[cap-talk] Posters on Polaris and Petnames

Karp, Alan H alan.karp at hp.com
Wed Jul 6 16:58:06 EDT 2005

Jed Donnelley wrote:
> I was amazed when I saw your chart indicating that US Bank, PayPal,
> and eBay don't use SSL on their default login page.  Why in the world
> not I wonder?  The only possibility that comes to mind is to 
> save users
> the cost of linking to an SSL protected page for the login.  Wow.
> Many of the personal IDs and passwords for US Bank and PayPal
> and AOL customers fly across the Internet in clear text???
It's not that bad.  Do a View Source.  You'll see that the POST of your
password is done with https.

Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Karp, Alan H.vcf
Type: text/x-vcard
Size: 433 bytes
Desc: Karp, Alan H.vcf
Url : http://www.eros-os.org/pipermail/cap-talk/attachments/20050706/2ddd0def/KarpAlanH.vcf

More information about the cap-talk mailing list