I have had a problem involving use of someone else's credit card over the Internet. I want to post this because I want to advise people of a potential problem and/or risk and perhaps ask if someone else noticed something like this, or, in the alternative, make it known what happened so that people can be aware of it. Or maybe someone can tell me how this happened.
Another roommate who stays at the house I rent a room in uses my computer to handle his business, basically for surfing the net and such. If I'm at the computer I'm willing to help him find things or enter details. On occasion, typically for his customers he will book airline tickets, and he uses one specific credit card for that purpose. On occasion he's had me enter his information into the computer.
I do not know, and have never saved or captured his credit card information (I have my own cards). Well, what is wierd is, there were two things I ordered which were charged to his card number. I haven't the slightest idea how. The last 4 digits of both cards are different, the issuers are not the same (the credit card I use belongs to a family member and is a major East-Coast bank, his has his name and is some bank in the Midwest), and as I don't even know his number there's no way I could have used it intentionally.
My ATM card is on the Visa network from a third bank different from either of the two others, and if I hit a website that refused debit cards, I have a regular credit card which is issued to a family member, so I did not need to use someone else's card. And if I did need a credit card and did not have one around, I would have asked him first if I didn't have a credit card available.
I use Netscape version 7.2 "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.2) Gecko/20040804 Netscape/7.2 (ax)" on a Windows XP machine with Service Pack 2 for browsing because I do not trust Internet Explorer and its security holes. I have a hardware firewall between this computer and the Internet, so I can't argue some hacker broke in and switched one of my charges to his credit card. (Which is ridiculous to say the least.)
The only possible answer I can think of is that on one of the form fields used by one of the airline websites, is using the same field name as the two companies I ordered things from, and somehow they are capturing the same values from each other. (One was Vista Print, where I ordered two rubber stamps, and the other was AAA where I ordered a membership. I think the tickets he ordered were from Southwest Airlines.)
When I placed his legitimate order on Southwest, I typed in his number as he read it to me. I did not copy the number into the clipboard or otherwise save the number. Later when he saw his bill for two items he did not recognize and asked me about it, I discovered that the purchases he has on his bill exactly match the two I made, but should have gone on my credit card number. And I haven't the slightest idea how.
I went to Vistaprint's website, and tried a fake transaction. When I got to the payment page, where it asks for credit card number, the field is blank. I double-clicked on the credit card number field, and the previous value came up, with the correct card number (the one I would have used).
I don't know his number, didn't save it and did not attempt to use it. I couldn't have used his card number by mistake by typing in off of it if, I had, say, found it on the desk because he left it behind and I mistook it for one of the credit cards someone in my family has (first, the name would have been wrong and even if I didn't notice that, I would have spotted the credit cards as being wrong because I do not and have never used his bank.) But somehow I did use his card number and I haven't the slightest idea how. The only possible explanation I have is that some how form fields used on three different web sites are somehow cross-collecting information by pre-populating them, or something.
The two transactions together come to less than $90, so it wasn't a huge issue, but it frightens me because I haven't the slightest idea how it happened or how I could have prevented it.
The solution I am going to use is that if I ever do anything for him that involves ordering something, I will use Internet Explorer (for accessing a specific known and trusted website, it is okay), and I will not use Netscape for anything he's using, as I only use Netscape for anything I order. The only possible answer I can come up with is some form of cross-website contamination, which I do not believe could happen if I'm not using the same browser for any of his transactions, so I think this will solve the problem. I've also suggested he get his bank to issue him a new card with a different number.
This kind of thing scares me; if it wasn't for the fact he was understanding about it, I could technically have been looking at charges for credit card fraud! The thing that bothers me most is that I'll be damned if I can figure out how the hell this happened.
The other day I needed to transfer some 100 meg of files from a Linux system to a Windows XP system. I thought of perhaps burning them on CD but I didn't see wasting a CD for a one-off transfer. The computers weren't networked, so that wasn't available. But I have a digital camera, I plugged the USB connector into the Windows XP box and I now had a 512 megabyte portable hard drive. I then unplugged it and plugged it into the Linux system and Lindows immedicately brought it up on the desktop, a performance even better than Windows since it only appears inside 'My Computer.'
But it kind of dawned on me that the format of the camera is the FAT32 file system from Windows 9X, that is recognized by both Windows and Linux. And I don't think there is anything else which will work as a hard drive format on all major PC operating systems.
Flash forward a few weeks, and for inexplicable reasons one of the Windows XP systems goes bad, the drive will not boot on XP and recovery doesn't work; I'll have to obtain recovery disks from the manufacturer which will take a few days. Well, in the mean time, I wanted to get access to a different drive in that machine, and I thought I could just pull that drive and mount it in another box, either Windows ME or Linux, only the partition is NTFS, the default for Windows XP. You can't use an NTFS partition under Windows ME or any earlier version not an NT derivative, nor is there write capability under any non-Microsoft operating system for NTFS.
There is also, as far as I know, no capacity to use EXT3 or ReiserFS on non-Linux (non-BSD etc.) operating systems.
So, let me ask, am I correct, if someone wants to have a hard drive they can move anywhere, or mount in a USB external drive carrier, the only type of drive format that is universal is the MS-DOS FAT32 file system, is this correct?
Or am I wrong, and there are freely available Ext3 or ReiserFS file system drivers for Windows systems or that they have created transparent NTFS read/write drivers for Linux and other systems?
P2Pnet has reported that Mary-Beth Peters, the Register of Copyrights spoke in a public hearing saying the extension of copyright was too long. From the article, it is reported she said, "We've certainly lengthened the term [of copyright]
Note: This is a correction to my prior statement where I originaly said that she made the statement before Congress, but it was simply a public statement, it was not in a congressional hearing.
Organic Milling Corporation
505 W Allen Avenue
San Dimas, CA 91773
To the reader of this letter:
I am writing you about your product, "Hi-Lo with Strawberries." I will give my own comments in a moment, but I thought I should include my brother's, as well.
He said I should say, "How could you make such an inferior product?" Or perhaps that was his comment, if so, I felt he was far too kind.
I am extremely upset by your product, so upset that I decided to write you about it. At first I thought the package had been contaminated by exposure or was expired and spoiled, but the package was unopened when my brother opened it to pour two bowls, and the legend "Best by Feb 21 06 04:27" appears at the top, implying it doesn't expire for several months. I have reason to doubt that.
The polite version of my comment was that I think the cardboard box it was packaged in would have been tastier than the cereal enclosed. I'd like to say I was sickened and disgusted by your product, but sickening and disgusting would be an improvement in your product's (nonexistent) quality.
[The following paragraph was removed from the letter]
What I really wanted to say was that your product tastes like shit. Actually, that's more likely than not insulting to shit, which probably does not taste as bad. Before I tried your product I would have to say that I have never tasted shit, but now I'm not so sure.[The following replaced the above paragraph]
What I really wanted to say was that your product tastes like excrement. Actually, that's more likely than not insulting to excrement, which probably does not taste as bad. Before I tried your product I would have to say that I have never tasted excrement, but now I'm not so sure.On the advice of my sister I have toned down the preceding paragraph, I originally used the typical vulgar 4-letter word in place of "excrement", you can guess which word it was.
I was really horrified by the crap you are selling. Now I understand why it was on sale at Safeway: people were not buying it in droves.
May I recommend you consider selling this product to prison authorities, for use in disciplining recalcitrant prisoners, in that just the threat of having to eat this stuff will probably make them behave. But that may not last for long, the minute some judge has to try this stuff he is going to rule that giving it to prisoners constitutes cruel and unusual punishment and declare the practice unconstitutional.
I never opened the other box, I was afraid to consider how bad the stuff without fruit would be. I'm thinking I should be afraid to even touch the box to either throw it away or take it back, contact with that alone might irreparably contaminate me.
I happen to love strawberries, and I used to think it's very hard to make a bad product with them included. Well, congratulations, you have just proven me wrong.
Your horrible product upset me so badly I just realized I forgot to take my medication this morning. I have the suspicion if someone were to claim that they were driven insane into committing crimes from the taste of your product, just one spoonful and no jury would convict.
I think I should say that they have failed to create obscenities adequate to describe the depths of depravity that your product represents. Well, consumption of this product will certainly encourage the development of new ones.
I think some people have said there are depths of hell reserved for the worst creatures who have inflicted some of the worst horrors on mankind. Nothing they could suffer could compare to eating your product. And if they were to try it, I suspect the victims of the genocide in Rwanda would consider eating your cereal worse than the horrors that they suffered. And some of them were tortured to death. But at least they didn't have to eat your cereal, so whatever they went through probably wasn't all that bad.
The only thing that was more sickening than wasting $10.00 on two boxes of this cereal was eating one bowl of it. I actually suffered through one bowl, my brother couldn't even finish one spoonful. I guess because I'm tougher than him, I drink an ounce of vinegar straight 3 times a day along with a teaspoon of molasses every morning. Let me tell you, I think molasses smells and tastes like coal tar but it's less distasteful than your product.
Rest assured, having wasted the money on this garbage, I shall endeavor never to buy another product from your company, and I shall encourage others to avoid your products like the plague that they are.
Sincerely,
Paul Robinson
"A computer programmer and Notary Public in and for the Commonwealth of Virginia, at large."
The key elements in human thinking are not numbers but labels of fuzzy sets. -- L. Zadeh