[Cryptography] Questions about crypto that lay people want to understand

[John Levine]

>> Your bank only accepts https because they have insurance that will
>> reimburse them if their certificate gets spoofed.
>I'm not aware of any such insurance.  Given that the CA's consistently refuse to accept any
>liability, ...

Uh, what? Symantec says their warranty will pay up to $1.75M, although 
when one looks at the fine print, the breaches they cover seem pretty
unlikely:

https://www.symantec.com/en/in/page.jsp?id=compare-ssl-certificates

The usual approach in bank spoofing is to use a different domain that
sort of looks like the target. It's hard to see how anyone could blame
that on the bank's own CA.  I presume banks have general insurance
against fraud losses but I don't know the details or how willing
insurers are to cover these particular losses.

>generally get away with it.  These are not attacks on HTTPS - they usually "go around" the
>encryption by planting virus on the end-user machines using spear-fished emails.

Somewhat surprisingly, companies are gettting better at preventing
malware attacks, I think through combinations of using a dedicated
computer for bank transactions and two-factor dongles into which you
put some part of the recipient's account number to generate a
validation code.  We can consider this a minor crypto success.

The attack du jour is spear phishing a company's CFO or accounting
clerk to send fake mail appearing to be from the boss telling them to
wire money to the crook's account.  Since the transaction is entered
and validated correctly, banks are generally off the hook, although
well run banks will notice atypical transactions and try to warn the
company.

R's,
John