Bank transactions on Internet
Jüri Kaljundi
jk at digit.ee
Tue Apr 9 13:32:35 PDT 1996
On Mon, 8 Apr 1996, Jim Philips wrote:
> I work with Security First. I would like to add that we use SSL 128 bit key
> with 40 secret, but it is not the only security feature we have. So far, it
> has been the means for encrypting data coming to and from the Bank. We also
> have a site certificate from Verisign and multiple layers of internal
> security at the site. I cannot agree that this encryption is "worthless".
As far as I understand anyone can fairly easy crack the 40-bit SSL your
bank is using, and you must be lucky nobody has done it yet with your
account. Still it seems odd that banks are telling their customers about
secure communications without having any real security.
Jüri Kaljundi
jk at digit.ee
More information about the cypherpunks-legacy
mailing list