Quote:
|
Originally Posted by Realpascal
If you want to screw someone, there are many ways to do that.
But a hacker that screws with the submission form to receive a copy of the data I submitted, is not looking for ways to close my Epass account
|
Perhaps not - I really don't find it necessary for anyone with a simple packet sniffer to see my info, home phone, dob, SSN \ taxid, etc... etc...
Hell and if you are on a WiFi system... who knows who is potentially listening in. I mean, you are submitting user names and passwords too... whats stopping from someone loggin and changin where to mail the check to, your account numbers... you can imagine what else could be changed.
And since certs are so damn cheap - there is no reason NOT to install one. And if you don't want to pay the money for one from Verisign or what have you... just make one yourself and make it self signed.
-jim