I know this is probably off topic, but it is Newsworthy and I wasn't sure where to put it sothis will have to do!!!

... I have just noticed a big security issue with EBAY...
As an IT Security Analyst I'm pretty hot on noticing things like this, but in this case I missed it until today and as I know a lot of people here shop on EBAY I thought I'd better raise awareness... let me explain....

The standard sign on page for ebay is not secure. What this means is that when you enter your username and password to log on to ebay and hit that 'sign in' button, your username and password are sent in CLEAR TEXT across the internet to ebay's servers. What this means is that Johnny hacker with his network sniffer tools can intercept you details and then log onto your ebay account with full access to all your details!!!! :shock: Not good!

THe Solution... just underneath that 'sign in' button is a little link to Secure Sign in (SSL). Click this link then add the resulting page to your favourites and use this always.

Your logon information will then be encrypted and, whilst still can be intercepted, will be all but unreadable to Johnny hacker and his nasty hacker toolkit (at least in a reasonable amount of time anyway... he'll likely move onto the next unsuspecting ebay 'victim').
You'll know the link is more secure as in your URL bar, it'll read: https://.... rather than: http://.... and you will have a nice little padlock in the lower right hand corner of Internet Explorer indicating encrypted traffic.

Sorry if everyone knows this, but I was shocked and disgusted that ebay's standard sign in page was not encrypted... (oh yeah... this site's the same, but then there's no financial transactions involved here, so it's not so bad)

stay aware out there!!!

Ruk

Noticed this a while back and changed my login... Well done for posting, I didn't really think to do it.... :oops:

I don't understand why anyone should ever authenticate to anything (Including this forum) without using ssl. Bloody stupid of ebay to offer it as an option it should be the only way

I suppose in both cases there is no financial issue. but having got a username and password for anything it is always tempting for individuals to start making a nuisence of themselves


honest Mr Moderator it wasn't me somebodies nicked my account details

I've never bought anything off Ebay... never sold anything on Ebay (but toying with the idea) so this information may come in quite handy for a newbie. :) cheers.

I know this is probably off topic, but it is Newsworthy and I wasn't sure where to put it sothis will have to do!!!

Yes it should go in either Idle Banter or Fro Sale I reckon. However, it's certainly a good point and thanks for posting it.

I think I'll edit your post and then make it a sticky under For Sale where it's likely to be noticed.

:thumbsup:


.

i noticed that a while back

but for some reason - my computer wont let me use secure sites.
i tried everything to fix it - but no luck.

I know this is probably off topic, but it is Newsworthy and I wasn't sure where to put it sothis will have to do!!!

Yes it should go in either Idle Banter or Fro Sale I reckon. However, it's certainly a good point and thanks for posting it.

I think I'll edit your post and then make it a sticky under For Sale where it's likely to be noticed.

:thumbsup:


.



idle banter - AKA - the dustbin

:lol: :lol: :lol: :shock:

Thanks for the advice.

Shocking, sack them developers :lol: :lol:

Cheers for the info

wow I really didn't know that. I assumed that ebay login was secure. :shock: :shock:

yeah so did I! :shock:

Just checked it, not that I didn't believe you :wink:

hmmm, you're right! Thanks for posting. And glas you posted here as I don't think I would have seen it in Idle banter, sorry but it's true :?