Saying "anyone" can intercept your credit card number is a bit of an
exaggeration. It would have to be someone who had superuser access on one of
the routers between you and the bank's site and they'd have to be capturing
all traffic to the bank's site and analysing it for requests containing
people's card numbers.
That's not to say that unencrypted sites are fine, they're just not as
insecure as they are sometimes made out to be.
Also, a "secure" site who's key length is too short should probably also be
considered insecure. Mozilla can be set to warn about this but I don't think
any other browser makes a distinction between 128 bit and 48 bit (or is it
56?) security,
Fergal
On Thu, Nov 01, 2001 at 09:01:00AM +0000, Ivan Kelly wrote:
> general the padlock indicates that your using a https ssl server. if the
> lock isn't there, anything you send isn't encrypted meaning anyone can
> intercept your credit card number etc.
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
