..
Doctors For
Nutrition, Inc.,
Policies
Disclaimer
The statements on
the DFN web sites have not been evaluated by the Food and Drug
Administration. These products are not intended to diagnose, treat,
cure or prevent any disease.
The Fine Print: DISCLAIMER: We
recommend in all cases that you consult with a trusted health care
professional before taking any nutritional supplements or
discontinuing any medication. Products carried by DOCTORS FOR
NUTRITION, INC., or any of the above distributors are not offered as a
treatment or cure for any medical conditions, but only as nutritional
and/or optimal wellness support (as indicated by scientific studies
and/or the clinical experience of nutritional practitioners).
All information
contained within the entire web site and its links is provided for
EDUCATIONAL PURPOSES ONLY. ALL information presented throughout the
RXFORWELLNESS.COM, RELATED TOPICA.COM and DOCTORS FOR NUTRITION, INC.
websites and ANY AND ALL LINKS has not been evaluated by the FDA, and
is not intended to diagnose, treat, cure or prevent any disease, nor
should it be used as a therapeutic modality or as a substitute for
your own physician's advice. The information presented herein should
not be construed as the practice of medicine. RXFORWELLNESS.COM and
DOCTORS FOR NUTRITION, INC. is not responsible for misuse and/or abuse
of any product sold as a result of consumer(s) using this web site.
Prices are subject
to change without notice.
Privacy Statement
Doctors For
Nutrition, Inc., has created this privacy statement in order to
demonstrate our firm commitment to privacy. The following discloses
our information gathering and dissemination practices for these
websites: www.greensfirst.com
and
www.doctorsfornutrition.com .
We use your IP
address to help diagnose problems with our server, and to administer
our Web site. Your IP address is used to help identify you and your
shopping cart and to gather broad demographic information. Our site
may use cookies to keep track of your shopping cart. Cookies may be
used to deliver content specific to your interests and to save your
password so you don't have to re-enter it each time you visit our
site. Our site's registration form requests users to enter contact
information (e.g., name and email address) and unique identifiers
(e.g., license number or password). The customer's contact information
is used to contact the visitor when necessary. Unique identifiers are
collected to verify the user's identity, for use as account numbers in
our record system, and for other purposes. These sites contain links
to other sites.
http://www.greensfirst.com/
and
http://www.doctorsfornutrition.com/
are not responsible for the privacy practices or
the content of such non Doctors For Nutrition, Inc., web sites.
Our site uses an order form for
customers to request information, products, and services. We collect
visitor's contact information, unique identifiers, and financial
information (e.g., account or credit card numbers). Contact
information from the order form is used to send orders to our
customers. The customer's contact information is used to get in touch
with the visitor when necessary. Financial information that is
collected is used to bill the user for products and services. Unique
identifiers are collected. We run affiliate programs on our sites in
which we ask visitors for contact information (such as an email
address) and unique identifiers. The customer's contact information is
used to contact the visitor when necessary. Unique identifiers are
collected from Web site visitors to verify the user's identity and for
use as account numbers in our record system.
Security
This site has
security measures in place to protect the loss, misuse and alteration
of the information under our control. All online transactions can be
conducted through our secure server, and credit card information is
processed by Authorize Net. No credit card information is stored on
our server. Choice/Opt-Out This site gives users the option of
removing their information from our database so as to not receive
future communications. Simply send an email to
support@doctorsfornutrition.com and asked to be removed from our
database.
Modify/Update User Information
To modify or
update information previously provided,
mailto:support@doctorsfornutrition.com
Contacting the Web Site
If you have any
questions about this privacy statement, the practices of this site, or
your dealings with this Web site, you can contact Doctors For
Nutrition at 858-481-5222 or
support@doctorsfornutrition.com
Why
Buying Online at Our Store is Safe
We have invested
in the very best security measures to insure that your sensitive
personal and financial information - from credit card number to
purchase selection - is protected when sent over the Internet. Here
are a few reasons why online shopping at this store is safe:
Your credit card
information is encrypted right at your PC, long before it ever reaches
the Internet. The encryption techniques employed are extremely robust
and secure · There are far easier ways for criminals to steal credit
card numbers than by trying to catch them on the Internet
Unfounded and
widespread fear of Internet credit card theft is due to ill-informed
media outlets repeating rumors and hearsay without checking the facts.
Despite worries about the risks of sending credit card information
over the Internet, there have been no documented cases of such
information being intercepted in transit and used for criminal
purposes. In any case, with the encryption measures this store is
using, it would be virtually impossible for anyone to read your credit
card number while it is being sent from your PC to our order
processing system. We believe that this easy, time-saving way for
you to make purchases from the comfort of your home or the convenience
of your office is much safer than most conventional methods. So sit
back, relax and shop with confidence. Thank you for shopping Doctors
For Nutrition. We look forward to serving you!
How Your Credit
Card Information is Protected:
The order
processing system only accepts information from secure browsers. These
browsers encrypt the information they send using a networking protocol
called Secure Sockets Layer (SSL) which scrambles the data to prevent
anyone who may intercept the information from reading it. The entire
order processing session, customer information, addresses, purchase
selections and credit card information is protected in transit over
the Internet by the SSL technology. Thus, before your information ever
leaves your PC, it is encrypted and protected by our security
measures. Look for an icon depicting a lock or a key in your browser's
window for assurance that your order processing session is protected
by SSL. Note: Some browsers present the order form as one frame in a
multiple-frame display and the security icon (lock or key) may not be
visible. If your browser is using frames, you can click on View/Frame
Info in the toolbar to see the security level. Most browsers,
including recent versions from Netscape and Microsoft, are equipped to
handle SSL. If your browser didn't support SSL, our system would have
given you an error message when you clicked on an item to buy. In
addition, your credit card information remains within a secured
database in this order processing system.
Thus, although you
may make purchases through our system on many occasions over time,
your credit card information will be maintained in a central location
guarded by several layers of security and encryption. This is in stark
contrast to using your credit card at dozens of local shops,
restaurants and gas stations, where your credit card number is in the
hands of hundreds of people you don't know very well or may wind up on
slips of paper in dumpsters accessible to people you don't know at
all.
Encryption:
How Strong is Strong Enough?
Any encryption
scheme is vulnerable to attack through a brute force approach by a
determined individual or organization given enough time and resources.
The amount of time and the cost of those resources varies
exponentially with the length of the key used to scramble the data.
However, with the encryption algorithm and key lengths we use (it's
the same technology the Defense Department uses to protect secret
transmissions), it would take either a long time or a lot of
resources, both of which work against a criminal enterprise. If it's
not cost effective to steal something, criminals don't bother or give
up quickly. Essentially, in a brute force approach, the attackers have
to apply every possible combination of bits in the key (which is
typically in the range of tens to thousands of bits long) to complex
mathematical calculations that take a certain amount of time to run
through, until they find the matching key. Going from a key of 39 bits
to a key of 40 bits would double the length of time a given number of
resources would need to break the code. Longer keys take more time to
encrypt a message, so there is always a balance between security and
speed of transmission related to the relative importance of the
information being encrypted. Codes for launching nuclear weapons might
use 1024-bit keys. Keys for securing credit card numbers in Internet
traffic are sufficiently strong at 40 bits. While most browsers
support 40-bit SSL technology, our secure servers are capable of
supporting up to 128-bit SSL.
To understand the
relationship between bits and key lengths, let's start out with a
short key. First of all, a "bit" is a binary digit in the "base 2"
number system. Thus, a 10 bit key represents the number 2 raised to
the 10th power ( 210 ). 210 is a handy mathematical notation for
multiplying 2 times itself 10 times (2x2x2x2x2x2x2x2x2x2), which
equals 1024. So, with a 10-bit key, one could be certain to obtain the
correct matching number in a little more than a thousand guesses. A
40-bit key, on the other hand, is a number between 1 and 1.2 trillion,
so correctly finding a 40-bit key could take just over a trillion
guesses, plus a few hundred billion more - we're talking way beyond
lottery chances here - very slim for a stab-in-the-dark approach. So
how big is a 128-bit key? It's a number somewhere between 1 and
34,028,236,000,000,000,000,000,000,000,000,000,000.
Hard to imagine?
Start by looking at numbers you're familiar with: 1,000,000 is a
million1,000,000,000 is a billion1,000,000,000,000 is a
trillion1,000,000,000,000,000 is a quadrillion Beyond that the mind
boggles. Think of it this way: there are about 5 billion people in the
world today. Imagine you gave each of those 5 billion people a
trillion barrels of sand. Note that each person on the planet would
have more barrels of sand than there are stars in our galaxy, so most
of the beaches around the world would be pretty rocky by the time you
handed out the last barrel. And each of those barrels of sand contain
a quadrillion grains of sand. And just one of those grains of sand,
from just one of the trillion barrels held by just one of the five
billion people on earth, is the key. How hard do you think it would be
to guess which person, which barrel, which grain? Well, the odds of
guessing the right grain of sand are actually six times better than
the odds of guessing a 128-bit key in any one try. Those are mighty
slim odds. Of course, some powerful computers can make many guesses
per second, but even the fastest desktop computers today would take
months, or even years, to arrive at the correct 128-bit key, and even
a 40-bit key would take weeks. Simply put, our encryption techniques
are strong enough that it isn't worth anyone's time or effort to even
try to crack them. They could never earn enough from your stolen card
to repay the cost of stealing it this way, and there are far easier
ways to steal credit card numbers that don't involve the Internet or
robust security measures.
Why
There Are Easier Ways To Steal Credit Cards
The value of any
stolen credit card to a thief is the credit limit on that card minus
the outstanding balance. For most cards that amounts to only a few
thousand dollars and for many it's just a few hundred dollars. Once
stolen and used fraudulently, a stolen card is only viable for a month
or two since the consumer would notice the improper charges on the
next statement and cancel the card. So, since a stolen card's shelf
life is short and it's value is low, it has to be easily obtained in
order to be worth stealing. Nobody would mount an attack on Fort Knox
if they knew it only had a few hundred dollars in the vault. Stealing
credit cards off the Internet is not an easy thing to do. For getting
and unlocking your encrypted order form, a thief would need the
following: ·
Access to secure,
restricted network or telephone facilities, and ·
Understanding of network routers and network protocols, and ·
Network
Administrator privileges or an expensive network "sniffer" and the
know-how to use it, and ·
Ability to know
when your order form is being sent, and ·
Ability to know by
what route your order form is traveling over the thousands of possible
network segments between your computer and the order processor, and ·
Ability to sift
through millions of packets to identify packets containing parts of
your order form, and ·
Ability to
reassemble those packets into the original encrypted order form. At
this point, the criminal has gone through a tremendous effort just to
intercept your order form, but he can't get anything out of it because
it's encrypted.
Now the real
trouble starts, because the thief has to have: ·
Specialized
software capable of analyzing the encrypted information and breaking
the code used for encryption, and ·
Undetected and
unrestricted access to computer hardware capable of operating the code
breaking software, and ·
A lot of time.
Depending on the
encryption capability of your browser, on the number of computers
available to the thief and on the processing speeds of those
computers, successfully decoding and obtaining your credit card number
could take anywhere from weeks to years. That's a lot of time to
completely tie up expensive computer equipment just to steal a single
credit card number worth perhaps only a few hundred dollars.
By the way, it's
not as if the code, once broken, can be used to steal another credit
card number. Each order form session uses a different code, so to
steal another card the thief would have to repeat every step. Thus all
this time and effort only yields a single card: It can't be leveraged
to steal others. All of these steps are possible, but accomplishing
them is not easy. With so much work for so little gain, most thieves
take the easy route if one is available. By contrast, there are many
more reliable and efficient ways to steal credit card numbers, and
none of them involve overcoming Internet operations or robust security
measures. Among them: ·
Work in a gas
station or restaurant for a few days to get discarded credit card
imprint carbons. ·Sift through trash cans and dumpsters to pick out
bank records and credit card billing statements. ·
Drive around
suburbs with an inexpensive scanner and listen for people placing
phone orders on cordless phones. ·
Pay off "friends"
who work in retail stores to steal numbers from customers.
Stand next to or
behind patrons at the sales counter of any department store and read
their number off the card as they present it to the clerk. ·
Wander through
airports or bus stations where people routinely forget to pick up
their receipts while worried about catching their flight or getting on
their bus.
The list is
endless. None of these options requires the investment in education,
time and resources that capturing and then breaking your order form
would require. Most of us readily give our credit card numbers over
the phone, yet that involves more risk than using encryption over the
Internet. At RxforWellness.com , we believe that this fast, convenient
way for you to make purchases from the comfort of your home or the
convenience of your office is much safer than most conventional
methods.
The Media Has it All Wrong
Most
people have reservations about using their credit cards over the
Internet due to a constant barrage of negative stories in the media.
You've been told that the Internet is a completely open system and
that anything you send over the Internet can be read by 50 million
people. This is simply not true and, not for the first time, a largely
uninformed media has given in to hearsay, rumor and urban legend
rather than take the time to investigate the facts. Many members of
the media are surprisingly ignorant of how the Internet actually
works. (Thankfully, this trend is starting to reverse, as more and
more people realize how safe online shopping can be compared to other
methods).
But back to the
misconceptions, even if you wanted to broadcast your credit card
number to 50 million Internet users it would be virtually impossible
to do so. You'd need addresses for all those people, and it would be
like trying to place a conference call to 50 million distinct phone
numbers simultaneously. The Internet doesn't work like a broadcast
medium and, despite the hype, everybody is not connected to everybody
else at the same time. When we're connected, we're individually
connected to just a single other point, much like the phone system.
Yes, there are millions of points to which we could connect, just as
there are millions of phone numbers we could dial - but only one, or a
few, at a time. So, sending a credit card number in an unsecured
message to another point over the Internet does not broadcast it to
everyone "out there", only to the addressed recipient. Yes, an
unscrupulous individual could sniff the network and detect that
number, but only through access to restricted areas and even then it's
not easy to do.
Obviously,
posting your credit card number to a chat room would be like giving it
out during a conference call with the inmates of the county jail - but
then, you wouldn't do that. Despite worries about the risks of sending
credit card information over the Internet, there have been no
documented cases of such information being intercepted in transit and
used for criminal purposes - certainly none that were encrypted, but
we haven't been able to find documentation on theft of numbers sent
"in the clear". The Internet is a tool providing access to a vast and
wonderful world of information and products. We hope you won't be
driven away from its riches and benefits because of unfounded fears
instigated by those who are misinformed about the way it works.
Thank you for
choosing Doctors For Nutrition,
“Blending Science and Nutrition
for Better Health”.
All material is
copyright 2001-2003 Doctors For Nutrition
This site best viewed with your
monitor set to 800x600
|
