know about anyone else, but when it comes to a website, where
I have to enter any sensitive info., I look for two things: a golden
lock emblem in the lower right corner of my IE browser, AND
"https:" as opposed to the normal "http:" In the url address
space.
Those 2 points, and nothing less should be the minimum in acceptable
security practices by consumer and consumee (if 'consumee' is even a
word).
From where you are right now, start a new browser, and enter
www.paypal.com
You'll see it comes up with https://www.paypal.com not just http:
Plus, you'll see the golden lock in the lower right of your browser.
There is a reason for this. It's also the reason I've yet to use
Cingulars online website, to access my information.
AT&T's site was secure, why the heck isn't Cingular's ?
Don't let anyone tell you it's Your fault, or its Your browser that
isn't up to date.
Don't let the host of the web site tell you anything like:
"Well our site was done in XHTML'.
If they tell you that, You should respond with:
"Fine, now I want to see "https: " and the golden lock. Period.
Don't settle for the pop-up message that says about the "Both secured
and unsecured items". That message just basically tells me that the
security criteria I look for, is not used by that site.
Thanks,
George
› See More: A Secure Cingular website would be nice . . .
- 11-27-2004, 05:02 PM #2Jack ZwickGuest
Re: A Secure Cingular website would be nice . . .
In article <[email protected]>,
h_arle/yNO.SPAMd_avidso/[email protected] (George) wrote:
> Hi,
>
> I don't know about anyone else, but when it comes to a website, where
> I have to enter any sensitive info., I look for two things: a golden
> lock emblem in the lower right corner of my IE browser, AND
> "https:" as opposed to the normal "http:" In the url address
> space.
>
> Those 2 points, and nothing less should be the minimum in acceptable
> security practices by consumer and consumee (if 'consumee' is even a
> word).
>
> From where you are right now, start a new browser, and enter
> www.paypal.com
>
> You'll see it comes up with https://www.paypal.com not just http:
> Plus, you'll see the golden lock in the lower right of your browser.
>
> There is a reason for this. It's also the reason I've yet to use
> Cingulars online website, to access my information.
>
> AT&T's site was secure, why the heck isn't Cingular's ?
>
> Don't let anyone tell you it's Your fault, or its Your browser that
> isn't up to date.
Looks secure to me. But then I use Firefox 1.0 as my browser.
https://www.myaccount.cingular.com/myaccount_web
with a LOCK and an Exclamation point in the bottom right hand corner.
- 11-27-2004, 05:30 PM #3HierophantGuest
Re: A Secure Cingular website would be nice . . .
"George" <h_arle/yNO.SPAMd_avidso/[email protected]> wrote in message
news:[email protected]...
| Hi,
|
| I don't know about anyone else, but when it comes to a website, where
| I have to enter any sensitive info., I look for two things: a golden
| lock emblem in the lower right corner of my IE browser, AND
| "https:" as opposed to the normal "http:" In the url address
| space.
|
Problem 1 as far as security is concerned: IE browser
- 11-27-2004, 05:56 PM #4N9WOSGuest
Re: A Secure Cingular website would be nice . . .
> I don't know about anyone else, but when it comes to a website, where
> I have to enter any sensitive info., I look for two things: a golden
> lock emblem in the lower right corner of my IE browser, AND
> "https:" as opposed to the normal "http:" In the url address
> space.
>
> Those 2 points, and nothing less should be the minimum in acceptable
> security practices by consumer and consumee (if 'consumee' is even a
> word).
.... snip.....
> There is a reason for this. It's also the reason I've yet to use
> Cingulars online website, to access my information.
>
> AT&T's site was secure, why the heck isn't Cingular's ?
>
.....snip....
> Don't let the host of the web site tell you anything like:
> "Well our site was done in XHTML'.
>
> If they tell you that, You should respond with:
> "Fine, now I want to see "https: " and the golden lock. Period.
>
> Don't settle for the pop-up message that says about the "Both secured
> and unsecured items". That message just basically tells me that the
> security criteria I look for, is not used by that site.
(sigh...)
If you knew what was going on, you would find that your concern is
unwarranted.
True, the Log in form is served off of a non secure link.
But the log in form that is sent to your computer has no sensitive
information.
So there is no need for a secure link.
When you type in the sensitive information, and log in,
the web scrip will not contact the server that sent the scrip to your
computer.
Your sensitive information will never be sent across the unsecured link
that the page was delivered across.
When you hit the log in button, script sets up a new link with This HTTPS
server.
https://www.cingular.com/
Via an SSL
And that is the one in which it delivers the sensitive information to.
If you look at the web script, that fact will be self evident.
All the lock tells you is that the current page you are looking at,
Was delivered across an SSL connection.
It does not tell you if the link you are going to click leads to a secure
Or an insecure web page.
Technically, You could go to a log in page, that is delivered by a HTTPS
sever.
You would see the lock symbol.
You could enter your information.
But the log in button will send the information, that you just entered,
To a non secure web server, over a non SSL connection.
And the when the new web page loads, the lock symbol will be gone.
The script could even make a quick connection with a new non secure server,
And deliver the personal information.
Then set up a new SSL link with the original server, and download the new
page.
The only way you would know that it made a non secure link, is if you was
looking
At the lock for the split second it diapered and then reappeared.
That is why Microsoft put in those warning screen telling you,
"the information you are about to send is not secure, and may be viewable by
other people"
(or something to that extent.)
And.
"you are entering a secure area"
And
"you are leaving a secure area"
If you had those warnings enabled, you would see that you are entering
A secure area when you press the log in button.
- 11-27-2004, 06:10 PM #5N9WOSGuest
Re: A Secure Cingular website would be nice . . .
As a mater of fact, if you want your log in page delivered over
an SSL link.
Go to this page.
https://www.cingular.com/myaccount/login
- 11-28-2004, 02:13 PM #6CambieGuest
Re: A Secure Cingular website would be nice . . .
Hierophant wrote:
> Problem 1 as far as security is concerned: IE browser
>
>
That exactly where i started laughing. He's concerned with security, yet
using IE.
- 11-28-2004, 03:37 PM #7Jack ZwickGuest
Re: A Secure Cingular website would be nice . . .
In article <[email protected]>,
Cambie <[email protected]> wrote:
> Hierophant wrote:
> > Problem 1 as far as security is concerned: IE browser
> >
> >
>
> That exactly where i started laughing. He's concerned with security, yet
> using IE.
Should use Firefox
Similar Threads
- Verizon
- Motorola
- Motorola
- alt.cellular.cingular
The Ukrainian Review
in Chit Chat