Safe data

For our master thesis we are also using SSL encryption. And there was recently some attention in the media about this. A Belgian blogger mentioned that a lot of banks didn’t use safe SSL connections.

This means that it is possible for hackers on the internet to see everything what the user is seeing and in some cases might be able to change the bank account numbers to which money is send.

Luckily the banks whose SSL connection was unsafe updated their servers in most cases in a few days. But still not all banks have one of the most safe grades. In most cases this is because they want to maintain backward compatibility with old internet browsers. But this means that using this older browsers implies an unsafe connection.

In almost all browsers it is not indicated if a connection is over HTTP (unencrypted). But Chromium has a proposal to indicate all HTTP-traffic as insecure. Which is in fact a logic choice since in this case the user isn’t informed that he uses an unencrypted connection while it might be necessary.

When you are visiting websites with personal confidential information, do you check that it is served encrypted? If a website with personal information is served over HTTP do you still use it?

http://www.chromium.org/Home/chromium-security/marking-http-as-non-secure
https://yeri.be/belgian-banks-ssl
http://deredactie.be/cm/vrtnieuws/economie/1.2241284

Advertenties

5 gedachtes over “Safe data

    1. Ok so sorry about that, I’ve no clue how to edit my comment so I’ll go ahead and write a new one.
      I accidently pressed enter there before I was even finished as you can see:p.

      When visiting a website I honestly pay no attention to whether it’s an encrypted connection or not, that’s probably a bad habit though. The only time I do check the connection is whenever I do something that’s bank related. I’m kinda suspicious about that, so I always check if that happens through an SSL connection and I’ve the tendency to close every other browser window. I know that doesn’t make any sense but I’m kind off paranoid when it concerns my bank affairs:p.

      I like chromium’s proposal though because a lot of people out there with no ICT background have no clue what SSL is and are therefore not even aware there’s something like a safe and rather unsafe connection.

      Like

      1. I agree. Most people don’t have a decent IT background and have no idea what a safe connection is nor how to make sure they’re on one. This would be a topic everyone should learn, although it’s harder than it sounds; especcially older people, who weren’t raised with computers, will have a hard time learning this.

        Like

      2. I think you’re right. But it’s not only older people. I know a lot of people (myself included) which are not aware of all the possibilities/configurations of my computer. Maybe our educational system should update and implement it in the ‘leerplan’ in high school.

        Like

  1. I also do not pay attention to the encrypted connection of a website except when I log on to the website of my bank. But it is unbelievable that some banks don’t want to implement the SSL connection because of the compatibility of the internet browser?! Don’t they want to make sure their customers are safe when they go to their website?
    And I think that elderly people, who weren’t raised with computers, will not do their bank affairs online, they either go to the bank or ask their children or grandchildren to do it, no?

    Like

Geef een reactie

Vul je gegevens in of klik op een icoon om in te loggen.

WordPress.com logo

Je reageert onder je WordPress.com account. Log uit /  Bijwerken )

Google+ photo

Je reageert onder je Google+ account. Log uit /  Bijwerken )

Twitter-afbeelding

Je reageert onder je Twitter account. Log uit /  Bijwerken )

Facebook foto

Je reageert onder je Facebook account. Log uit /  Bijwerken )

w

Verbinden met %s