> 2. Secure server software ($5000). This does not seem to be an absolute necessity; there are a lot of sites on the web where you can send your credit card number unencrypted, and to date there have been no reports of the numbers being stolen. But catalog companies may believe that a secure link is necessary, and spending this $5000 would give Webgen a much more professional look.
For those who were not around then yes you had to buy at the time for roughly that amount software to do SSL it was not like just installing openssl as is done now.
This part I found interesting in it's naivete even back then for one thing 'no reports of' does not equate to 'not happening': [1]
> and to date there have been no reports of the numbers being stolen.
> But catalog companies may believe that a secure link is necessary
This sounds even more like 'younger person willing to take chances older experienced person to risk adverse'.
[1] Even today I can say 'no reports of houses in my neighborhood being broken into' but I don't really have an accurate source for things going on in my area only ad hoc.
The size of the internet in 1995 was such that typical path for a web based credit card purchases used a toll-free call with a landline phone over POTS. Long distance was still charged per minute and so was cell service. So was most internet access. If people were online, it was probably through AOL or Compuserve.
There weren't older people experienced with internet sales. It was all brand new.
Looking back, unencrypted credit card information was probably less risky than it sounds twenty five years later. The technical risks are the same for sure, but in 1995 the vast majority of credit card transactions used carbon paper, the physical card, and an imprinter. To be really useful, a stolen credit card number would need to be made into a physical card. There weren't a lot of places to use a credit card online...that's why Viaweb grew. And there wasn't widespread internet access in the places where credit card fraud at scale became a black market industry.
It is hard to imagine the mindset back then if you didn't live though it (and even if you did). This was a time when people debated if anyone might even buy anything online, at all.
And somehow, despite all our security advancements we still use plain 16 digit credit card numbers in the U.S. with no passwords or any protections outside of a 3 digit code on the back. The day we change that everyone will say "now how did that work"?
For those who were not around then yes you had to buy at the time for roughly that amount software to do SSL it was not like just installing openssl as is done now.
This part I found interesting in it's naivete even back then for one thing 'no reports of' does not equate to 'not happening': [1]
> and to date there have been no reports of the numbers being stolen.
> But catalog companies may believe that a secure link is necessary
This sounds even more like 'younger person willing to take chances older experienced person to risk adverse'.
[1] Even today I can say 'no reports of houses in my neighborhood being broken into' but I don't really have an accurate source for things going on in my area only ad hoc.