1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Forum Market Place security!?!?

Discussion in 'Serious' started by trueno!, 21 Sep 2013.

  1. trueno!

    trueno! That's TRUE-N-NO if ure not sure!..

    Joined:
    24 Apr 2009
    Posts:
    585
    Likes Received:
    110
    Just a thought for us all here who buy and sell in the MP on this forum, do we have it in some way, if not is it necessary!?.

    Just remembered that LinusTechTips forum is now using https security so they can enable classifieds sales and secure wifi hotspot usage!..

    Because us buyers and sellers are exchanging personal details with each other via PMs, could there be any insecurities with this forum if it's not using any kind of online secure encryptions?..

    Would love to hear your opinions... ;)
     
    Last edited: 21 Sep 2013
  2. Guest-16

    Guest-16 Guest

    Don't use PM. Or email. Or an unsecured wireless hotspot.
     
  3. Teelzebub

    Teelzebub Up yours GOD,Whats best served cold

    Joined:
    27 Nov 2009
    Posts:
    15,796
    Likes Received:
    4,484
    +1
     
  4. trueno!

    trueno! That's TRUE-N-NO if ure not sure!..

    Joined:
    24 Apr 2009
    Posts:
    585
    Likes Received:
    110
    Then how do we exchange personal private details safely? It's not gonna be any better via any other method we choose!?. Or is there?..

    Sent from my GT-I9300 using Tapatalk 4
     
  5. Teelzebub

    Teelzebub Up yours GOD,Whats best served cold

    Joined:
    27 Nov 2009
    Posts:
    15,796
    Likes Received:
    4,484
    If you're hinting that bt should implement https security then you have no chance of bt doing it.

    It's been stated many times neither the staff or the mods take any responsibility for the MP and we buy / sell at our own risk, we agree to take that risk or don't use the MP simple
     
  6. mucgoo

    mucgoo Minimodder

    Joined:
    9 Dec 2010
    Posts:
    1,602
    Likes Received:
    41
    Your account number, sort code and address aren't that sensitive. Your already opting to give them to a near random stranger.
     
  7. TheMadDutchDude

    TheMadDutchDude The Flying Dutchman

    Joined:
    23 Aug 2013
    Posts:
    4,739
    Likes Received:
    523
    If you give someone your account number and sort code, all they can do is pay into your account. I can't see that being a bad thing. :D

    I've made many trades through forums (various ones) and never encountered a problem. Fraud protection and such is pretty good from what I hear so there's little to worry about.
     
  8. Teelzebub

    Teelzebub Up yours GOD,Whats best served cold

    Joined:
    27 Nov 2009
    Posts:
    15,796
    Likes Received:
    4,484
    True

    Then only use paypal that way you're not giving your bank details out only your name and address
     
  9. julianmartin

    julianmartin resident cyborg.

    Joined:
    25 Jul 2004
    Posts:
    3,562
    Likes Received:
    126
    http://news.bbc.co.uk/1/hi/7174760.stm
     
  10. RTT

    RTT #parp

    Joined:
    12 Mar 2001
    Posts:
    14,120
    Likes Received:
    74
    Even if bt added SSL, it'd make no practical difference to your security - the person you're dealing with is still going to get your details either way. And if you're worried about details being stolen in transit, then

    1) no one's going to bother with bt, there are bigger/better targets
    2) it all sits in an unencrypted database in the end, which is a better target if it was ever going to be targetted
     
  11. faugusztin

    faugusztin I *am* the guy with two left hands

    Joined:
    11 Aug 2008
    Posts:
    6,953
    Likes Received:
    270
    That bank should have the licence revoked immediately, period. If you can go to a bank and setup stuff like that without any sort of ID, then that bank security is non-existent, and you should not trust that bank with even a cent.

    Here in Slovakia i have to do this :
    1) if i go to bank personally i have to provide my ID and unless i am putting money to account, i have to provide a digital signature, which is checked against the saved signature.
    2) if i call the bank via hotline, i have to provide my secure identification number and my voice is analyzed and checked against the saved audio pattern.
    3) if i try to do stuff online via web, i have to provide my secure identification number, password and after that i have to provide a code generated by a secure key calculator for login and everything which could change my details or affect mo money.
     
  12. Krikkit

    Krikkit All glory to the hypnotoad! Super Moderator

    Joined:
    21 Jan 2003
    Posts:
    23,995
    Likes Received:
    707
    That's how our banking system works! The payments taken from Clarkson's account were all fraud protected - they'll be easy to revoke and obtain a refund.
     
  13. TheMadDutchDude

    TheMadDutchDude The Flying Dutchman

    Joined:
    23 Aug 2013
    Posts:
    4,739
    Likes Received:
    523
    Well... colour me surprised. I will definitely rethink my original thought. :D

    You can still get your bank to get you the cash back for the most part, right??
     
  14. erratum1

    erratum1 What's a Dremel?

    Joined:
    30 Apr 2009
    Posts:
    1,924
    Likes Received:
    68
    ^ yea that's pretty dodgy they're not making any money unless they have there own magazine etc so it would just be malicious..even so quite a nasty surprise.

    When you register with an agency they want your bank details before offering any work, on an open day I was forced by the jobcentre to hand it over which I felt un easy about cause they were collecting loads of people details with no actual job offers.

    If they were to lose them who knows where they could end up.
     
  15. Guinevere

    Guinevere Mega Mom

    Joined:
    8 May 2010
    Posts:
    2,484
    Likes Received:
    176
    That sting was possible because the British Diabetic Association weren't doing full verification of the account details.

    When taking up an online paperless Direct Debit, the organisation can choose to:

    1: Just collect the acc no & sort code and hope for the best

    2: Validate the acc no & sort code is real and associated with an account that can pay Direct Debits (Not all can, EG savings accounts).

    3: Verify a supplied address is associated with the bank account.

    I wrote card processing and Direct Debit handling software for the charity sector, and NOBODY wanted option 3. Too much verification just reduces the amount of legitimate donations you can get through as people fill in their details get a "Your address doesn't match" error and they stop donating. Better to accept the payment and filter it out / refund later.

    The "Direct Debit Guarantee" ensures that the bank account holder receives a full and fast refund of in any dispute. The refund comes first, the "But we still want you to pay your mobile phone bill" argument takes place after and outside of the DD Mandate.

    You'll be amazed at the amount of bogus transactions that charities have to filter out. Without the correct filters in place the big name charities I worked with would have been processing and issuing charge backs for thousands of transactions per day. Bogus DDs are rare, but bogus card transactions... sheesh. Damn thieves used to use the charity websites to see if the cards they had had been blocked. Pay £1 to the Red Cross and if it goes through, you know the card is good!
     
  16. law99

    law99 Custom User Title

    Joined:
    24 Sep 2009
    Posts:
    2,390
    Likes Received:
    63
    interesting.
     
Tags:

Share This Page