How did you manage to get back to Colombia without the passport with the visa? (I also have an expired one but TSA checked my Visa).

I hope this works and can be done in a massive way.

Being from outside the US, it's hard to start a company there and create a bank account without spending thousands of dollars to travel there.

Does anyone knows why his name doesn't appear even once in the SEC S1 filing [1] for the IPO?

He could have sold all his shares before the IPO, but thought it was weird.

[1] https://www.sec.gov/Archives/edgar/data/1288847/000119312514...

The truth was, the company ... didn’t need him anymore.

I would recommend trying Webfaction (for a simpler option), DigitalOcean or AWS instead of GoDaddy

I used to work for a web hosting company and we saw this kind of attacks ALL the time.

Most of the cases was because of old CMS versions, but in same others the computer uploading the files was infected and the FTP credentials were stolen (Change your user/password and analyze ftp logs).

I would also check the database and do a clean install of the CMS.

The server could be compromised but I don't think this is the case.

Best answer I've seen so far. The takeaway from the guys on the front lines is usually that a full server compromise is rare and that FTP creds were stolen from a client via malware. The result is a simple drive-by that is relatively easy to clean up.

Hey, why don't you use HTTPS by default and your signup is in another domain (paidez.com)?

The Paidez thing is embarassing - we re-branded really fast and couldn't move all the services over before we launched. We're working on it now, but it sucks.

What do you mean about the HTTPS? We load ALL our content via SSL, do you mean knoxpayments.com isn't automatically loaded with SSL? There's nothing secure on it I guess, but even that should be for consistency.

Our payment process requires SSL end to end encryption, but are you suggesting that having Knox Payments not load with SSL by default it looks bad?

If I've missed something more important please tell me - if there's something (other than the atrocious switching of URLs) that is making you nervous, I NEED to fix it!

Yeah, I think the site needs a lot of work, but their product seems to be nice: https://vine.co/v/bDHB2rVaYO7

That's an awesome way to use Vine too.

Oh, and they are YC backed.

I've just sent an email to Colin about this. Will edit my comment as soon as I have a response.

EDIT: Wow, got a response in less than 5 minutes:

It's not something I'm looking at doing right now. The way the Tarsnap server side is designed, in order to keep costs low (and performance high), data is aggregated between multiple Tarsnap users and stored in S3 as large chunks; keeping each user's data segregated would add a lot of additional complexity and cost.

Not for now, but they should. The problem is that you need to take your customer to another site and that screws all the transparency (Doing everything in just one site) and simplicity that you have right now.

Indeed. Its a shame though, at least not to offer it as an option, as it places a lot more liability on the merchant. At least as an option you can profile your customers first and choose who to use it on.

I've seen some pretty scary numbers on the effect of 3-D Secure payments to conversion rates. I guess it's really hard to do The Right Thing™ on this matter.

Numbers for good or worst? They help A LOT fighting fraud. I think a good solution could be implementing it on Stripe.js.

The latter. It's probably a combination of breaking the UX by redirecting the user to his/her banks' website and the crappy forms the banks made for this.