Karsten M. Self
Fri Aug 15 03:22:27 PDT 2003
on Thu, Aug 14, 2003 at 10:29:58AM -0600, Jonathan Corbet (firstname.lastname@example.org) wrote:
> > Instead of retaining the user's credit card, they assign a billing
> > authorization code for that account and you retain that on file and
> > present it for future billings. If your system is ever compromised
> > and someone makes off with the authorization codes, you can simply
> > tell the processor to blacklist all codes that have been assigned
> > to you.
> We use the TrustCommerce billing ID mechanism too; it's even better than
> that, really. If somebody breaks our server and gets all the billing IDs,
> the *only* thing they can do with those IDs is charge more money into *our*
> account. Unless the cracker also figures out a way to get money out of our
> bank account, the billing IDs are useless to them, even before they get
Slick. This is where credit cards really need to go.
BTW: does anyone here sell biometrics for less than $50k? I'm talking
prints, signatures, scans, voicepirnts. You can Just Say No at the
salescounter. Can be downright amusing, particularly if there's a long
Jon's comment reminds me of a forced-command SSH environment I worked
with. Worst that could happen would be...someone could get the
(unprotected) key and...run our system maintenance commands for us.
Karsten M. Self <email@example.com> http://kmself.home.netcom.com/
What Part of "Gestalt" don't you understand?
Office Despot: Office Depot embraces Microsoft XP logo requirement.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
Url : http://allium.zgp.org/pipermail/linux-elitists/attachments/20030815/ee8601f4/attachment.pgp
More information about the linux-elitists