REGISTER HERE

**Got Gear?** · 05-01-2003, 03:17 PM

The only part that needs to be secure is the Credit Card/address information side of things. Which I believe is still secure.

Remember these are legal products. They may arrouse DEA suspicion, but it's not enough on it's own for them to start investigateing you.

**divx** · 05-01-2003, 03:27 PM

The thing with SSL is that it makes an encrypted connection between your PC and R-Kits server. When you type in that information on your PC's browser and hit submit it sends it from your PC to the server. If that isn't secure who really cares if from r-kits server to the CC processor is secure? The information is going un-encrypted from your PC to R-kits server. It's not the DEA you should worry about, it's people getting your CC number and going to Vegas with it!

I just find it kinda wierd that they claim to be secure.. I'm not trying to dog out R-kits, but if you claim something to your customers you should provide it.....

DivX

**Got Gear?** · 05-01-2003, 03:32 PM

Originally posted by divx
The thing with SSL is that it makes an encrypted connection between your PC and R-Kits server. When you type in that information on your PC's browser and hit submit it sends it from your PC to the server. If that isn't secure who really cares if from r-kits server to the CC processor is secure? The information is going un-encrypted from your PC to R-kits server. It's not the DEA you should worry about, it's people getting your CC number and going to Vegas with it! I just find it kinda wierd that they claim to be secure.. I'm not trying to dog out R-kits, but if you claim something to your customers you should provide it.....

DivX

That's what I ment tho. The form you submit is one of the only SSL pages on the whole site. Unless that's changed.

Do they still have the option of going through paypal? You can do that if your hesitant.

**divx** · 05-01-2003, 03:42 PM

That site doesn't have any SSL pages. SSL pages would start with HTTPS the S at the end of HTTP is for SSL. You would also get a pad lock on the bottom of your browser. That page is unencrypted. I just wanted everyone to know because I wouldn't want my CC number flying through cyberspace unencrypted... I was also wondering why they claim SSL when it's obviously not. From what I hear they are a very legit site and they come recommended. So I'm not saying they are scammers or anything, maybe it's a minor oversight....

DivX

**rado** · 05-01-2003, 04:30 PM

I would PM chem or ask geared for this one, but good points though. I know they are good people and have done numerous things to keep things private so that shit doesn't happen like it did last time...good company

**pierow** · 05-01-2003, 07:22 PM

Originally posted by divx
That site doesn't have any SSL pages. SSL pages would start with HTTPS the S at the end of HTTP is for SSL.

Their site isn't secure but when you submit your CC info it's sent to the following URL:

<form method="POST" action="https://ca01.justaddcommerce.net/o/order.dll">

Note the http_s_ - the posting is secure. They're running the credit card portion through the justaddcommerce.net website. It's pretty common practice and the form submission does get SSL protection this way.

You can see for yourself by viewing the source of their check out page. The reason that you don't see the lock in the bottom right-hand corner is because you're checking out inside a frame. The order page is secure, the border on the left is not and so IE (rightfully) tries to tell you that something doesn't look right by not displaying the lock.

REGISTER HERE

Announcement

R-Kits, Secure?

R-Kits, Secure?

Comment

Comment

Comment

Comment

Comment

Comment