From: Dale <rdalek1967@gmail.com>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] Re: Heartbleed fix - question re: replacing self-signed certs with real ones
Date: Sat, 19 Apr 2014 16:23:20 -0500 [thread overview]
Message-ID: <5352E948.6000303@gmail.com> (raw)
In-Reply-To: <3gB4NM59vnz62Xv@devnoip.rootservice.org>
[-- Attachment #1: Type: text/plain, Size: 3018 bytes --]
Joe User wrote:
> On 19.04.2014 21:33, Dale wrote:
> > Matti Nykyri wrote:
> >> On Apr 19, 2014, at 18:29, Dale <rdalek1967@gmail.com
> >> <mailto:rdalek1967@gmail.com>> wrote:
> >>
> >>> Mick wrote:
> >>>> Encryption still works, at least for some attackers. The fact
> >>>> that burglars can pick locks
> >>> doesn't mean that you should leave your door unlocked. FWIW I
> >>> just checked my bank's website encryption ... they *still* use
> >>> RC4!!! O_O I guess they are keen to make sure all these
> >>> customers with WinXP and MSIE 7.0 can still login? For crying
> >>> out loud! It seems that RSA's days may be numbered and elliptic
> >>> curve cryptography would be the way forward, not because of
> >>> resource constrained mobile devices, but also because of recent
> >>> advances in crypto-analytics which may make RSA obsolete:
> >>>
http://www.technologyreview.com/news/517781/math-advances-raise-the-prospect-of-an-internet-security-crisis/
> >>>
> >>>
> >>>
> >>>
> How does one find out what their bank uses? I'd like to check on
> >>> what mine uses. I have Seamonkey and Firefox installed here IF
> >>> it matters.
> >>
> >> Well you can use ssllabs.com <http://ssllabs.com>. I use it for
> >> debuging. Here is what Bank of America uses:
> >>
> >>
https://www.ssllabs.com/ssltest/analyze.html?d=www.bankofamerica.com&hideResults=on
> >>
> >>
> >>
> >>
> -Matti
>
> > I get this.
>
> >
https://www.ssllabs.com/ssltest/analyze.html?d=cadencebank.com&hideResults=on
>
>
>
> > I don't know a lot about this encryption stuff but mine don't look
> > to good. :/ You got your test graded and mine seems to be bad
> > enough to not even deserve a grading.
>
> > Dale
>
> > :-) :-)
>
>
> You have to use the https-URLs like this one:
>
https://www.ssllabs.com/ssltest/analyze.html?d=secure1.cadencebanking.com&hideResults=on
> Very secure your banks customer-login ;)
>
> Time to move to a safer bank...
>
>
Well, I have had doubts about their security for a while now since I
think they run windoze anyway. This sort of confirms it. They changed
from Visa for their debit card to Discover about a year ago. I'm get
pretty fed up with going places and them NOT take my card and me being
stuck in awkward situations. Then finding out that their security is
just barely half what it should be, yep, time to find a new bank. I
been putting this off for a while now. As some know, my brother had
cancer and I been busy dealing with that. We lost him about a month ago
so I'm trying to play catch up. He beat the cancer but we think he took
to much meds by mistake and it was to late by the time he realized it.
Changing banks is on my todo list and may have just took a higher
priority. It just went from not worth much to not worth spit. ;-)
At least now I know how to check any potential new banks that I am
interested in too. Thanks for sharing that howto info.
Dale
:-) :-)
--
I am only responsible for what I said ... Not for what you understood or
how you interpreted my words!
[-- Attachment #2: Type: text/html, Size: 5291 bytes --]
next prev parent reply other threads:[~2014-04-19 21:23 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-04-16 10:52 [gentoo-user] Heartbleed fix - question re: replacing self-signed certs with real ones Tanstaafl
2014-04-16 11:14 ` Matti Nykyri
2014-04-16 17:56 ` Tanstaafl
2014-04-17 5:59 ` Matti Nykyri
2014-04-17 6:10 ` Mick
2014-04-17 14:40 ` Matti Nykyri
2014-04-17 15:49 ` Mick
2014-04-17 16:54 ` Joe User
2014-04-17 18:43 ` Matti Nykyri
2014-04-17 20:17 ` [gentoo-user] " walt
2014-04-18 5:50 ` Matti Nykyri
2014-04-18 14:27 ` Dale
2014-04-18 16:45 ` Mick
2014-04-18 18:08 ` Dale
2014-04-18 19:01 ` Mick
2014-04-18 20:27 ` Dale
2014-04-18 23:33 ` Mick
2014-04-19 15:29 ` Dale
2014-04-19 15:43 ` Matti Nykyri
2014-04-19 19:33 ` Dale
2014-04-19 19:43 ` Joe User
2014-04-19 21:23 ` Dale [this message]
2014-04-20 0:18 ` Peter Humphrey
2014-04-20 8:49 ` Mick
2014-04-20 9:21 ` Matti Nykyri
2014-04-20 10:26 ` Mick
2014-04-19 16:11 ` Mick
2014-04-19 18:41 ` Dale
2014-04-20 8:27 ` Mick
2014-04-20 9:10 ` Dale
2014-04-20 12:38 ` Mick
2014-04-20 16:40 ` Matti Nykyri
2014-04-20 17:20 ` Joe User
2014-04-21 6:57 ` Matti Nykyri
2014-04-20 18:36 ` Dale
2014-04-19 11:51 ` [gentoo-user] " Mick
2014-04-19 13:17 ` Joe User
2014-04-19 15:38 ` Matti Nykyri
2014-04-19 16:40 ` Joe User
2014-04-19 17:14 ` Mick
2014-04-20 23:20 ` Mick
2014-04-21 7:11 ` Matti Nykyri
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5352E948.6000303@gmail.com \
--to=rdalek1967@gmail.com \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox