Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
The Something Awful Forums > Discussion > Serious Hardware/Software Crap > Haus of Tech Support > Your Operating System has Poor Operational Security
 
  • Post
  • Reply
crack mayor
Dec 22, 2008
 Not quite sure if what I'm about to ask fits the thread, but here goes. How big of a problem is it if a website uses obsolete encryption, or is certified but doesn't have publicly audited records? I get it if it's hard to answer in a concrete way. It almost strikes me as paranoid to think that if a website is not using the latest encryption and has third party verification (in the sense of publicly audited records), then the website is 100% compromised and shouldn't be used. On the other hand, some the websites that aren't exactly up to date are numerous and varied. It would seem impossible to avoid non-vulnerable websites entirely. Should someone be afraid to create a login for a business' website to apply for a job if that website isn't using the latest and greatest? Or is network vulnerability blown out of proportion? How real and/or immediate is the threat of identity theft on the internet in general?

* # ¿ Jun 10, 2015 21:33
  • Quote
Adbot
ADBOT LOVES YOU

# ¿ May 2, 2024 14:57
  • Quote
crack mayor
Dec 22, 2008

Crack posted:

I know I came across as a bit paranoid earlier but really it's about balancing risk. I'm not sure if you mean ssl encryption or stored data encryption but I guess in the end its not really relevant. It's not true that a non perfectly secured website is 100% compromised, unless it's a particularly juicy target. There have been examples of banks for example that have been told they have an exploit and need to patch (maybe with a risk of $60k loss from hackers per few months) and the patch takes a day, but the bank rakes 1mil+ per day so it's inconsequential and they don't patch because it doesn't actually make financial sense. So just think when submitting info on a website, do I need to use real info (it's easy to lie in many fields), how sensitive or valuable is this info - especially to a crim, and what is the companies track record regarding breaches (type example.com exploits or similar in google if it's fairly large and you will probably find how long they took to implement a patch).

Also it almost goes without saying but the fewer companies that store your data the less chance of compromise.

https://www.ssllabs.com/ssltest/index.html plug it in here if it's https, look at the results and make a decision. If it's F, maybe it isn't so great and you should email the webmaster the ssltest results.

Yea. I definitely try to keep my info confined to a few sites. It's difficult in a situation like job hunting though. I'm phone posting right now, but I'll check that link out later.

* # ¿ Jun 12, 2015 03:57
  • Quote
  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply
The Something Awful Forums > Discussion > Serious Hardware/Software Crap > Haus of Tech Support > Your Operating System has Poor Operational Security