Hi
I have been an Ebay member for many years.
I am also a very qualified software engineer and have been for many years!
Recently using a banking procted browser ( ESET) I find a lack of security with some objects
not encrypted ( including port 80 HTTP delivery to the browswer display).
This presents a clear oppertunity for any attacker or 3rd party to access to what should be encrypted and legaly protected personal data.
Thuis Access should not be available.
I have continualy reported this to the Ebay team without any responce from them.
I am informed thay can not provide further help.
In the UK data is protected under law, the Information Commisions Office (ICO) accessing and such a leak is deemed as punishable under present UK data laws.
I have discussed this issue with the ICO and they are prepaired to investigate and bring Ebay to task
to ensure Ebay provides neccessary protection of personal data in this way.
I have waited and waited, again and again bringing Ebays attention to this issue without any success.
Could any member indicate where I can contact the EBAY software development team via telephone or direct email.
Could any member also indicate how I am able to contact the Ebay corporate team as I need to progress this in an adult manner not just put text on the ebay community site.
As a believer in the Ebay platform I do not want to cause problems for ebay.
However this issue wether or not it is a leak from the browser or antivirus still presents
oppertunity for personal information to be scammed and even credit card information stolen.
This has already taken place !!!!
Access to objects in the Ebay API in in this unprotected unencrypted mode mode ( Port 80 HTTP traffic ) enables the same entry to any attacker or 3rd party thus revealing information in respect to very personal searches etc and including payment and transaction data.
DO I HAVE TO ISSUE A COMPLAINT WITH THE UK ICO to get ebay to respond.
Any thoughts
