Slashdot reports how to find large numbers of credit cards with user information using a simple Google search. A long and interesting discussion after the posting provides suggestions on why credit card companies don’t put a stop to this.

Take the first 8 digits of a standard 16-digit credit card number. Search for them on Google in “nnnn nnnn” form. Since the 8-digit prefix of a given card number is often shared with many other cards, about 1/4 of credit card numbers in my random test, turned up pages that included other credit card numbers, and about 1 in 10 turned up a “treasure trove” of card numbers that were exposed through someone's sloppily written Web app. If the numbers were displayed along with people's names and phone numbers, sometimes I would call the users to tell them that I'd found their cards on the Internet, and many of them said that the cards were still active and that this was the first they'd heard that the numbers had been compromised.

Slashdot | Why Are CC Numbers Still So Easy To Find?

 

‘Anonymous cowards’, according to Slashdot, are people who post comments on public web sites without using their names. The web has a long history of enabling people to post anonymously, but the habit is under attack these days. The Wikipedia scandal is putting pressure on the internet community to reveal the identities of authors who make inaccurate or inflammatory postings, and as a result we’re getting stories about ‘outings’.

Anonymity is not easy to preserve on the web if someone really wants to find you. Here’s a good article about someone who tracked down an annoying anonymous poster, which took, according to the article, about 5 minutes. Here’s an excerpt from the Slashdot article: 

It is important to know that while on the web, while emailing and while writing a blog you are leaving a trail. The trail consists of IP addresses, unique ID’s, machine names, etc. For instance, look at the headers of an email you send, you will see:

– The IP address of the machine you sent it from
– The name of the machine you sent it from (mine is ‘Nik’ – obvious)
– A unique ID which can identify the mail client you use, as well as your operating system (as well as the security level of your machine, some people need to use Windows Update)
– The mail server you used (which leads you to a provider – might be the same provider you use for your blog or website)
– A lot more!
Changing the ‘From’ address doesn’t change all this other information, so if you have an email from both the real person and the alter-ego, it’s dead easy.

Dead 2.0 Outed – or How I Learned to Stop Worrying and Love the Internet | New Web Order – Nik Cubrilovic.

 

Individuals or organizations can easily set up and broadcast their own internet radio stations. Live365 offers broadcasting services starting at $10/month US ($75/month for organizations) that can be used to disseminate presentations, deliver podcast-type radio shows, and so on. The packages offer royalty fees for those who want to create their own music radio stations, but only for US-based subscribers. This would be a nice tool for a community advocacy campaign.

And here is a really cheap way to set up a private radio station in your hotel room or your organization’s waiting area – the  Belkin TuneCast II (about $25) is recommended by Hexus to play an MP3 player through an FM radio, in a car or anywhere else.  Hexus says that the sound quality is as good as other FM stations; several Amazon reviews say the sound quality is worse. If you can’t connect an MP3 player to a stereo, possibly because you’re on holiday and don’t have your speakers with you, an FM transmitter might be a decent choice.

These notes were written in 1999 for a nonprofit organization that was launching a complex, database driven web site. This is a major project involving many skills, including information system design, specification development, programming, content development, writing, project management, marketing and so on. And it’s been done in a context of rapidly changing technology, serving users who may never have used the Web before.

To make it worse, programmers and technology people are notoriously incapable of communicating with marketing and business people – and vice versa. Every function in the database and in the web site has had to be translated from English to techspeak and back again, and there are usually plenty of mistranslations. 

Web development companies are all struggling with these issues, and so are their clients. 

Given those facts of life on the Web, what should organizations expect in their web launches? Here are a few guesses:

• Many users in the general public will be greatly impressed. Others will point out problems or complain that their particular needs are not being met.

• Competitors in the nonprofit sector will be envious, and will study your site to learn from your successes and your failures.

• The reactions of other nonprofits will be mixed; some will be ecstatic, others will find many faults, and others will ignore the potentials of the site or be confused by its complexity.

How to deal with complaints:

Your web site will receive many complaints, especially if you make it easy for users to send them in through online forms. Complaints are great!

• Treat complaints as valuable free consultations from experts – your users and colleagues. They are the best way to get guidance for improvements and enhancements, and provide an opportunity to develop relationships.

• Analyse complaints and build the results into your planned phases of development, depending on the frequency and importance of the complaints. For example, you will probably keep revising your priority list for site enhancements based on user feedback.

What to invest in the continuing Web site:

A Web site is never complete. It’s more like a marketing program than a stand-alone project, because information becomes obsolete so quickly. Most interactive sites that depend on up-to-date information can expect to spend a third to a half of their original developmental budget per year on maintenance and updating. Otherwise, you end up with what’s known as a ‘cob-Web’. Start thinking of the Web site as a major communication tool that should be fully integrated into all aspects of your marketing and communications programs.

How the Web site will change your organization:

The Web site will be a catalyst that puts pressure on the organization to move more and more of its functions onto the Web. All of your public education and communication vehicles such as brochures and press releases will be posted on the Web immediately – but soon, your marketing people will be using the Web as the primary vehicle instead of a supplementary one. They will probably require training and support to use online advertising and sponsorships effectively.

As online donations pick up, you may find that your internal accounting procedures use the Web to connect with financial institutions and suppliers in multiple types of interactions. Your staff and volunteers will expect to work with you through Internet tools such as online meetings and chat as an adjunct to face-to-face meetings. And your overall information systems will integrate Web-friendly modules as they become standard in business software.

These directions will create further demands on your organization’s technological skills. Encryption and security will be an increasing concern, and the organization will face continual challenges about what to change next, and what functions to delay for a year or two until the technology gets cheaper or more reliable.

You will need to keep developing your skills at managing technology contractors. Web and information tools are changing rapidly, and many companies are beginning to incorporate useability principles into their work. But clients must be knowledgeable and persistent, assigning internal staff to engage fully in the developmental teams, in order to ensure that the final product will meet business needs. Part of your organization’s role will be to continually test each phase of the design and implementation with real, representative users to ensure that the Web site is responding to their needs and preferences.

For more information on useability, you can read Jakob Neilson’s excellent articles at http://www.alertbox.com.