|
Not quite sure if what I'm about to ask fits the thread, but here goes. How big of a problem is it if a website uses obsolete encryption, or is certified but doesn't have publicly audited records? I get it if it's hard to answer in a concrete way. It almost strikes me as paranoid to think that if a website is not using the latest encryption and has third party verification (in the sense of publicly audited records), then the website is 100% compromised and shouldn't be used. On the other hand, some the websites that aren't exactly up to date are numerous and varied. It would seem impossible to avoid non-vulnerable websites entirely. Should someone be afraid to create a login for a business' website to apply for a job if that website isn't using the latest and greatest? Or is network vulnerability blown out of proportion? How real and/or immediate is the threat of identity theft on the internet in general?
|
# ¿ Jun 10, 2015 21:33 |
|
|
# ¿ May 2, 2024 14:57 |
|
Crack posted:I know I came across as a bit paranoid earlier but really it's about balancing risk. I'm not sure if you mean ssl encryption or stored data encryption but I guess in the end its not really relevant. It's not true that a non perfectly secured website is 100% compromised, unless it's a particularly juicy target. There have been examples of banks for example that have been told they have an exploit and need to patch (maybe with a risk of $60k loss from hackers per few months) and the patch takes a day, but the bank rakes 1mil+ per day so it's inconsequential and they don't patch because it doesn't actually make financial sense. So just think when submitting info on a website, do I need to use real info (it's easy to lie in many fields), how sensitive or valuable is this info - especially to a crim, and what is the companies track record regarding breaches (type example.com exploits or similar in google if it's fairly large and you will probably find how long they took to implement a patch). Yea. I definitely try to keep my info confined to a few sites. It's difficult in a situation like job hunting though. I'm phone posting right now, but I'll check that link out later.
|
# ¿ Jun 12, 2015 03:57 |