Banking Security on the Web: AskMisterWizard.mpg
www.askmisterwizard.com When your web browser connects you with your bank or e-commerce web sites with a secure https session, it examines the bank’s digital certificate to make sure it is supplying its own, proper encryption key. It checks for digital ”signatures” within the certificate, to make sure that they, in turn, are properly encrypted, using public encryption keys that are so widely published that they are easily verified. But this system is not perfect. All web browsers are configured to ”trust” certificates from hundreds of organizations that are presumed worthy of worldwide trust. But those organizations CAN be subverted, bribed, corrupted, or penetrated. Furthermore, sometimes you know more about the site than the people that signed the digital certificate. This 15 minute clip explains the principles and risks involved, and shows exactly how to interpret warning messages from your web browser.
Leave a Reply
You must be logged in to post a comment.