howardclark
Active member
Anyone tried it out yet? If so don't bother, the site is dysfunctional and could cause you to throw your computer out of the window. Don't these people test things out before they let them loose?
YBW on line shop
- Thread starter howardclark
- Start date
kimhollamby
Active member
Which shop? The marine store?
If so it is hosted by Compass and built by them but with some input from our end. It was tested. Can you please let us know which parts you find dysfunctional as we would be interested to hear your more detailed views, either here or by sending an e-mail to matthew_harvey@ipcmedia.com
Associate Publisher ybw.com websites kim_hollamby@ipcmedia.com
If so it is hosted by Compass and built by them but with some input from our end. It was tested. Can you please let us know which parts you find dysfunctional as we would be interested to hear your more detailed views, either here or by sending an e-mail to matthew_harvey@ipcmedia.com
Associate Publisher ybw.com websites kim_hollamby@ipcmedia.com
howardclark
Active member
1. The search facility worked only once in many attempts.
2. No matter how many things I put in my basket, my basket was still empty!!!!
3. It is mandatory to fill in a village name when giving your name and address even if you have given a street, town and region. I don't live in a village but the website couldn't get it's head around that one.
4. The website refers to things like 'click on "order on-line"', but there's no such place to click!
5. The split screen is just annoying, cramming all the details into one small part of the screen - but I accept that is just my preference.
I could go on & on. I am browsing with Internet Explorer through NTL and do not have problems generally. I rebooted and tried several attempts - it's hopeless
2. No matter how many things I put in my basket, my basket was still empty!!!!
3. It is mandatory to fill in a village name when giving your name and address even if you have given a street, town and region. I don't live in a village but the website couldn't get it's head around that one.
4. The website refers to things like 'click on "order on-line"', but there's no such place to click!
5. The split screen is just annoying, cramming all the details into one small part of the screen - but I accept that is just my preference.
I could go on & on. I am browsing with Internet Explorer through NTL and do not have problems generally. I rebooted and tried several attempts - it's hopeless
rogerroger
New member
I've not looked at the site - but on a visit to the compass web site a few months ago I noticed that not only were your credit card details not sent over an encrypted link but were actually sent to an email address using a "form to mail" script.
In other words - no security at all.
However, I'm sure YBW would not have commissioned them if this was still the case...
Roger Holden
www.first-magnitude.co.uk
In other words - no security at all.
However, I'm sure YBW would not have commissioned them if this was still the case...
Roger Holden
www.first-magnitude.co.uk
JeremyF
New member
NO SECUIRITY ON COMPASS SITE
Kim,
I think Rogerroger is right. The ordering page is a regular web page. Theres no https and padlock on the page when you enter credit card details.
I suggest that you take the link down immediately before it causes IPC trouble.
Kim,
I think Rogerroger is right. The ordering page is a regular web page. Theres no https and padlock on the page when you enter credit card details.
I suggest that you take the link down immediately before it causes IPC trouble.
rogerroger
New member
Re: YBW on line shop - it\'s OK
I've now had a surf round it - I actually quite like it - what browser are you using ? as I don't seem to have experienced the same problems and usually most sites don't bother testing on Macs at all and it seems OK.
The visual design is nice and the use of text nav keeps the page weight down and it loads quite quickly.
However - I would say that the site has probably been "system tested" rather than "usability" tested.
Your point about "village" is a good one, although rather quaint I thought - if you're British then you MUST live in a village! - the yanks would love it !
The search facility though is a bit of a mystery and I think the results have something in common with a certain draw every Saturday and Wednesday by Camelot.
I entered "log" and got...
Oilies, GPS receivers, masthead / deck light, reading lights, binoculars, deck shoes, fleeces etc!!!
There were some speed / log instruments in the list to be fair.
Interesting to see "T&C" on the site - I'm familiar with the abbreviation but wonder how many other people know this means "Terms and Conditions"? - could be an interesting legal point if someone said they could not find "Terms and Conditions" on the site.
All in all I'd said it's already the best online chandlers - compare it to some and it's head and shoulders above. One thing that annoyed me though - was in product lists the image was not hyperlinked to further details although it is in the search results.
After a few more glasses of red tonight I'll probably place an order!!
Roger Holden
www.first-magnitude.co.uk
I've now had a surf round it - I actually quite like it - what browser are you using ? as I don't seem to have experienced the same problems and usually most sites don't bother testing on Macs at all and it seems OK.
The visual design is nice and the use of text nav keeps the page weight down and it loads quite quickly.
However - I would say that the site has probably been "system tested" rather than "usability" tested.
Your point about "village" is a good one, although rather quaint I thought - if you're British then you MUST live in a village! - the yanks would love it !
The search facility though is a bit of a mystery and I think the results have something in common with a certain draw every Saturday and Wednesday by Camelot.
I entered "log" and got...
Oilies, GPS receivers, masthead / deck light, reading lights, binoculars, deck shoes, fleeces etc!!!
There were some speed / log instruments in the list to be fair.
Interesting to see "T&C" on the site - I'm familiar with the abbreviation but wonder how many other people know this means "Terms and Conditions"? - could be an interesting legal point if someone said they could not find "Terms and Conditions" on the site.
All in all I'd said it's already the best online chandlers - compare it to some and it's head and shoulders above. One thing that annoyed me though - was in product lists the image was not hyperlinked to further details although it is in the search results.
After a few more glasses of red tonight I'll probably place an order!!
Roger Holden
www.first-magnitude.co.uk
bedouin
Well-known member
Re: Not that bad
I actually quite like the site - the design is clean and works well; although the taxonomy has not been particularly well thought out. I also found that searching seemed to work well, as did the shopping basket.
It is certainly a vast improvement over the old compass website if you ever tried that one!
The point about requiring 'Village' is a good one - that should be rectified, even county is not really required these days.
As for security - in spite of the scare postings in this thread, the order form IS secure - it does use 128 bit SSL encryption and https. I agree they should make this more obvious, it looks as though their use of Frames is preventing the browser from realising that the forms part of the frameset is in an https session.
I actually quite like the site - the design is clean and works well; although the taxonomy has not been particularly well thought out. I also found that searching seemed to work well, as did the shopping basket.
It is certainly a vast improvement over the old compass website if you ever tried that one!
The point about requiring 'Village' is a good one - that should be rectified, even county is not really required these days.
As for security - in spite of the scare postings in this thread, the order form IS secure - it does use 128 bit SSL encryption and https. I agree they should make this more obvious, it looks as though their use of Frames is preventing the browser from realising that the forms part of the frameset is in an https session.
JeremyF
New member
Re: Not that bad
I bow to your superior knowledge, Bedouin.
I always see https and the padlock whenever I visit an e-commerce and banking site, and their absence on the Compass one concerned me. If I am not unique, they should try and replicate these features to put minds at rest
I bow to your superior knowledge, Bedouin.
I always see https and the padlock whenever I visit an e-commerce and banking site, and their absence on the Compass one concerned me. If I am not unique, they should try and replicate these features to put minds at rest
kimhollamby
Active member
SECURITY
Extract from the Compass security terms displayed on every page of the site:
Secure data transmission
To transmit your order information, we use a THAWTE 128-bit secure data encryption system. This ensures that your payment details are securely encrypted for transmission via the Internet.
128-bit encryption is a relatively recent innovation in Europe, and is therefore only supported by browser versions from Internet Explorer 5.01 and Netscape Communicator 4.7 onwards. All previous versions work with 40-bit encryption.
Associate Publisher ybw.com websites kim_hollamby@ipcmedia.com
Extract from the Compass security terms displayed on every page of the site:
Secure data transmission
To transmit your order information, we use a THAWTE 128-bit secure data encryption system. This ensures that your payment details are securely encrypted for transmission via the Internet.
128-bit encryption is a relatively recent innovation in Europe, and is therefore only supported by browser versions from Internet Explorer 5.01 and Netscape Communicator 4.7 onwards. All previous versions work with 40-bit encryption.
Associate Publisher ybw.com websites kim_hollamby@ipcmedia.com
kimhollamby
Active member
"on a visit to the compass web site a few months ago I noticed that not only were your credit card details not sent over an encrypted link but were actually sent to an email address using a "form to mail" script."
As you have guessed, we don't solicit standard form-mail transmission of credit card details anywhere on the ybw.com network.
Associate Publisher ybw.com websites kim_hollamby@ipcmedia.com
As you have guessed, we don't solicit standard form-mail transmission of credit card details anywhere on the ybw.com network.
Associate Publisher ybw.com websites kim_hollamby@ipcmedia.com
rogerroger
New member
Re: Not that bad
The site might be as secure as Fort Knox - but it's people's perceptions that count - as you write, if you did not see https or the padlock then you're likely simply not to trust it.
The site apparently uses 128 bit encryption but only works on browsers higher than IE5 and Netscape 4.7. Although version 3 browsers are pretty much ancient history now, there are still many using IE4 for example.
And what about browsers by Opera? iCab? OmniWeb? AOL ?
Personally I think there's a lot of rubbish talked about security on the Net - I'd rather use my card on the web than give it to someone at a petrol station for example.
My card number was used fraudulently once and I was interviewed by the police who reckoned someone in a Nigerian crime gang had got hold of my number at Earls Court !! ... now why would I have been there I wonder!!
Roger Holden
www.first-magnitude.co.uk
The site might be as secure as Fort Knox - but it's people's perceptions that count - as you write, if you did not see https or the padlock then you're likely simply not to trust it.
The site apparently uses 128 bit encryption but only works on browsers higher than IE5 and Netscape 4.7. Although version 3 browsers are pretty much ancient history now, there are still many using IE4 for example.
And what about browsers by Opera? iCab? OmniWeb? AOL ?
Personally I think there's a lot of rubbish talked about security on the Net - I'd rather use my card on the web than give it to someone at a petrol station for example.
My card number was used fraudulently once and I was interviewed by the police who reckoned someone in a Nigerian crime gang had got hold of my number at Earls Court !! ... now why would I have been there I wonder!!
Roger Holden
www.first-magnitude.co.uk
rogerroger
New member
Re: SECURITY - hmm, you\'re right
"Browser Compatibility
Thawte's SuperCerts are recognized by IE 5.01, Netscape Communicator 4.7 and later browsers. Older browsers will still create a secure SSL connection at 40, 56 or 128 bits depending on the precise browser version."
Extract from http://www.compila.com/thawte/supercert.htm
Looks like it's about as secure as it can get !! Perhaps it's worth highlighting this on the page where you enter your credit card details rather than hiding it away under the "security" link at the top.
Roger Holden
www.first-magnitude.co.uk
"Browser Compatibility
Thawte's SuperCerts are recognized by IE 5.01, Netscape Communicator 4.7 and later browsers. Older browsers will still create a secure SSL connection at 40, 56 or 128 bits depending on the precise browser version."
Extract from http://www.compila.com/thawte/supercert.htm
Looks like it's about as secure as it can get !! Perhaps it's worth highlighting this on the page where you enter your credit card details rather than hiding it away under the "security" link at the top.
Roger Holden
www.first-magnitude.co.uk
bedouin
Well-known member
Re: Agreed
But if fairness to Compass, it is IE that shows those symbols rather than the webpage; if you use a Netscape browser then it does correctly identify the page as being secure - please direct complaints to Bill Gates. Okay - that is not a particularly good excuse, but they do go out of their way to stress that the site is 128 bit secure...
The definitive way of discovering what security is being used in IE is to right click IN THE FORM (not in the nav areas around it) and select the 'Properties' menu item. That gives you the details of the encryption and certificates being used.
As to security in general - in spite of wide-spread concern about sending CC details over the web there is very little (?no?) evidence of fraud related to details being captured that way - and even there were fraud you would not be in any way liable.
For those of you who are not already aware, this year will see the start of a major change in the way security for on-line credit-card payments. These will become MUCH more secure, but also potentially must less convenient for us to use.
But if fairness to Compass, it is IE that shows those symbols rather than the webpage; if you use a Netscape browser then it does correctly identify the page as being secure - please direct complaints to Bill Gates. Okay - that is not a particularly good excuse, but they do go out of their way to stress that the site is 128 bit secure...
The definitive way of discovering what security is being used in IE is to right click IN THE FORM (not in the nav areas around it) and select the 'Properties' menu item. That gives you the details of the encryption and certificates being used.
As to security in general - in spite of wide-spread concern about sending CC details over the web there is very little (?no?) evidence of fraud related to details being captured that way - and even there were fraud you would not be in any way liable.
For those of you who are not already aware, this year will see the start of a major change in the way security for on-line credit-card payments. These will become MUCH more secure, but also potentially must less convenient for us to use.
kimhollamby
Active member
Re: Not that bad
Accept what you say about browsers but for the record, these days we test to IE5 and Netscape 4.7, on PC and Mac, assuming an 800 x 600 screen. That provides enough headaches as it is. A small bug with AOL7 on the www.mby.com site was flagged up last week and that may be the next browser to get added to the test list, for some obvious reasons!
Associate Publisher ybw.com websites kim_hollamby@ipcmedia.com
Accept what you say about browsers but for the record, these days we test to IE5 and Netscape 4.7, on PC and Mac, assuming an 800 x 600 screen. That provides enough headaches as it is. A small bug with AOL7 on the www.mby.com site was flagged up last week and that may be the next browser to get added to the test list, for some obvious reasons!
Associate Publisher ybw.com websites kim_hollamby@ipcmedia.com
webcraft
Well-known member
Web security
Would you rather give your card to a foreign waiter who disappears into the kitchen with it for five minutes? Or give the card details over the phone when anyone could be listening - especially if it's a mobile.
People are paranoid if they don't see a padlock, but https is not the only way - java encryption systems (such as that used by Actinic) can be more secure; traditional secure server systems often leave card details on a web page which can be accessed by a simple password and user name.
Kim's right - I'd rather give card details over the web, fraud is very limited.
Would you rather give your card to a foreign waiter who disappears into the kitchen with it for five minutes? Or give the card details over the phone when anyone could be listening - especially if it's a mobile.
People are paranoid if they don't see a padlock, but https is not the only way - java encryption systems (such as that used by Actinic) can be more secure; traditional secure server systems often leave card details on a web page which can be accessed by a simple password and user name.
Kim's right - I'd rather give card details over the web, fraud is very limited.
Other threads that may be of interest
