Thursday, April 12th, 2007
I spoke with Gina Trapani on Wednesday about my concerns on this issue. The problem is that many online shops are using hidden fields in forms to pass information such as pricing, shipping, and quantity to their online checkout systems. Now I love Google Checkout for its sheer simple integration methods, but there is also an option to auto approve the payment and this concerns me. So I am writing to you today to illustrate some of the methods I have came up with which will hopefully prevent this sort of attack. Here are three ways you can circumvent this little flaw in many online stores.
(more…)
Posted in Ajax, Ask Tim, Browsers, Do it yourself guides, Firefox Extensions, Greasemonkey, How To's, PHP, Programming, Security Tips, Self Defense, Technology News, Web Tools | 1 Comment »
Tuesday, February 20th, 2007
Sprint’s website features a “Check Upgrade Eligibility” link that might reveal your personal information to anyone with your phone number and billing zip code. Simply enter your information here and see if your information has been compromised. This is just one more reason you should not use Sprint as a wireless provider.
Link
Posted in Cellphone Hacks, Cellular Providers, Consumer Tips, Privacy, Security Tips, Wireless Tips | No Comments »
Thursday, January 25th, 2007
CueCats are barcode scanners that were given away by Digital Convergence in the late 1990s. They were designed as a way for consumers to scan barcodes from magazines and other media and be directed to a website with more information on the product or service they scanned. The scans were encrypted to prevent law suits based on the DMCA (Digital Millennium Copyright Act) of 1998. However they are still useful today as a low cost barcode scanning solution with a little hardware modification and or some free software known as CatNip which bypasses the encryption. The nice thing about these devices is that they type any scan into any field and press enter which makes them perfect for passwords. In this article I am going to show you how to take your modified or unmodified CueCat and use it to login to your computer via passwords encoded into barcode format.
What you will need.
1. A CueCat USB or PS2 will work.
2. A barcode (You can use one from an existing rewards card or make your own here)
3. An account to test it on before using this as your form of authentication.
(more…)
Posted in Automation, Do it yourself guides, Hardware Hacks, How To's, MacGyver, Passwords, Productivity, Security Tips, Windows Hacks | No Comments »