Quote:
Originally Posted by BoyAlley
Uhm, Epassporte implements SSL on their site right?
Your password wouldn't have been sent plaintext through the air, so even if someone was doing packet monitoring, they couldn't have gotten your password that way.
Unless they actually got a trojan / keylogger installed on your box?
Either way it sucks hairy ass (and not in a good way), I hate to see good people getting victimized. 
|
It doesnt matter actually.. all that information is being sent through the air and anyone with the right skills can intercept it.
Even with SSL that only makes it a little bit harder but not very, if someone was sniffing his packets from the very first packets sent then they already have the crypto keys and crypto suite information that they need to decrypt everything as its being transmitted.
The lesson here is to avoid transmitting your private information through the air where anyone can intercept it. Encrypted or not.