Maybe It's Snake Oil All the Way Down

Sunder sunder at sunder.net
Wed Jun 4 08:07:12 PDT 2003 

Depends on how it gets passed from the web servers to that computer.  If
it's encrypted with a public key on the web server that only the database
has the private half, you're safe from someone sniffing that "proprietary
one-way interface."

However, if somone's already broken into the web server, they can collect
the cc:'s before they get sent to the secure db.

So if you're an old Amazon customer and don't change your CC >BEFORE<
someone hacks into their web server, you're safe.

It's certainly better than storing all CC's on the web server.

Now if those CC's are in raw text on the DB end, Amazon is up shit's creek
if someone walks away with a db dump, backup tape, or whatever.

I don't claim to know what they're using, but long, long time ago, in
another galaxy, I used to work with a product from OpenMarket that worked
similarly, but they held all credit cards encrypted in the DB making it
much harder.  (Of course if you have the key it's as good as cleartext,
but it was at least another layer of protection.)

Ultimately they'll need either a cybercash interface or some interface to
a bank to charge your card.  If the bad guy intercepts at that level or
gets unencrypted access to the DB, or you change your CC while the web
server is compromised, you are in for some interesting CC statements.


However, this is in a lot of ways MORE secure than handing that waiter or
store clerk your CC.  Remember that nice yellow slip has your signature,
CC number and expiration date on it.  Very useful for an attacker.  
Infact, they likely had physical access to the CC and have that extra 3
digit # on the back too. 

Some stores even ask for your driver's license to prove that you are you,
which at least in NY has your date of birth and address as well.  Even
more useful to the evildoer.  If they can also get your SSN on top of
that, you're at their mercy.  Think about any credit application type
transactions....  these days, buying (some) cell phones, or car, or
signing up for satelite TV requires these.


I feel safer with Amazon's use of my CC than the above, don't you?



----------------------Kaos-Keraunos-Kybernetos---------------------------
 + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of   /|\
  \|/  :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\
<--*-->:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech.  \/|\/
  /|\  :Found to date: 0.  Cost of war: $800,000,000,000 USD.        \|/
 + v + :           The look on Sadam's face - priceless!       
--------_sunder_ at _sunder_._net_------- http://www.sunder.net ------------

On Tue, 3 Jun 2003, Jeroen van Gelderen wrote:

> "To provide you with an additional layer of security, all credit card 
> numbers provided to Amazon.com are stored on a computer that is not 
> connected to the Internet. After you type or call it in, your complete 
> credit card number is transferred to this secure machine across a 
> proprietary one-way interface. This computer is not accessible by 
> network or modem, and the number is not stored anywhere else."
> 
> Now I'm not sure how they get to use the number during the billing 
> process but hey... :)
> 
> I don't know if I'd feel much better if Amazon didn't have my CC on 
> file. The danger of a disgruntled sysadmin snarfing the numbers while 
> they pass trough the system for one time use during a single billing 
> cycle seems to real for me.

More information about the cypherpunks-legacy mailing list