I would like the plagurism of AlphaKinetic and Saalim Chowdhury exposed. My work, and the work of others, is the subject of a recent SlashDot article called "Electronic Pricetag Alteration", although we are not attributed. I published an article which was plagurized by Saalim Chowdhury and used as the subject of a press release. An article was subsequently published by TheTelegraph and mentioned by TheRegister. This article was cited by [organisation name redacted due to plagiarism], syndicated to Yahoo, then this article was cited by SlashDot.
I published an article called "Flaws In ECommerce Systems" in the Autumn issue of 2600 Magazine. This article is available at
http://www.xirium.com/product/mtecs/doc/secure/ and [domain redacted due to non payment]/doc/secure/. This article:
- States how loosely integrated ECommerce sites do not check prices.
- Cites a wine merchant with such a vunerability.
- Cites a domain name re-seller with such a vunerability.
- Explains how to move decimal points to reduce prices and why this action should succeed, but has never been substantiated.
On 25 Jan 2001, TheRegister reported an article in TheTelegraph which:
- Cites an undisclosed "glitch" that allows prices to be modified.
- Cites a domain name re-seller with such a vunerability.
- Cites Saalim Chowdhury as the "chief executive of e-commerce software development company Alphakinetic which discovered the flaw".
- Omits all references to moving decimal points.
AlphaKinetic press releases 4 and 5:
- State that AlphaKinetic "found this security hole whilst developing our own secure e-commerce system, and our forthcoming e-commerce solutions".
- Cites the purchase of wine by this method.
- AlphaKinetic does not specialise in security.
- "What astonished us was when we contacted our secure payment provider about this they stated that they had be aware about the possibility of this hole existing for the last 5 years".
All attempts to contact all parties have been ignored. This inaccuracy has now been extensively propagated during the last two days. The additional information that was unsubstantiated is now the subject of recent articles and the estimated proportion of vunerable sites has risen from 10%-20% to 40%.
There is circumstantial evidence that Saalim Chowdhury read my work in 2600 Magazine (the source of the information) and this can be verified by checking domain name registrations. 2600 has a pre-occupation with purchasing domains of the form *sucks.com then printing the "cease and desist" "nastygrams" from lawyers. AlphaKinetic (the source of the plagurism) is highly anomalous because they have registered alphakineticsucks.com themselves, although this problem only affects large companies.
