the link has everything to do with my question. He gives an example of a shopping cart/payment system setup in Flex. This raises my question of whether or not flash is secure enough to operate his phone store in real life.
More specifically, user enters information into flash app, which then sends it somewhere to get processed (presumably some HTTPS address). The period of time where flash is transfering info to the HTTPS address is not secure, as described here: http://www.adobe.com/devnet/flex/articles/flex_amazon_02.html Specifically, Miti (a Flex Evangelist, so we should take his word for it, right?) says: "hardcoding sensitive information into a Flex application is a highly insecure practice". So, is it possible that Pandora's (100% Flex) payments system is secure? --- In [email protected], Jimmy G <angelone197...@...> wrote: > > What gave you the impression that UI built in Flex less secure than one > built in HTML? In both cases the end-user can input sensitive data like > credit card information and then it is up to you to setup proper security. > Like making sure that the client to server communication is done using SSL > (meaning HTTPS). If you dont do this in either case, then anyone can capture > the data that is being transmitted. > > You need to provide more information so we can help you. > > Also the link you provide below doesn't have anything to do with you > question. > > Jimmy > > On Sun, Apr 18, 2010 at 12:01 PM, garykim...@... < > garykim...@...> wrote: > > > > > > > I was under the impression that flex is not a secure UI and that credit > > card information and other sensitive information should not be passed > > through flash/flex. > > > > When I upgraded my account with Pandora, I noticed the payments system > > interface was flash. Also, there is the flex store that Conraets talks about > > at > > http://coenraets.org/blog/2010/02/flexstore-revisited-building-an-animated-spark-layout/ > > > > So, are these methods not secure, then? > > > > > > > > > > -- > Jimmy G > Development Team Lead >
