U.S. CitiesCity-Data Forum Index
Go Back   City-Data Forum > General Forums > Science and Technology > Internet
 [Register]
Please register to participate in our discussions with 2 million other members - it's free and quick! Some forums can only be seen by registered members. After you create your account, you'll be able to customize options and access all our 15,000 new posts/day with fewer ads.
View detailed profile (Advanced) or search
site with Google Custom Search

Search Forums  (Advanced)
Reply Start New Thread
 
Old 05-15-2016, 09:18 AM
 
26,158 posts, read 15,733,453 times
Reputation: 17235

Advertisements

Quote:
"Many Americans are growing increasingly concerned about privacy and security. According to a survey, almost half of American households with at least one Internet user have been deterred from online activity recently. The online activity includes doing online transactions, banking, and posting things on social media, said the survey of 41,000 households by a Department of Commerce agency. BBC reports
Really no surprise....... Its good seeing people aware of the dangers (Especially those on facebook and dont hide thier REAL identidy @ all!!)

www.bbc.com/news/technology-36285651 from http://yro.slashdot.org/story/16/05/...nline-shopping
Reply With Quote Quick reply to this message

 
Old 05-16-2016, 10:29 AM
 
Location: Cleveland, Ohio
11,815 posts, read 13,954,365 times
Reputation: 8047
Ugh... because people are dumb dude111... not because it's DANGEROUS...

Give it a rest, man.
Reply With Quote Quick reply to this message
 
Old 05-16-2016, 09:08 PM
 
Location: Sarasota FL
6,865 posts, read 9,538,404 times
Reputation: 6592
Privacy and security? Non existent. Last week I received a post card and yesterday I received a phone call asking me if I wanted to sell my car. [An old garage kept collector car] Post card and calling # were not in my area code.
With the amount of ID theft and credit card theft, I can see why people have concern. I never call an 800 # to purchase anything on TV. Who knows who and where the number is being recorded. If I want to purchase, I do so through their web site.
Reply With Quote Quick reply to this message
 
Old 05-17-2016, 09:09 AM
 
Location: Cleveland, Ohio
11,815 posts, read 13,954,365 times
Reputation: 8047
And Dude you should have linked to the full article. Not the snippet from Slashdot. Did you read the full article?

Privacy fears 'deterring' US web users from online shopping - BBC News

"Asked about the activities individually, 29% of households responding said they had avoided conducting financial transactions online; 26% avoided buying goods or services; 26% avoided posting to social networks and 19% said they had stopped themselves expressing a controversial opinion on social media because of privacy concerns."

This is how people FEEL. They are AFRAID. Is this how we want to live, Dude111? You make it sound like it's a FACT. Shop online and you are screwed. The Elite will know everything about you =and will start tracking you. YOU are the people this article is referring to.

You...and these people:
"When respondents were asked what concerned them the most about online privacy and security, 63% said identity theft.
The respondents, who were allowed to give multiple answers, also cited credit card or banking fraud (45%), data collection by online services (23%), loss of control over personal data (22%) and data collection by the government (18%); 13% also said they were concerned about threats to personal safety."

Read that last line again....
"13% also said they were concerned about threats to personal safety."

Roughly 5,300 people of the original 41,000 are concerned about personal safety from shopping online. THAT is the scary figure.

"Businesses often avoid drawing attention to the fact they track data on people, which isn't as underhand as it sounds," he said. [Bolded for Dude]
"The nature of how this technology works is that we leave a trail of data whenever we interact with sites, [As it should be, Dude...this cannot be anonymous..there is NO security in anonymity when it comes to shopping online] but being more transparent about what they have, how it is used, and why, could actually... build trust."

You WANT Amazon to have your Credit Card associated with you. and your Address. So it's SAFER for you to shop online.
Reply With Quote Quick reply to this message
 
Old 05-17-2016, 08:23 PM
 
Location: Sarasota FL
6,865 posts, read 9,538,404 times
Reputation: 6592
Not only is there the privacy concerns but with tracking, there's also the annoyance factor. Three weeks ago I went on Ebay to look for a replacement OTA antenna. I SIGNED IN to take a look. Bad mistake. I've received mail every day from Ebay, almost all showing OTA antennas for sale.
Reply With Quote Quick reply to this message
 
Old 05-18-2016, 06:14 AM
 
40,169 posts, read 41,775,319 times
Reputation: 16740
Shopping online is about as safe as it gets. The transaction between your computer and the other end is encrypted. Where the break down in security occurs is on your end (e.g. key logger) or on the server end if it's compromised. There is strict protocols about how and what data can be stored and where it can be stored. Realistically it's just as safe if not safer that using your card at the store and much safer than ordering something over unecrytpted wireless phone common in many homes. There has been more than a few attacks at stores themselves, certainly more people compromised there than online.

The most common way people get fooled is through phishing scams and that is somewhat out of their hands. I know my bank uses an image to prevent this, you pick an image when you sign up. That image appears on the login page, a phishing scam can duplicate a login page but they cannot provide that personalized image.

As far as tracking every website tracks you, at a bare minimum they will be logging what pages and files you access recording the time, IP, browser, the requested URL, referrer and some other basic information. This is used for analytics and also kept for security reasons if you need reference. How long that information is kept depends, could be anywhere from a month to years. This is typically anonymous where only the IP is tied to you, it doesn't necessarily have to be.

If you are really concerned about the safety of online banking and tracking you can use a live linux CD like Knoppix. Every time you boot into it is like fresh install of the OS. Anything that would stored or compromised on your computer would have to ocur before the CD is written and that is practically impossible unless the file you downloaded was compromised.
Reply With Quote Quick reply to this message
 
Old 05-18-2016, 09:00 AM
 
Location: Cleveland, Ohio
11,815 posts, read 13,954,365 times
Reputation: 8047
Quote:
Originally Posted by d4g4m View Post
Not only is there the privacy concerns but with tracking, there's also the annoyance factor. Three weeks ago I went on Ebay to look for a replacement OTA antenna. I SIGNED IN to take a look. Bad mistake. I've received mail every day from Ebay, almost all showing OTA antennas for sale.
Really? How horrible.
Come on.. That's hardly anything very nefarious. Or anything to even be remotely upset about.
Login to your EBay account , go to options and say NEVER SEND ME EMAIL. It's really that simple. Maybe you should pay better attention when signing up for an account because they do ask you these things when you sign up.
Reply With Quote Quick reply to this message
 
Old 05-18-2016, 12:20 PM
 
Location: 10110001010110100
6,385 posts, read 10,841,220 times
Reputation: 5589
If you really wanted to hack someone, you could do so very easily. Even here on C-D and worse, using the site itself. Place a link on your profile as your "Home Page" or whatever pointing to a site where a script is awaiting execution....boom, now I have your C-D login data or control of the system you are currently on.

However unlikely, that sounds plausible because it is very possible, isn't it?
Now should you freak out and not use the site or the Internet itself? Riding a motorcycle, especially in Southern California is borderline a suicidal thing but does this fact deter me or any of the several close calls?

The same types of threats always existed, Internet is just a new medium, a new way. People just need to be aware, keep themselves educated against them and use Internet prudently. Learn how to protect themselves by doing/not doing certain things and go on your merry way because life still goes on.
Reply With Quote Quick reply to this message
 
Old 05-20-2016, 09:28 AM
 
40,169 posts, read 41,775,319 times
Reputation: 16740
Quote:
Originally Posted by TurcoLoco View Post

If you really wanted to hack someone, you could do so very easily.
Give it a try.

XSS attacks like that are not impossible but unlikely. This is one thing developers are going to be keenly aware of. Any link you are going to post on this site is going to be parsed to check for such attacks. This of course doens't prevent you from putting the link somewhere else. It just prevents this site from being the source for a XSS attack.

No hack:
Example Domain

Attempted XSS Hack:
http://example.com/<script>alert("TEST");</script>

When a request is made to the server the URL is parsed by the forum software, it's only going to accept valid parameters and the values of those parameters will also need to be valid. When you are validating input instead of trying to fend off attacks you check to make sure the values are what is expected before using them. If it's supposed to be a number you only accept numbers.


Every input form is going to have a token set, it's a unique ID for that form that expires after X amount of time. X is usually something like 10 minutes, if you ever get that "invalid form" error after taking a while to post something that is because the token expired. You need to be logged in and load the page to have the token set, the hacker would need to obtain the token before being able to post something as you.

Cookies can only be accessed by the domain that set them....

There is all kinds of roadblocks to prevent this. It's not impossible but unlikely especially on a site like this using a very popular piece of software like VB.
Reply With Quote Quick reply to this message
 
Old 05-20-2016, 11:11 AM
 
Location: 10110001010110100
6,385 posts, read 10,841,220 times
Reputation: 5589
Quote:
Originally Posted by thecoalman View Post
Give it a try.
Sorry for the late reply. I was busy reading your PMs!


I kid! I kid!

Quote:
XSS attacks like that are not impossible but unlikely. This is one thing developers are going to be keenly aware of. Any link you are going to post on this site is going to be parsed to check for such attacks. This of course doens't prevent you from putting the link somewhere else. It just prevents this site from being the source for a XSS attack.

No hack:
Example Domain

Attempted XSS Hack:
http://example.com/<script>alert("TEST");</script>

When a request is made to the server the URL is parsed by the forum software, it's only going to accept valid parameters and the values of those parameters will also need to be valid. When you are validating input instead of trying to fend off attacks you check to make sure the values are what is expected before using them. If it's supposed to be a number you only accept numbers.


Every input form is going to have a token set, it's a unique ID for that form that expires after X amount of time. X is usually something like 10 minutes, if you ever get that "invalid form" error after taking a while to post something that is because the token expired. You need to be logged in and load the page to have the token set, the hacker would need to obtain the token before being able to post something as you.

Cookies can only be accessed by the domain that set them....

There is all kinds of roadblocks to prevent this. It's not impossible but unlikely especially on a site like this using a very popular piece of software like VB.
I would imagine all those traditional means of hacking would be blocked by most any prudent site admin at this day and only the l33t h4<k3rs might actually figure out a way around but I wouldn't know.

In a facetious way, I was only trying to make Dude more paranoid!
Reply With Quote Quick reply to this message
Please register to post and access all features of our very popular forum. It is free and quick. Over $68,000 in prizes has already been given out to active posters on our forum. Additional giveaways are planned.

Detailed information about all U.S. cities, counties, and zip codes on our site: City-data.com.


Reply
Please update this thread with any new information or opinions. This open thread is still read by thousands of people, so we encourage all additional points of view.

Quick Reply
Message:

Over $104,000 in prizes was already given out to active posters on our forum and additional giveaways are planned!

Go Back   City-Data Forum > General Forums > Science and Technology > Internet
Similar Threads
Follow City-Data.com founder on our Forum or

All times are GMT -6. The time now is 11:55 PM.

© 2005-2019, Advameg, Inc. · Please obey Forum Rules · Terms of Use and Privacy Policy · Bug Bounty

City-Data.com - Archive 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35 - Top