PDA

View Full Version : Insecure order page?

pshanks
July 21st, 2005, 07:21 PM
Hi folks,
I just went to order your excellent product on the order page:
https://www.geosecure.net/~nod32/nod32_ava_ssl/nod32_order_1_ssl.htm4564

all went OK, but when I went to submit the order I was presented with a warning:

'Although this page is encrypted, the information you have entered is to be sent over an unencrypted connection and could easily be read by a third party'

I'm using a pretty plain Firefox browser (1.0.4) and guess that other potential customers might be put off when they see this message on their browsers. Perhaps you could send the form to your cgi script using an https url instead...

regards,
Peter
alglove
July 21st, 2005, 07:50 PM
How did you reach this order page? Are you purchasing from the main Eset website, from a reseller, ...?
webyourbusiness
July 22nd, 2005, 08:30 AM
don't buy from an insecure page, it's just un-necessary!

Many resellers have fully secured purchasing options.

regards

Greg
NOD32 user
July 22nd, 2005, 11:15 AM
Seems that page may have been taken down? At least I can't access it at the moment....???

{QUOTE-> Not Found
The requested document was not found on this server.


--------------------------------------------------------------------------------

Web Server at geosecure.net <-QUOTE}
Firecat
July 23rd, 2005, 04:19 PM
{QUOTE-> Seems that page may have been taken down? At least I can't access it at the moment....??? <-QUOTE}
The actual link is this:

https://www.geosecure.net/~nod32/nod32_ava_ssl/nod32_order_1_ssl.htm

The Support Center and Home Page buttons direct you to http://www.nod32.com.au
webyourbusiness
July 23rd, 2005, 05:55 PM
The offending page hops though an INSECURE page, to another secure one...

<form onSubmit="return checkrequired(this)" name="ONLINE ORDER" action="http://216.234.172.23/cgi-bin/mmsForm.cgi" method="POST">
<input type="hidden" name="next-url" value="
https://www.geosecure.net/~nod32/nod32_ava_ssl/nod32_confirm.htm">

The ip 216.234.172.23 belongs to Terrabyte hosting out of Alberta, Canada - but the nslookup of this IP shows it as mainlink.net.au - if it were me - I would not put my card details into such a form... it is NOT secure, and given the IP address, rather than a named server - there is a REMOTE possibility that it might be hijacked. Instead of using this form - phone your order through and tell them that the form is seriously messed up...