Comment by qingcharles

9 hours ago

Not in '94, sure. But a couple of years later it was common and SSL was still uncommon, for a bunch of reasons, and also everyone was storing the card numbers in plaintext on their servers too.

Telnet was sniffed. IRC was being sniffed and logged.

1 comment

qingcharles

Reply
icedchai  44 minutes ago

Yes, I worked on some early ecommerce sites. Often, we'd accept credit cards with SSL and then send them out with email (plain text SMTP) to the customer, for manual entry. Very secure.