McAfee, Symantec, and VeriSign sites all found to contain cross-site scripting

somanyholes · Jun 11, 2008, 14:23:29

Major Security Vendors' Sites Could Be Launchpads for Phishing Attacks

It involves mcaffe and symantec, (couldn't happen to any nicer companies

) It also involves VeriSign which is not good at all. Practise what they preach? not a chance.

http://www.darkreading.com/document.asp?doc_id=155995&WT.svl=news1_1

Rik · Jun 11, 2008, 15:24:55

It really is getting to the point where the web is an unsafe place to do business - despite the apparent security. House of cards springs to mind.

David · Jun 11, 2008, 16:23:22

This after yesterdays announcement sure makes me think may be a cheque will take longer but its a lot safer at the moment and things are now surfacing which makes very sobering reading

Rik · Jun 11, 2008, 16:25:34

I agree, David. Neither merchants nor banks will want the expense of masses of cheques to handle, so it could be a very effective form of protest.

David · Jun 11, 2008, 16:27:59

May prove to be the only one Rik how many more skeletons in the cupboard

Rik · Jun 11, 2008, 16:33:25

I dread to think.

David · Jun 11, 2008, 16:47:29

This leak could end up a flood Rik and can see many reasons why they big banks etc would want to suppress it as well,a few more scares and people will abandon the online shopping so fast our high streets will end up with shops instead of burger bars and mobile phone shops

Rik · Jun 11, 2008, 16:54:09

I agree, David. Having been caught out twice with fraudulent card activity, I'm certainly getting wary.

David · Jun 11, 2008, 17:29:30

Im loathed to say it but touch wood I have escaped so far.but unlike with many things I restrict buying with my cards online unless I am really sure but this could go further than online,just imagine if Tesco or another Giant retailer suffered this...it would be catastrophic and I am not convinced it could not happen given the Data discs fiasco and now this

Rik · Jun 11, 2008, 17:32:23

Large companies, eg TK Maxx, have already been breached, David.

David · Jun 11, 2008, 17:37:24

Yes but what if more mainstream companies get it like the Asda and the Tescos it would effectively cripple this countries when it came to shopping anywhere cash would make a bigger comeback than Frank Sinatra

Its a scary thought really how many of us would be able to live without cards ?

Rik · Jun 11, 2008, 17:43:18

Online, we certainly couldn't. Shops would hate going back to cash due to the high handling costs. We might actually get some significant action taken...

David · Jun 11, 2008, 17:46:17

Then in theory at least,its more than likely they are all running around trying to fix this already?as you say they all hate cash handling and rightly so,its not a great thing to dwell on...

Sebby · Jun 11, 2008, 18:07:42

Cheques aren't particular safe themselves, though perhaps not as easy to commit fraud with as obtaining someone's card details.

Rik · Jun 11, 2008, 18:13:39

At the end of the day, Sebby, nothing is safe these days.

Dopamine · Jun 11, 2008, 23:54:01

Does anyone remember the Millennium Bug? I had friends employed as programmers who were making fortunes on the back of all the scaremongering surrounding it. What happened? Some of them made so much they've since retired, the Millennium came and went, the Bug didn't.

Same with all this security scaremongering. Sure, we all want the web to be as safe and secure as possible, and there is a very real need for security checking and advice, but let's take all this hype with a pinch of reality. Billions of pounds are transacted across the web on retail and banking activities, and whilst the amount lost to fraud is very large in monetary terms, its actual percentage is very small.

We've become a nation of worriers and scaremongers, unthinkingly hanging on every word issued by vested interests with security services to sell. The article contains very sensible points, but like every other prophecy of doom, the reality will be far less severe, as security holes will be closed long before they cause mass and widespread losses.

Simon · Jun 12, 2008, 00:18:57

Hope you're right!

Inactive · Jun 12, 2008, 00:21:26

So do I Simon, by the number of people on here that have already been affected by card fraud, I think we should all be very concerned.

somanyholes · Jun 12, 2008, 08:10:09

QuoteDoes anyone remember the Millennium Bug? I had friends employed as programmers who were making fortunes on the back of all the scaremongering surrounding it. What happened? Some of them made so much they've since retired, the Millennium came and went, the Bug didn't.

Same with all this security scaremongering. Sure, we all want the web to be as safe and secure as possible, and there is a very real need for security checking and advice, but let's take all this hype with a pinch of reality. Billions of pounds are transacted across the web on retail and banking activities, and whilst the amount lost to fraud is very large in monetary terms, its actual percentage is very small.

We've become a nation of worriers and scaremongers, unthinkingly hanging on every word issued by vested interests with security services to sell. The article contains very sensible points, but like every other prophecy of doom, the reality will be far less severe, as security holes will be closed long before they cause mass and widespread losses.

I'm sure that 1/2 the population of the uk that have had their data stolen/lost would agree with you on the scaremongering front......

Inactive · Jun 12, 2008, 08:53:25

As well as this;

http://news.bbc.co.uk/1/hi/technology/7448187.stm

somanyholes · Jun 12, 2008, 09:16:51

interesting read that in, cheers. Think that one would be used for large purchases. now where do we deliever this statue...

Inactive · Jun 12, 2008, 09:18:13

Dopamine · Jun 12, 2008, 17:08:23

Quote from: somanyholes on Jun 12, 2008, 08:10:09

I'm sure that 1/2 the population of the uk that have had their data stolen/lost would agree with you on the scaremongering front......

I take it that this is a joke. Half the population? Ho ho ho. The end of the world is nigh!

somanyholes · Jun 13, 2008, 08:08:24

considering that 25 million peoples records disappeared in one incident, (child benefits) and there have been many many more incidents from data loss through to credit card fraud etc, 1/2 the population is probably not that far off.

sure the information that comes out can lead to scaremongering, but at the end of the day, it's information that is provided to people so they can attempt to make there own informed decisions. You have obviously made yours.

And no the end of the world is not nigh. But i would of thought that the most used and respected certificate provider having flaws in their code is fairly important, the same for the security software.

hope your nice and cosy in your bubble...

ho ho ho