Results 1 to 3 of 3
  1. #1
    Join Date
    Sep 2009
    Location
    California
    Posts
    220

    Default Site Encryption Question

    I noticed that you guys use a 256-bit AES cipher, which makes me extremely happy! Is that level of encryption very expensive? Hotmail, for example, uses a 128-bit AES encryption cipher.

    In light of the huge Sony PlayStation Network breach, do you think that is likely more companies will increase their encryption strength? I'm surprised a company like Microsoft doesn't do that already? They specialize in software. You would think they would be pushing encryption standards. Maybe I'm giving them too much credit, no?

  2. #2
    Join Date
    Feb 2004
    Location
    Seattle, WA
    Posts
    3,907

    Default Re: Site Encryption Question

    Its not expensive at all, maybe the larger sites just don't have the server power for stronger encryption? Regardless, I think that a brute force decryption of traffic is extremely rare (128-bit or not), more often those kinds of security lapses end up being a completely avoidable human mistake in security design or implementation. Though I admit I haven't read up on the details of what happened with Sony. [EDIT: it seems Sony isn't releasing details?]

  3. #3
    Join Date
    Sep 2009
    Location
    California
    Posts
    220

    Default Re: Site Encryption Question

    Well, Sony has been reporting that they are not 100% certain that credit card information has been stolen, and they have suggested that customers who used their credit cards on the PSN to pay attention to bank statements, credit card statements, etc. From my understanding, personal information such as physical addresses, telephone numbers, and the like have been compromised.

    Also, Sony had to bring outside security specialists in to investigate the extent of the breach. Sony's PlayStation Network has been down for over a week now, though Sony is responsible for that. They did so in order to prevent any further security intrusions until they can implement greater security measures. What those security measures are I do not know. According to Sony, when they are ready to bring the network back online, users will receive a system update that will require them to change their passwords.

    Sony has been releasing fairly regular updates on their blog if you are interested in reading more about the situation.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •