> I believe what you're saying is wrong in many ways, RJ!! I don't see how JP. This is a problem for quite a few webmasters.
> (i) the e-gold SCI is completely secure if you use it properly. Just > use the status.cgi, check the hash properly, and record all > transaction ids to ensure no-one is multi-posting a payment. Right, however, there is no easy explanation of this task for the inexperienced. Seeing as you have it worked out, why don't you write the docs for people to more easily understand this method. I would be willing to send that information to people that ask me... so far to date; 20+ people have asked me about this and I have no answers for them as I don't even have the SCI setup yet... I haven't even looked into this. I set it up once and did 24 hour verifications, nothing more. > (iii) If a lot of people are incompetent and using the system > incorrectly, what can you say? Many people are such dopers they lose > their password to key sniffers anyway. I don't know if I would actually put it "that way". I, personally, would use "inexperienced" instead of incompetent and I definitely would NOT use the term "dopers" when referring to anyone that doesn't know what I know but could and would benefit from the proper explanation and/or assistance. There are many webmasters that are excellent business-people yet lack tech skills. The standard e-gold SCI doesn't come with easily understood instructions for the non-techies... it's like half a package. e-gold might as well post the "complete specifications" page in gibberish as the common non-techies see nothing but that. The lack of easy implementation steers most away, AND, the people that do make the attempt at easy implementation based on documentation, end up completely unaware of this "hole", while vulnerable to anyone that knows how to exploit it. I have seen sites STOP using e-gold and when asked why, this is their reasoning; "Too easy to access pay for services". Most webmasters would rather drop it and wait for more secure options... or... use other eCurrencies. Thanks for your 2 cents anyway. RJ --- You are currently subscribed to e-gold-list as: archive@jab.org To unsubscribe send a blank email to [EMAIL PROTECTED] http://www.e-gold.com/stats.html lets you observe the e-gold system's activity now!
