Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Bug

Submission + - Exploiting Cashier-as-a-Service Providers (futurity.org)

SydShamino writes: Researches at Indiana University and Microsoft found and exploited flaws in the communication between web stores and third-party cashiers (Amazon Payments, PayPal, Google Checkout) to order items for free, or at prices of their choice. "We believe that it is difficult to ensure the security of a CaaS-based checkout system in the presence of a malicious shopper" said the study co-author. The identified flaws have been reported and fixed, but they feel that more, similar flaws are likely given the complicated nature of many web-based transactions.
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Exploiting Cashier-as-a-Service Providers

Comments Filter:

"It's ten o'clock... Do you know where your AI programs are?" -- Peter Oakley

Working...