(no subject)
I've been working on a front end for a web form that WESU has to use to process their credit card pledge submissions during the upcoming fund drive (a Wesleyan decision I believe.) The company they use is acteva, and wow, besides being fugly, it's amazing the lack of security standards online credit card processors can get away with. I just wrapped up my official work, and included a fun code injection type attack example for my manager to try out. I hope they let us switch processors after he sees this.