A couple years ago, I highlighted just how unsecured some of the popular websites are and one of them was Astro. I did write to them officially but the response was lukewarm (almost patronizing from the webmasters). Perhaps it was not addressed to the right people, perhaps they did not have enough budget to make the necessary changes. So I left it as it is and avoided from using their services online.
Admittedly Astro subscription is not that cheap (perhaps lack of competition may be a factor here) – so I took away the Movie Channel and left with enough channels for entertainment – documentaries and cartoon (for the big boss). Couple weeks ago, my “big boss” walked up to me after hours of watching cartoon and told me that he had enough of cartoons. At first I thought he got bored with the same repeated cartoons and making a one time statement. I was pretty sure that he will be back watching the same cartoons the very next day.
The very next day, I caught him watching cartoon again and passed by him with a smile – kids will be kids. I went up to take my shower and when I walked down, I saw him waiting for me. He asked me why he can tune to the cartoon channel – he remembered him telling me that he do not want to see the cartoon channel anymore.
It took several reminders from the “big boss” for me to click on the Astro webpage, just to see whether there is any changes and I was indeed surprised.
(I have been looking for that “s” behind the http for sometime now – especially when I have to put down my IC and personal details over the internet)
(Validation through email, SMS and PIN number – I really did not expect that from Astro after the earlier snub but then again, it is a welcome change)
Certainly now things have improved – not sure what caused the change – change of the earlier sloppy webmaster or change of IT staff or unreported hacker attack but it was a welcome change – not only the registration is now on a secured page but registration is also authenticated through a SMS to a registered mobile phone and the final registration is activated with a PIN that shown in the said SMS. Impressive!
I had expected over the years, as hackers get better and easily work their way around basic webpage defenses, the more of the unsecured sensitive pages will end up encrypted and secured. The faster some of the popular websites move to improve the security of their webpage, it is better for the end users. I was glad Astro had made their move before it is too late but what about the others? It is high time that the Ministry of Science, Technology and Innovation look into this seriously. There are still webmasters who are ignorant on the security of their websites.
I feel more confident using Astro webpage now compared to the time I was eager to use it couple years ago. Although some of the functions seems to be “offline” at the moment, it is comfortable to know it is at the moment…”secured”.