GoFuckYourself.com - Adult Webmaster Forum - View Single Post

Libertine · 08-22-2003, 10:28 AM

Is it just me or is the security of affiliate programs extremely bad in many cases? Most don't use SSL when logging in, don't use encryption on stored passes, and very often allow people to change info from within the stats area without any different type of confirmation. Or they allow people to send changes in payment info through email, without actually confirming it.
(I actually tried a few times to change my account info on affiliate programs by sending an email with a spoofed "From:" field, and it worked in all cases. Anyone could do that, even with other people's accounts instead of their own)

08-22-2003, 10:28 AM
Libertine sex dwarf Join Date: May 2002 Posts: 17,860	Affiliate program security? Is it just me or is the security of affiliate programs extremely bad in many cases? Most don't use SSL when logging in, don't use encryption on stored passes, and very often allow people to change info from within the stats area without any different type of confirmation. Or they allow people to send changes in payment info through email, without actually confirming it. (I actually tried a few times to change my account info on affiliate programs by sending an email with a spoofed "From:" field, and it worked in all cases. Anyone could do that, even with other people's accounts instead of their own) __________________ /(bb\|[^b]{2})/