While we're bothering to educate users, why not explode the "Must Have Encryption on Credit Card Numbers" myth?

For a random person on the Internet, sniffing traffic to get credit card numbers (even if everything was sent in cleartext) is difficult, and doesn't get a very large reward. You'll have to get a machine physically on the network of a router, grab all the traffic (which could be well into gigabytes per day, or even per hour), and anylize all of it for CC nums.

Consider that many companies store the credit card on a machine sitting just outside their main firewall. There could be thousands of CC nums sitting on one of these machines at any one time. Compared to traffic sniffing, cracking into those boxes is often piss-easy (just wait for the next OpenSSH or Windows bug to come along--shouldn't take too long in either case). Those boxes are your main point of security failure, not SSL.

----
I wanted to explore how Perl's closures can be manipulated, and ended up creating an object system by accident.
-- Schemer

: () { :|:& };:

Note: All code is untested, unless otherwise stated

In reply to Re: Re: (OT) SSL Certificates: Self-Signing and Alternative Solutions by hardburn
in thread (OT) SSL Certificates: Self-Signing and Alternative Solutions by Anonymous Monk

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.