By Ian Darwin on 2012-07-24 15:32 in Category: android web security internet
So Vizio has this real nice Google TV set-top box called the Co-Star, that they are now taking pre-orders for. But the web site is a total fail from the human factors point of view. It has fields for allowing you to enter different shipping and billing addresses, but when you do, it tells you they have to be the same! This was confirmed by their support person as having been reported to those responsible.
Not only that, the Billing Address has to be in the good ole' USA. The list of countries that they know about, in fact only includes the United States. "There are no other countries on the planet. Wahoo! We won! Oh, wait, that means we can't sell to most of the world's population. Boohoo!"
Given the variety of Amurrican dot-coms that can't figure out how to ship to Canada, I have of course invested the time in setting up an account with a re-shipping company appropriately enough called reship.com. So entering a US shipping address is no problem. But the billing address has to be the same for this fool web site, but I have to list my home address in Canada for the bank to believe that it's me placing the order. And that I cannot do. Site fail.And not only that, but when we tried to buy using their combined "buy and sign up" form, we got this classic cheesy SQL fail about a foriegn constraint violation. Nice message: it gave out the names of both affected tables and some of the columns. Sorry script kiddies but I'm not reproducing that here, you'll have to offer a valid credit card to see it in action.
Oh, and one more thing? The logout page gave a 500 server error trying to display the "log out success" page. This one we can probably blame on first-day sales load. The others are site fail.