Saturday, June 21, 2008
How to safeguard our personal and financial data
Avoid saving credit card info, etc on shopping sites
Many web sites today, such as Orbitz, Amazon, eBay, give you the option to save your credit card info so that you don’t have to type in all the information each time you want to buy something. That’s great for them, easy money and more sales, but what about you? What if someone eventually does hack into their database (and don’t worry many people are trying everyday) and downloads thousands of credit card numbers, bank account numbers, etc? It might take an extra minute, but it’s better to not save your info on any shopping site.
Do not use the same password for every last thing on the Internet
Yes we all hate passwords, but hackers love people who don’t use passwords or who use passwords like “john” or “joe”. You don’t have to keep a different password for EVERY site, that would be crazy, but definitely not just one. These days just about everyone has an eBay, Amazon, Orbitz, etc account and so if a hacker figures out one password, they’ll go ahead and try to see if it works on any other site. Make sure passwords are different a more complicated. Just throwing in a number or symbol at the end will make it hundreds of times hard for a person to crack your password!
Always think before providing information when solicited
If you ever get an email that has a link in it that requires ANY personal information, make sure you go to the web site yourself manually by typing in the address. Half the time links in emails point to fake addresses with very close names. Also, if you post items on sites like eBay or Craigslist, you will always be bombarded by scams from Nigeria, etc that sound way too good to be true (like someone would actually pay more for your item than what you listed it at)!!! And just because a web site exists does not mean it it legitimate! If you’ve never heard of the site before, just type it into Google once and see if anything like “XXX IS A SCAM” pops up!
Clear your browser’s cache after an online transaction
Sometimes your browser will save certain information you typed into forms, etc when you are online, so it’s always good to clear that after you’re done. Here’s an article I wrote previously on how to clear your browser history. Also, if you get that message sometimes from your browser asking you whether you want it to automatically save your passwords, etc, click NO. It’s another small pain, but it might help you one day!
Make sure the URL has an HTTPS instead of HTTP
The S makes all the difference! You’ll notice that when you buy something from Amazon or another big site, once you being to checkout, the URL always starts with a HTTPS. This means that the communication between your computer and their server is secure and encrypted. If someone tries to read the data as it travels across the Internet, they won’t be able to understand or decipher it. If you’re buying something from a smaller site and they don’t have HTTPS, just call them and buy it. Not worth risking data passing unencrypted over the net.
Use a secure Internet browser when you are online
Firefox is considered more secure than IE and that’s what a number of sites also have tested. Personally, I use Firefox and you should consider it if you’re using IE 7. IE 7 has more security features than ever before, but it still has lots of holes also. Using a more secure browser can help protect against browser hijacking, etc. Anyway, most viruses are written for IE since it’s more common, so it’s more likely to be hacked.
Friday, June 20, 2008
A review on a post on internet security from E-blog
1. Introduction
Many legislatures in the world are trying to decide whether they should regulate or not digital signatures, and some countries have decided that some type of regulation is desirable and have either issued or are about to issue appropriate legislation. The legal issues posed by digital signatures are quite a few and not easy to address, also considering the speed at which the digital world moves and the inherent interplay between legislation and technology developments.
2. Handwritten Signatures v. Digital Signatures
Handwritten signatures are handwriting our name at the bottom of a contract we accept the terms of the document and also indicate that the document is produced by whoever signed it, with all legal implication attributed to such an act by applicable law. Our signature can be used for many other purposes such as issuing an order, to file a request, to sign a love letter, etc. and the legal implications of each signature is rather different, however the concept of signature is basically the same. We can have different handwritten signatures for various purposes, we may initial certain documents and use full signature in other documents, however the process and the result is not different. In the paper world we basically have one definition of signature, which attributes the document to the signing party, and whose effect depends on the type of document, applicable law, etc. As soon as writing became common, handwritten signatures became the main method of attributing a document to an individual. Signing in writing a contract has become the primary procedure to evidence that each party to a contract was in agreement with it. A special set of rules has been developed in every country to deal with issues such as authentication of signatures. We have to identify what is the best method for attributing the digital document to a person. For example, I normally type my name when sending an e-mail, however this is not sufficient to prove undoubtedly that the e-mail comes from me, as anybody else may type in my name.
3. Definition of Digital Signature
EU Directive 1999/93 on digital signature is generically defined as data in electronic form attached to, or logically associated with, other electronic data and which serves as method of authentication. German Digital Signature Law, issued in 1997 , provides meaning for digital signature that is a seal on digital data created with a private signature key, which seal allows, by use of the associated public key to which a signature key certificate of a certifier. Italian legislation defines a digital signature as the result of a digital procedure (certification) based on a system of double asymmetric keys, one being a public key and the other a private key, which allows the signer, by virtue of the private key, and the recipient, by virtue of the public key, respectively to manifest and to ascertain the provenience and integrity of a digital document or of a group of digital documents.
4. Certification Authorities
The use of digital signatures does not require, per se, the existence of certification authorities, as the parties may contractually agree to some type of certification procedure ensuring the authenticity of the document. However, the use of certification authorities makes it possible to rely on digital documents between parties which do not have any prior contractual arrangement or that are not in the position of establishing a standard practice between them. As a consequence, it does not come as a surprise that the role, the duty and the obligations of certification authorities normally constitute a key point in most current legislation on digital signature. The main problem posed by legislation on certification authorities is that, unlike most other activities, it is very difficult to restrict it to one country. It is not by chance that one of the most widely ratified international treaties is The Hague Convention for the abolition of legalization that, through the instrument of Apostille, was able to consent the recognition of documents signed and notarized abroad. It is quite clear that the same path cannot be followed with reference to digital signatures. On the other hand, it is not easy to agree on an international treaty to insure the validity of an electronic signature certified abroad, however the solution of the problem is vital for the success of e-commerce. The problem was almost ignored by the German and Italian legislation which have preceded the issuance of the EU Directive. This issue was immediately apparent, however, as soon as the legislative effort moved to a supranational level, i.e. at the EU level. In practice, however, it may be very difficult for the public to ascertain whether a specified certification service provider meets the minimum standards required by the Directive to issue certificates having the effect of validating the signature as Advanced Electronic Signature, and the Directive therefore provides for a voluntary accreditation scheme and for a supervision system. Regarding the free-across the border circulation of the digital signature (with certification), the Directive establishes the important principle of recognition of certifications issued in another Member State, if in conformity with the provisions of the Directive. It is not possible, however, to limit the digital world to the EU, also considering the large presence of USA companies on the market, and Article 7 of the Directive deals with this issue by providing that the certificates issued by a company established outside the EU are recognized within the EU provided that:
a) the certification service provider fulfills the requirements of the Directive and has been accredited under a voluntary accreditation scheme in any of the EU Member States, or
b) the certificate is counter-guaranteed by an EU service provider; or
c) the certificate or the certification service provider is recognized under a bilateral or multilateral treaty.
Member States shall ensure that by issuing a certificate to the public or by guaranteeing such a certificate the certification service provider is liable for damage caused to any party which relied on such a certificate :
a) as regards the accuracy at the time of issuance of all information contained in the qualified certificate and as regards the fact that the certificate contains all the details prescribed for a qualified certificate;
b) for assurance that at the time of issuance of the certificate, the signatory identified in the qualified certificate held the signature creation data corresponding to the signature verification data given or identified in the certificate;
c) for assurance that the signature creation data and the signature verification data can be used in a complementary manner in cases where the certification service provider generates them both, unless the certification service provider proved that he has not acted negligently;
d) in the event the certification service provider did not promptly register the revocation of the certificate.
5. Conclusions
The complexity of the issues dealt with by the Directive clearly indicates the difficulty of legislating on Digital Signatures. Namely, it is simply impossible to limit the legislative intervention to granting an equivalence between digital and handwritten signatures, given the inherent differences between them. The different approach used in national and EU legislation also indicates the difficulty of dealing with some issues at national level and the importance of the rules for the international recognition of digital signatures.
The threat of online security: How safe is our data
Enterprise businesses and government agencies around the world face the certainty of losing sensitive data from a lost laptop, removable media or other plug-and-play storage device. This drives the need for a complete data protection solution that secures data on all common platforms, deploys easily, scales to any size organization and meets strict compliance requirements related to privacy laws and regulations. As Internet users display more of their personal information on social networking Web sites, and office workers upload more sensitive data to online software programs, computer hackers are employing increasingly sophisticated methods to pry that information loose. In many cases, they're devising small attacks that can fly under the radar of traditional security software, while exploiting the trust users place in popular business and consumer Web sites. In the corporate world, criminals are hunting for more of the valuable information stored on companies' servers. A computer breach at T.J. Maxx (TJX) in 2005 and 2006 may have handed hackers access to credit- and debit-card numbers for up to 94 million of the retailer's customers. Cyber thieves are also attacking corporate databases in search of undisclosed financial data or proprietary design and engineering information that can be sold. Hackers are also unleashing viruses that can recruit armies of consumer PCs into larger networks of remote-controlled machines. These "botnets" can distribute spam, attack database software, or keep a record of users' keystrokes. One of the worst, Storm Worm, has infected tens of millions of PCs this year. Even the messages containing virus payloads are getting slicker. In the past, as compared with the sophistication of the viruses, the e-mails carrying them were rather crude. That made users less likely to follow their instructions. Below are few precautions that will help user in preventing online threats.
- Don't give away any valuable or sensitive personal information on your MySpace or Facebook profile, or within messages to other members of the network. And don't click on any links in social network messages from people you don't know.
- No reputable company will ask for your password, account number, or other log-in information via e-mail or instant message.
- Use one of the many antivirus, antispyware, and firewall programs on the market. Often, vendors offer all three functions in a single package. And many Internet service providers offer them free with your monthly subscription.
- Upgrade your browser to the most current version. From Microsoft, that's Internet Explorer 7. Mozilla's Firefox is on version 2, as is Apple's Safari browser.
- Pay attention to the messages from Windows that pop up on your screen, especially in the new Vista operating system. They often contain helpful security information that many users overlook.
- Turn on Windows' automatic-update function to get Microsoft's regular security patches.
- Take regular back ups of the information on your computer system and keep them in a separate place so that if you lose your computers, you don’t lose the information.
- Don’t dispose of old computers until all the personal information on them has been securely removed (by using technology or destroying the hard disk).
Monday, June 16, 2008
Discuss how E-commerce can reduce cycle time, improve employees' empowerment and facilitiate customer support
Before E-commerce, by using traditional commerce they were spending a good deal of time and money entering these data into their computers, printing paper forms, and then re-entering the data on the other side of the transaction. Although the purchase order, invoice, and bill of lading for each transaction contained much of the same information such as item numbers, descriptions, prices and quantities - each paper form had its own unique format for presenting that information. By creating a set of standard formats for transmitting that information electronically, businesses were able to reduce errors, avoid printing and mailing costs, and eliminate the need to re-enter the data.
Electronic Commerce has brought the solution to this problem and drastically altered the structure and process for business transactions across networks.
Improve employees's empowerment
Employees can defined as an important resource in one organization which especially at the front line because they can bought impact to the performance of personnel and business which can imporove the productivity by provided with computerized decision aids in order to make their own decision by improve empowerment of employees can enable them to manage and edit critical details about e-commerce activities. Employees are given the authority to make customer satisfy, do it quickly, and helping to increase customer loyalty. E-commerce allows the decentralization of decision making and authority via empowerment and distribution system.
Facilitate customer support
E-commerce brings more convenience to customer and facilitates customer support. The common facilitate customer support in a company website is FAQ. customer can write their unsatisfied and complaint through FAQ to the company. In addition, still had few facilitate customer support like technical support, delivery service and so on. It salso allows customers to interact with other customers in electronic communities and exchange ideas as well as compare experiences.
The Failure of Webvan & its cause
Webvan was founded in the heyday of the dot-com boom in the late 1990s by Louis Borders, who also co-founded the Borders-bookstore in 1971.Webvan's original investors included Goldman Sachs and Yahoo, who encouraged it to rapidly build its own infrastructure (the 1st-mover advantage strategy popularized by Amazon.com) to deliver groceries in a number of cities. Some journalists and analysts blamed this serious error of judgment on the fact that none of Webvan's senior executives (or major investors) had any management experience in the supermarket industry, including its CEO George Shaheen who had resigned as head of Andersen Consulting (now Accenture), a management consulting firm, to join the venture.
Webvan tried to embrace a total customer satisfaction model involving a 30 minute window delivery without considering that many working customers would like their groceries delivered at home at night.
Failure & its cause.
In the sober days of 2001,the Foster City, California, company said that it closed all operations and filed for Chapter 11 bankruptcy protection. In the announcement, which came just a year and a half after Webvan's remarkably successful IPO, the company said it has no plans to re-open.
why? Because:
1.Rapidly disappearing cash reserves.
In the first quarter of the year, Webvan had reported a net loss of $217 million and an accumulated deficit of $830 million. And things only seemed to be getting worse.
2.Company's aggressive expansion into multiple cities, combined with an overly complex website, for causing its demise.On another obvious note, Webvan was also too optimistic about people's willingness to ditch traditional grocery stores in favor of something new and different. This type of extreme optimism was pervasive in late 1999, when Webvan went public.
3.Quality of its delivery service. While there were, of course, customers who complained of late deliveries or squashed produce, the grocery service generally received very favorable reviews from customers.
Sunday, June 15, 2008
An example of E-commerce success and its causes
Electronic commerce, commonly known as e-commerce, consists of the buying and selling of products or services over electronic systems such as the Internet and other computer networks.
An example of E-commerce success and its causes
With the help from internet, I managed to find some information of E-commerce success stories from this website (www.monstersmallbusiness.com/ecommerce-success-stories.asp). In this website, it tells us about what these merchants did to build and run a successful online venture year after year. One of the E-commerce success that I found is http://www.rainbowdepot.com/ which is an online store for gay and lesbian shopping. Steven Sorenson, the owner of Rainbow Depot, has been dedicated to serving his customers for over 3 years. Rainbow Depot sells an array of merchandise including stickers, buttons, jewelry, and clothing. Steven wanted to create an online store where people can go to shop for gay, lesbian, bi, transgender, and queer (GLBTQ) merchandise.
This store was actually purchased from eBay in 2002; after moving his cart to Monster Commerce, the store has grown into a full-time job for Steven. Over the years, Steven has used multiple ways to get his site noticed in the search engines including PPC (pay per click promotion) as well as free and paid submissions to the search engines. However, he now believes the most useful component to have for operating an online store is a search engine optimized shopping cart.
Steven joined Monster Commerce in 2004, within a year, he noticed that his site was being recognized by the search engines. Becoming noticed has enabled his site to have more visitors per day and in turn generate a profit.
"Since being with Monster my business has quadrupled. I am no expert on carts by any means, but any tool that can do that for your business is a tool worth keeping," explains Steven. "I quit my electronic distribution sales job and am working my online shop 7 days a week / 365 days a year and I LOVE IT. My business has grown so much that I have had to hire part-time staff."
Although still new to owning and operating an online store, Steven has learned a lot since 2002 when he first ventured into e-commerce. The one helpful hint he offers to people is how important the choice of a shopping cart can be to the growth of an e-commerce company.
"In real estate it's location, location, location. In ecommerce its shopping cart, shopping cart, shopping cart "voices Steven."If the cart isn't search engine friendly, you're not going to get much business."