- From: Reed Wade <rwade@usit.net>
- Date: Mon, 12 May 1997 12:47:48 -0400 (EDT)
- To: Sarra Mossoff <sarra@smallworld.com>
- cc: www-talk@w3.org
> It is my understanding that concerns about security on the web are much > exaggerated. Think of all the people who feel comfortable giving their > credit card number over the phone -- even cordless phones. This method of > transmission can be intercepted by just about anyone willing to invest a > small amount of money in the necessary technology. > Sarra Mossoff 171 West 85th Street I can't entirely agree. Snooping credit card numbers going to a web server isn't much different from snooping passwords on a local net. It's more involved as far as picking the right machines to break into but that's the only difference. If the card numbers are encrypted, it cuts down the value of these sorts of break-ins considerably. That said, I do agree that card numbers in the clear are about as safe as handing some random waiter your credit card. Rarely is this a problem. But, since we can easily protect this information from attacks that are reasonably likely to occur, we should. It would be irresponsible not to. -reed
Received on Monday, 12 May 1997 12:48:13 UTC