[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bank transactions on Internet



On Mon, 8 Apr 1996, Jim Philips wrote:

> I work with Security First. I would like to add that we use SSL 128 bit key
> with 40 secret, but it is not the only security feature we have. So far, it
> has been the means for encrypting data coming to and from the Bank. We also
> have a site certificate from Verisign and multiple layers of internal
> security at the site. I cannot agree that this encryption is "worthless".

As far as I understand anyone can fairly easy crack the 40-bit SSL your
bank is using, and you must be lucky nobody has done it yet with your
account. Still it seems odd that banks are telling their customers about
secure communications without having any real security.

J�ri Kaljundi
[email protected]