Fri, 2004-07-09 23:00 — jrearick
I bought my textbook and interactive classroom device dohickey. To be able to use the dohickey I have to register for an account online, and that costs even more money. While registering for my account I came across something that unsettles me. After submitting my credit card information using the secure payment form the publisher's web site, my browser warned me that I was about to send a submission in clear, not encrypted. I tell it not let the action take place, as I am a little paranoid about my credit card information being sent in the clear. After denying this request a page loaded saying my payment was approved and that I should not cancel, go back, or close the browser window. I waited for a few minutes to see what would happen, but I became curious as to what it was doing so I viewed the source. The source contained a hidden form that contained all the information I had submitted earlier (including my full credit card number, security code, and card type). It was set to POST to an insecure URL and contained a script to automatically submit the data. I assume this is what caused the security warning I got earlier. I got an email stating that my payment was approved, so I believe the charge was applied to my card. I wonder how long, and how many people's information were sent in the clear, and weather or not they will fix this. I sent their tech support an email detailing what happened. It has been in my experience web sites linked with textbooks don't work too well. Accounting 284 comes to mind for me. I'm sure other people have had bad experiences with textbook web sites.
Right now, Colin is here and we are watching the season premiere of Stargate SG-1.