E-Commerce I
Tom Kelliher, CS 102
Apr. 21, 2003
Friday's quiz will be given Monday. Will cover e-mail and e-commerce. Ask
questions Wednesday.
Read 10.4--10.5 and Chapter 10 Above & Beyond. Questions on pg. 600: 17,
18, 21. Questions on pg.607: A3, A4.
Finished up ``power'' e-mail.
- Introduction and discussion.
E-commerce II.
The advantages of e-commerce:
- Use search engines to find best prices.
- Can find almost anything.
- Great prices on used items through online auctions.
- No sales tax.
- Ask students for more.
The disadvantages of e-commerce:
- Can't see items (important for clothes).
- Concern over eavesdropping on connection, e-commerce site being
hacked, marketing of customer data.
- Shipping costs.
- Ask students for more.
- Have to wait for package to arrive.
But: package tracking; typical delivery times.
Personal experience:
- Credit card information hacked (McGlen).
- Item advertised was not item delivered (video card).
- SPAM.
- Shop with merchants whom you know and trust.
- Look for and read each merchant's delivery, return, and privacy
policies.
- Never transmit sensitive data over a page which does not have an
address beginning with
https://
and a locked padlock icon.
- Make online purchases with a credit card, not a debit card.
- Don't hit the ``BUY'' button more than once --- be patient.
- Never send credit card info via e-mail.
- Print and save all online receipts at least until you receive all
ordered items in good condition.
- Search for the best prices before buying.
Background:
- Digital Certificates: sent by Web site; used to encrypt session data.
But still, how do you know the site is legitimate?
- Certificate authorities: organizations which vouch for e-commerce
sites.
Web browsers have a list of them. Sometimes, the list must be updated.
- Site spoofing: Counterfeit Web sites (
www.whitehouse.gov
vs.\
www.whitehouse.com
).
- Unauthorized disclosure: Sending sensitive data in the clear.
Why would they do that?
- Unauthorized action: Unauthorized alteration of Web pages.
- Data alteration: Intercept and modification of data being transmitted
to a Web site.
Encryption via SSL guards against all of these. 128-bit encryption is best
(no one can break). Don't accept anything below 64-bit (only NSA can
break) --- 56 or 40.
Thomas P. Kelliher
Fri Apr 18 11:10:18 EDT 2003
Tom Kelliher