I thought I'd post the following email just received from the webmaster at
DVD Pacific, regarding security issues:

"We are extremely sorry to hear that you have been subjected to one of these
fraudulent transactions. We would like to let you know that these charges
are not only happening to customers of DVD Pacific. We have evidence from
others who are not our customers that this has also happened to them. A
report has been provided to the FBI.

We have taken steps to seriously bolster security in place at our web server
and this entailed initially engaging a forensic internet security specialist
to independently evaluate all aspects of our security and we have passed all
2000+ tests they ran and are now site certified by them. We also upgraded
our BlackICE Server Protection to monitor not only all inbound traffic but
outbound as well which would be effective in detecting Trojans or keylogger
viruses if ever managed to get by the inbound protection. BlackICE Server
Protection's intrusion detection capabilities automatically detect and block
malicious activities by monitoring all inbound and outbound traffic passing
through the server. We are instantly alerted of an attack, and can easily
identify the source and the method being used. Once an attempt is detected,
BlackICE Server Protection automatically blocks traffic from that source so
that the intruder is no longer a threat. BlackICE Server Protection also
provides exhaustive reporting on attacks common to servers, such as CGI
script access. Finally yesterday we also installed SecureIIST Web Server
Protection. Developed specifically for Windows-based web servers, SecureIIS
operates within Microsoft's IIS and actively inspects all incoming requests
at each stage of data processing to prevent potentially harmful network
traffic - whether encrypted or unencrypted - from penetrating our servers.
The server is now protected from damaging "known" and "unknown" attack
attempts. SecureIIS does not rely on a database of attack signatures, and
protects Microsoft servers by intelligently blocking entire classes of
attack methods.

The above further security measures should now ensure we have possibly the
safest e-commerce site online protected with the best presently available
technology. I understand your concerns that presently exist but I personally
wanted to assure you that we are doing everything we possibly can to
eliminate any and all inference that our site is not completely secure."

So it looks as if DVD pacific are being very proactive regarding this issue
and taking their customers comments very seriously, always the sign of a
professional and well run company.

cheers

--
Italo

"Dr Zoidberg" <AlexNOOOOO!!!!@drzoidberg.co.uk> wrote in message news:2o523fF71vfmU1@uni-berlin.de...
> Italo wrote:
> > <snip> I understand your concerns that
> > presently exist but I personally wanted to assure you that we are
> > doing everything we possibly can to eliminate any and all inference
> > that our site is not completely secure."
>
> However a dodgy member of staff can easily access their database and sell on
> the info or use it himself

Exactly, which is the major chink in the armour of any online outfit. If you get stiffed, it shouldn't
matter anyhow as your covered. They really wont get too much money unless they hack someone's REAL
merchant details for a few hours & move the money real fast - not sure if it's possible!

Nige

Italo wrote:
> <snip> I understand your concerns that
> presently exist but I personally wanted to assure you that we are
> doing everything we possibly can to eliminate any and all inference
> that our site is not completely secure."

However a dodgy member of staff can easily access their database and sell on
the info or use it himself
--
Alex

"We are now up against live, hostile targets"

"So, if Little Red Riding Hood should show up with a bazooka and a bad
attitude, I expect you to chin the bitch! "

www.drzoidberg.co.uk
www.ebayfaq.co.uk

"Dr Zoidberg" <AlexNOOOOO!!!!@drzoidberg.co.uk> wrote in message
news:2o523fF71vfmU1@uni-berlin.de...
> Italo wrote:
> > <snip> I understand your concerns that
> > presently exist but I personally wanted to assure you that we are
> > doing everything we possibly can to eliminate any and all inference
> > that our site is not completely secure."
>
> However a dodgy member of staff can easily access their database and sell
on
> the info or use it himself


True, but that could happen with any company, and not just an online store.

DVD Pacific should invest in the services of a public relations company,
rather than let their geeky webmaster disclose more false claims, such
as "the safest e-commerce site online". Sorry, but I don't believe it.

Personally, I see DVD Pacific's responses as amateurish; especially the
blaming of customers, pointing fingers and posting of misinformation to
public forums.

It has confirmed what I have suspected for a while now - that many of
these "Internet DVD megastores" are under-skilled and ill-prepared for
running a secure, high-traffic online store. And especially for
responding to a crisis such as this. It simply isn't a matter of
getting a friend to do a site for you and hoping for the best.

B.

"Italo" <italotettoni.nospammingallowed@gmx.net> wrote in message
news:411d4d6a$0$10824$afc38c87@news.optusnet.com.a u...
> I thought I'd post the following email just received from the webmaster at
> DVD Pacific, regarding security issues:

> We have taken steps to seriously bolster security in place at our web
server

> script access. Finally yesterday we also installed SecureIIST Web Server
> Protection. Developed specifically for Windows-based web servers,
SecureIIS
> operates within Microsoft's IIS and actively inspects all incoming
requests
> at each stage of data processing to prevent potentially harmful network
> traffic - whether encrypted or unencrypted - from penetrating our servers.
> The server is now protected from damaging "known" and "unknown" attack
> attempts. SecureIIS does not rely on a database of attack signatures, and
> protects Microsoft servers by intelligently blocking entire classes of
> attack methods.

Security and Windows based web servers ????

Ya gotta be kidding... Security and Windows do not belong in the same
sentence ! :)

Brett wrote:
>
> DVD Pacific should invest in the services of a public relations company,
> rather than let their geeky webmaster disclose more false claims, such
> as "the safest e-commerce site online". Sorry, but I don't believe it.

Well, I do. I have used them countless times (twice already this month)
and nothing. Nada. I have been reading complaints for weeks over this
and have been expecting to be hit. Bot, no. So, who do you explain that?

Jace the Ace wrote:
>> DVD Pacific should invest in the services of a public relations
>> company, rather than let their geeky webmaster disclose more false
>> claims, such as "the safest e-commerce site online". Sorry, but I
>> don't believe it.
>
>
> Well, I do. I have used them countless times (twice already this month)
> and nothing. Nada. I have been reading complaints for weeks over this
> and have been expecting to be hit. Bot, no. So, who do you explain that?

A: Luck

plod wrote:
> "Dr Zoidberg" <AlexNOOOOO!!!!@drzoidberg.co.uk> wrote in message
> news:2o523fF71vfmU1@uni-berlin.de...
>> Italo wrote:
>>> <snip> I understand your concerns that
>>> presently exist but I personally wanted to assure you that we are
>>> doing everything we possibly can to eliminate any and all inference
>>> that our site is not completely secure."
>>
>> However a dodgy member of staff can easily access their database and
>> sell on the info or use it himself
>
>
> True, but that could happen with any company, and not just an online
> store.

In this case though it appears that it *has* happened to an online store.
--
Alex

"We are now up against live, hostile targets"

"So, if Little Red Riding Hood should show up with a bazooka and a bad
attitude, I expect you to chin the bitch! "

www.drzoidberg.co.uk
www.ebayfaq.co.uk

"Brendan Pratt" <bprattNOSPAM@overflow.net.au> wrote in message
news:2o5s9uF767v6U1@uni-berlin.de...

> Security and Windows do not belong in the same sentence ! :)

You just used them together on one!

LH

Brendan Pratt wrote:
> "Italo" <italotettoni.nospammingallowed@gmx.net> wrote in message
> news:411d4d6a$0$10824$afc38c87@news.optusnet.com.a u...
>> I thought I'd post the following email just received from the
>> webmaster at DVD Pacific, regarding security issues:
>
>> We have taken steps to seriously bolster security in place at our
>> web server
>
>> script access. Finally yesterday we also installed SecureIIST Web
>> Server Protection. Developed specifically for Windows-based web
>> servers, SecureIIS operates within Microsoft's IIS and actively
>> inspects all incoming requests at each stage of data processing to
>> prevent potentially harmful network traffic - whether encrypted or
>> unencrypted - from penetrating our servers. The server is now
>> protected from damaging "known" and "unknown" attack attempts.
>> SecureIIS does not rely on a database of attack signatures, and
>> protects Microsoft servers by intelligently blocking entire classes
>> of attack methods.
>
> Security and Windows based web servers ????
>
> Ya gotta be kidding... Security and Windows do not belong in the same
> sentence ! :)

you just did.

also, the sentence could include the word, 'worst' ;-)

"Luke Hooft" <nobodyliveshere@ozemail.com.au> wrote in message

> "Brendan Pratt" <bprattNOSPAM@overflow.net.au> wrote in message

> > Security and Windows do not belong in the same sentence ! :)
>
> You just used them together on one!

Doh !! ;-)

You believe they're 'the safest e-commerce site online' because you
personally haven't had false CC charges show up after using them? How
scientific.

"Jace the Ace" <jason@kaput.com> wrote in message
news:77kTc.56977$K53.6970@news-server.bigpond.net.au...
> Brett wrote:
> >
> > DVD Pacific should invest in the services of a public relations company,
> > rather than let their geeky webmaster disclose more false claims, such
> > as "the safest e-commerce site online". Sorry, but I don't believe it.
>
> Well, I do. I have used them countless times (twice already this month)
> and nothing. Nada. I have been reading complaints for weeks over this
> and have been expecting to be hit. Bot, no. So, who do you explain that?

"Brett" <zzzzzzzzz@yahoo.com> wrote in message
news:411d664d$0$24638$afc38c87@news.optusnet.com.a u...
>
> DVD Pacific should invest in the services of a public relations company,
> rather than let their geeky webmaster disclose more false claims, such
> as "the safest e-commerce site online". Sorry, but I don't believe it.
>
> Personally, I see DVD Pacific's responses as amateurish; especially the
> blaming of customers, pointing fingers and posting of misinformation to
> public forums.
>
> It has confirmed what I have suspected for a while now - that many of
> these "Internet DVD megastores" are under-skilled and ill-prepared for
> running a secure, high-traffic online store. And especially for
> responding to a crisis such as this. It simply isn't a matter of
> getting a friend to do a site for you and hoping for the best.
>
> B.

And which secure, high-traffic online store do you run?