Re: security on the web

> It is my understanding that concerns about security on the web are much
> exaggerated.  Think of all the people who feel comfortable giving their
> credit card number over the phone -- even cordless phones.  This method of
> transmission can be intercepted by just about anyone willing to invest a
> small amount of money in the necessary technology.

> Sarra Mossoff                          171 West 85th Street

I can't entirely agree. Snooping credit card numbers going
to a web server isn't much different from snooping passwords
on a local net. It's more involved as far as picking the right
machines to break into but that's the only difference.

If the card numbers are encrypted, it cuts down the value of these 
sorts of break-ins considerably.

That said, I do agree that card numbers in the clear are
about as safe as handing some random waiter your credit
card. Rarely is this a problem.

But, since we can easily protect this information from attacks that
are reasonably likely to occur, we should. It would be 
irresponsible not to.


Received on Monday, 12 May 1997 12:48:13 UTC