這封郵件以高重要性傳送  
     
 寄件者: KK (Exchange) 寄件日期: 15/2/2007 [Thu] 14:16  
 收件者: 'cs@881903.com'  
 副本:   
 主旨: RE: Security loophole. SSL bug in your web page  
 附件:   
   
 以 Web 網頁檢視  
 Hi CS, 
  
   
  
 Did you read my first email comprehensively?!  
  
 I am talking about a SERIOUS SECURITY LOOPHOLE inside your site. 
  
 Your FEEDBACK is not resolving the problem.  
  
   
  
 ((((((YOU JUST IGNORE MY BUG REPORT AT ALL!))))) 
  
   
  
 Definitely, I am just a fool talking to the air. 
  
   
  
 ~KK 
  
 -------------------------------------------------------------------------------- 
  
 From: cs@881903.com [mailto:cs@881903.com]  
 Sent: Thursday, February 15, 2007 12:40 PM 
 To: KK (Exchange) 
 Subject: RE: Security loophole. SSL bug in your web page 
  
   
  
 Dear User, 
  
 Thank you for your enquiry. 
  
 For your membership renewal, please login to 881903.com with your login  name and password, simply "Membership Renewal（續會服務）" in "Services（服務）" at the top of the right hand corner  after you login successfully. 
  
 You could choose the following payment methods: 
 - By credit card* (Please find below the remarks: excerpt of 881903.com  Terms of Service as a reference): 
   You may update your credit card information with related information  and finish the payment process accordingly 
  
 - By other methods: 
   If you would like to pay by direct debit, cheque, bank draft or  TT, please refer to the detail stated on the form which could be  downloaded from this URL: http://www.881903.com/main/popup/faq/form.doc  
 (Note: You are required to pay all the handling charges if you paid by  bank draft or TT, please check your bank for further information) 
  
 Please be reminded on the following for your online registration: 
  
 - ensure your web browser supports 128-bits encryption code (Please refer  to the following web page No.6 for further information:  http://pshweb01.881903.com/main/popup/faq/faq_pop.htm)  
   > Internet Explorer: Your may view the encryption code in tools menu  bar "HELP -> ABOUT" 
   > Netscape Communicator: You may view the code in tools menu  "Communicator -> Tools -> Security  Info -> Navigator -> Configure SSL  v2/ Configure SSL v3 
  
 - do not close the browser before you read the message about the success  or failure of your registration 
  
 - check your bank whether your credit card has been registered for  "Verified by Visa" or "MasterCard SecureCode". It is a required verified password by Visa or MasterCard for online  881903.com membership registration/renewal transaction and it is  differentiate from the other online shopping or transactions. Simply call  your bank for activating the above services and further information. 
  
 Please notice that the payment page may turn to blank page which  indicates as transaction time out during the registration if your "Verified by Visa" or SecureCode password service is inactive or duplicate  registration. If you fail to renew your membership, please feel free to  write us at cs@881903.com with your information. 
  
 Thank you for your support! We are always at your services. 
  
 Please contact us by cs@881903.com if any enquiry. 
  
 Best Regards, 
 881903.com 
  
 * Remarks: 
  
 The following remarks are the excerpt of "Terms and Conditions for  joining 881903.com" regarding online credit card membership subscription: 
  
 1. When your membership expires, your membership will be automatically  renewed to your corresponding membership period and the membership fee  will be charged at your registered credit card. For example, if your  original membership period is 3 month, you will renew 3 month membership  period automatically. 
  
 2. If you would like to cancel your membership auto-renewal process or terminate your membership, please notify us by email with at least 14 days notice prior to your membership expiry date. No further expiry notifications will be sent to you before your expiry date. Otherwise, your membership will be automatically renewed. 
   
  
 12. Please refer to the following URLs for Terms of Services and Personal  Data Privacy Statement of 881903.com 
 Terms of Service: http://www.881903.com/main/popup/company/terms_e.htm  
 Personal Data Privacy Statement:  http://www.881903.com/main/popup/company/privacy_e.htm         
  
 -----Original Message----- 
 From: KK [mailto:KK@KK.com] 
 Sent: Wednesday, February 14, 2007 11:19 AM 
 To: cs@881903.com 
 Subject: Security loophole. SSL bug in your web page 
  
 E-mail: KK 
 Subject: Security loophole. SSL bug in your web page (Non-Member) 
 Content:  
 居住地區 = 香港 
 有關事項 = 技術問題 
  
 Found NO SSL enble on creditcard payment page. Here is the sequence: 1. http://www.881903.com  2. input user/password and click Login 3. click 節目重溫 4. click 光明頂 5. click any real/wm stream 6. popup prompt for member ship expired. Click 續會 7. get payment page but NO SSL protect!!!!! -Mason  
 我想知 = yes 
  
 ________ Information from NOD32 ________ 
 This message was checked by NOD32 Antivirus System for Linux Mail Server. 
 http://www.nod32.com  
 

Lord,Darth Bane wrote:
嘩，傻畸好寸。

呢句正：「Definitely, I am just a fool talking to the air.」