This article, actually I just wanted to create awareness for those who are running online stores, to adopt this SSL encryption, to secure their customer’s payment and login data.
I’ve seen some shopping cart sites, where they allow customers to store the credit card info in their shopping cart account, to make it easier for make payments in the future, do not even have SSL certificates at all!
Well, it is very dangerous to run a shopping cart without SSL at all! At least, generate a self signed cert to encrypt the damn payment page lar!
It seems complicated, but actually, you do not even need to give a damn about what the browser is doing.
As long as you are in a SSL secured site, the data transmitted between your web browser and the web server are all encrypted and you are safe. Erm… I mean, safer, as it is still possible to be hacked also…
Some genius certificate issuer from the Bolehland called Digicert Sdn Bhd, have their trusted certificate issuer status revoked for issuing some fucking weak encryption certificates. A lot websites which used certs issued by them are hacked and get the infos stolen. And for your information, RHB and some other banks used to use their SSL certs before their trusted certificate issuer status were stripped off.
So, it means if the generated certs are weak, it is still possible that the transmitted data between the web browser and the web server can be sniffed. So choose your certificate issuer wisely.
Well, at least if you got SSL for your website which will going to transmit sensitive datas, your are much safer compare to have none at all. Wearing a condom is safer than not wearing anything at all, right?
By the way, at the time I am writing this article, I am damn fucking sleepy and I have no idea WTF I am writing also. So if you don’t understand WTF I am writing, please do not hesitate to ask in the comment section.