I’ve previously waxed lyrically about Zen Internet, but there’s news out today that an employee has been arrested for using stolen credit cards.
I’m not about to scream and shout and cancel my connection: I’ve had such a great experience with Zen (including the 2Mbs service I’m currently using). Plus it sounds very much like a one-off situation, and the process of law needs to be followed. It’s not even certain how - if at all - he abused his position to obtain the credit card details.
What it does demonstrate quite nicely is how at risk any insecure data transfer can be. All too often I see and hear of businesses and friends transferring sensitive data over the internet without consideration for the many many hops that each packet of information makes. Each and every hop is across a different piece of network wire, and without exception, administrators at each hop have the ability to ’sniff’ the packets using standard administration tools such as tcpdump, snoop and wire taps.
If you’re curious about quite how many there are, most PC’s have a command ‘tracert’: Try running “tracert www.leyton.org” from a command window. Mac/Unix users can run “traceroute www.leyton.org” instead. Assuming you don’t have a very fastidious firewall/router you should see lots of hops. When it hits asterix or finishes, it’s traced the route as far as it can.
This whole incident should really serve as a warning to everybody ensure that https connections are used for credit card transactions, that certificates for same should be inspected and warnings headed. Plus e-mailing attachments of a sensitive nature is bad practice.
It’s all very easy to resolve through the many tools available, for free, on the internet not least GPG. There are plenty of good guides, and with a bit of thought, the principle is very easy to grasp. And extremely secure. My public keys are here
