* Perry E. Metzger:
> If you go over to, say, www.fidelity.com, you will find that you can't
> even get to the http: version of the page any more -- you are always
> redirected to the https: version.
Of course, this only helps if users visit the site using bookmarks
that were created after the sw
--
Perry E. Metzger wrote:
> It used to be that Verizon (my local phone company,
> sadly) had this general problem but you could click on
> "log in" and it would direct you to a secure page with
> a little error message and you could then enter your
> username and password. They've since "fixe
Hi,
Perry E. Metzger wrote:
> For years, I've complained about banks, such as Chase, which let
> people type in the password to their bank account into a page that has
> been downloaded via http: instead of https:.
>
> The banks always say "oh, that's no problem, because the password is
> posted
Derek Atkins <[EMAIL PROTECTED]> writes:
> I'll just point out that you CAN go to:
>
> https://chaseonline.chase.com/
>
> And that works, and should be secure.
And for the six people that know to do that, it works great. :)
It used to be that Verizon (my local phone company, sadly) had this
gen
On Tue, January 23, 2007 09:24, Perry E. Metzger wrote:
> (Incidently, the article gets a few things wrong. It somewhat implies
> that you are safe if you pick a WiFi network you have a previous
> relationship with, which isn't true.)
It also is only warning against ad-hoc connections with mislea
Quoting "Perry E. Metzger" <[EMAIL PROTECTED]>:
Now you might wonder, why do I keep picking on Chase?
A certain other security person and I had an extended argument with
the folks at another company I won't name other than to say that it was
American Express. At the time, they more or less said
