Syntactic Confectionery Delight | |
PerlMonks |
comment on |
( [id://3333]=superdoc: print w/replies, xml ) | Need Help?? |
I was bothered by Re: Re: (OT) SSL Certificates: Self-Signing and Alternative Solutions because it shows a fundamental misunderstanding of how easy it is to steal credit card databases. ??? That entire point of that node was that it is, in fact, really easy to nab CC nums from databases. So easy that you could throw away SSL entirely in many cases and the security of the entire system wouldn't substantially drop. I agree that this statement might not be clear: While we're bothering to educate users, why not explode the "Must Have Encryption on Credit Card Numbers" myth? The myth concerns SSL, not the database server. You should always have encryption on the CC nums in the database, if you must store them at all. ---- : () { :|:& };: Note: All code is untested, unless otherwise stated In reply to Re: Use placeholders. For SECURITY!
by hardburn
|
|