Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
Slashdot Deals: Cyber Monday Sale Extended! Courses ranging from coding to project management - all eLearning deals 20% off with coupon code "CYBERMONDAY20". ×

Submission + - Can an eCommerce Site Without SSL Be Secure? ( 4

Excelcia writes: "I recently decided to try out the SecureSpot feature of my router. I signed up for a trial account, decided I liked it, and was about to submit my payment for the service when I noticed something peculiar. The protocol was http, not https. The little lock icon on my browser was grayed, and the browser's information dialog on the site said in no uncertain terms "your connection to this web site is not encrypted". I went back to the original login page for SecureSpot, and it too seems to lack any indication of SSL. I'm a little worried at this point, as the SecureSpot control panel lets me configure my router. Have my family's privacy settings, and worse, have my router settings and passwords all been sent over the wire in the clear? And what about people's credit card numbers? I examined the page source for each page, and they both seem to use a standard html POST with some JavaScript sanity checks. About the only secure element I can see on either page is the VeriSign gold seal they each sport proclaiming the site secure.

BSecure actually runs the service for D-Link, so I e-mailed both of them. D-Link's reply was a terse "the site is secure and your information will not and has not been exposed." My question simply is, is the site secure? And if it is secure, how are people to know it is if your browser can't tell?"

e-credibility: the non-guaranteeable likelihood that the electronic data you're seeing is genuine rather than somebody's made-up crap. - Karl Lehenbauer