Has there been a change in US banking regulations recently?
Perry E. Metzger
perry at piermont.com
Fri Aug 13 09:35:22 EDT 2010
On Fri, 13 Aug 2010 23:59:18 +1200 Peter Gutmann
<pgut001 at cs.auckland.ac.nz> wrote:
> As part of a thread on another list, I noticed that Bank of
> America, who until recently didn't bother protecting the page where
> users are expected to enter their credentials with anything more
> substantial than a GIF of a padlock, now finally use HTTPS on their
> home page, and redirect HTTP to HTTPS (this only took them, what,
> about ten years to get right? Or is it fifteen? When did BofA
> first get a web presence?). Wachovia now do it too. And Citibank
> at least redirect you to an HTTPS page. And so does US Bank, after
> asking for your ID.
>
> What on earth happened? Was there a change in banking regulations
> in the last few months?
I don't know, but Chase, which years ago sent me a letter explaining
exactly how crazy I was for complaining that their front page was
sent in the clear, has also begun redirecting people to https. I'm
unaware of a regulatory shift on this, but perhaps people have
finally learned that doing otherwise is a bad idea.
Perry
--
Perry E. Metzger perry at piermont.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list