On Apr 19, 2014, at 18:29, Dale <rdalek1...@gmail.com> wrote: > Mick wrote: > > Encryption still works, at > least for some attackers. The fact that burglars can pick locks > doesn't mean that you should leave your door unlocked. FWIW I just > checked my bank's website encryption ... they *still* use RC4!!! > O_O I guess they are keen to make sure all these customers with > WinXP and MSIE 7.0 can still login? For crying out loud! It seems > that RSA's days may be numbered and elliptic curve cryptography > would be the way forward, not because of resource constrained > mobile devices, but also because of recent advances in > crypto-analytics which may make RSA obsolete: > > http://www.technologyreview.com/news/517781/math-advances-raise-the-prospect-of-an-internet-security-crisis/ > > > How does one find out what their bank uses? I'd like to check on what mine > uses. I have Seamonkey and Firefox installed here IF it matters.
Well you can use ssllabs.com. I use it for debuging. Here is what Bank of America uses: https://www.ssllabs.com/ssltest/analyze.html?d=www.bankofamerica.com&hideResults=on -Matti
