Brian Foster wrote:
> my solution to the on-line banking issue is: don't.
> that is also my option on internet shopping. research yes,
> sensitive details (e.g, payment), NO FSCKING WAY (albeit I
> confess to having done so in "emergencies").
The keyspace, for the encryption used, for SSL/TSL if we assume AES, is
2^128 keys... the chances of getting lucky cracking such an encrypted
set of TCP packets... is quite small. Brute forcing is practically
impossible, since there is not enough silicon nor enough time in the
universe, to search the entire AES keyspace.
Added to which, the SSL cert providers, actually are liable for giving
out the certs... so spoofing SSL is again, not
Compare the security and verifiability of SSL to Automatic teller machines.
Do I know how, encryption of my sensitive data is accomplished with ye
olde ATM machine talking to a bank over PSTN from my local Centra ?
No. Not in the least. To what standard does the ATM conform to with
regards to attacks similar to Van Eck phreaking.
If anything, I'd be *more* comfortable using SSL/TSL, from Linux talking
to an Apache webserver, then I would be, using an Automatic Teller
machine, using unknown security scheme (x) running some dodgy version of
Windows or OS/2, and communicating via unknown security protocol(x) over
the PSTN !
Bashir: The point is, if you lie all the time, no one is ever going to
Garak: Are you sure that's the point?
Bashir: What else could it be?
Garak: That you shouldn't tell the same lie twice.
Topic, "The Boy Who Cried Wolf" in "Improbable Cause"
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!