Security Basics mailing list archives
Re: Re: Secure Intranet?
From: "Byron Kennedy" <snail945 () yahoo com>
Date: Wed, 6 Nov 2002 17:49:51 -0800
forgive me, i'm not following you. i find the words "some" and "fairly trivial" difficult to put my hands around. Most of the security/web engineers I know who work for large banks demonstrate a genuine interest in protecting customer's data as well as an intimate understanding of what would happen (to the institution as a going concern) if their sites are hacked and data is compromised as a result. Perception is reality. What factual data do you have - demonstrating examples of where https was exploited, data was compromised and losses realized? ----- Original Message ----- From: <Danny.Carroll () mail ing nl> To: <security-basics () security-focus com> Sent: Tuesday, November 05, 2002 10:14 PM Subject: RE: Re: Secure Intranet?
If HTTPS is not secure enough, than why do banks use them? Just wondering...
Because *most* people see the litle padlock in the status bar and think that it's secure. So the banks humour them. On the other hand it *does* provide some, if not fairly trivial security. -D ----------------------------------------------------------------- ATTENTION: The information in this electronic mail message is private and confidential, and only intended for the addressee. Should you receive this message by mistake, you are hereby notified that any disclosure, reproduction, distribution or use of this message is strictly prohibited. Please inform the sender by reply transmission and delete the message without copying or opening it. Messages and attachments are scanned for all viruses known. If this message contains password-protected attachments, the files have NOT been scanned for viruses by the ING mail domain. Always scan attachments before opening them. -----------------------------------------------------------------
Current thread:
- Secure Intranet? Alan Cooper (Nov 01)
- RE: Secure Intranet? Nathan (Nov 01)
- <Possible follow-ups>
- Fw: Re: Secure Intranet? Arnaud M . (Nov 01)
- RE: Re: Secure Intranet? Surmit Walia (Nov 04)
- RE: Re: Secure Intranet? simsjs (Nov 05)
- Re: Secure Intranet? Arnaud M . (Nov 08)
- RE: Re: Secure Intranet? Surmit Walia (Nov 04)
- RE: Secure Intranet? DeGennaro, Gregory (Nov 01)
- Re: Secure Intranet? Chris Berry (Nov 04)
- RE: Secure Intranet? Dozal, Tim (Nov 04)
- RE: Re: Secure Intranet? Danny.Carroll (Nov 06)
- Re: Re: Secure Intranet? Byron Kennedy (Nov 07)
- RE: Re: Secure Intranet? ONEILL David J (Nov 06)
- RE: Re: Secure Intranet? Seth Knox (Nov 07)