If you’re ever lost on an island, simply write “tabs > spaces” in the sand and you’ll have an army of programmers descending on you to argue
The designer sweet spot: Gut driven design that's data informed http://t.co/cN6Z3rut5m
Welcome Rep. @GerryConnolly as 1st congressman on GitHub, submitting a pull request to @whitehouse's FITARA, no less https://t.co/fgjsoHZI6x
Entrepreneurs: The only people willing to work 80 hours a week to avoid working 40. http://t.co/W0wjlIix0P
Seriously, banks? Obvious website security issues at major US banks http://t.co/8dzG63eGbq
Of all the websites you visit you probably assume your bank’s is setting the security bar. Well…
Google publicly announced last year they would begin sunsetting SHA-1 support in Google Chrome, the green lock icon you’d expect to see on your bank’s website might start turning white, orange, or red depending on how out of date their security is.
Back in 2011 the CAB forum, an industry group of leading web browsers and certificate authorities working together to establish basic security requirements for SSL certificates, recommended that websites should start using SHA-2. In fact, the government published deprecation plans in 2011 to take effect in 2014: “SHA-1 shall not be used for digital signature generation after December 31, 2013.”
So you’d expect your bank to be privy to this information and waiting with bated breath to upgrade their security as soon as available. Unfortunately, the login form of all of these major banks fall short of very clear expectations:
Google even warns users that, “The site is using outdated security settings that may prevent future versions of Chrome from being able to safely access it,” and, “Your connection to XYZ is encrypted with obsolete cryptography.”
This doesn’t mean they’re inherently insecure. Banks do have many layers of security and are held to a higher regulatory standard (in the US at least). But this is low hanging fruit, easy to implement, and is a public declaration of a commitment to security.
Hey @TXlege and @GregAbbott_TX: thanks for all the great regulation at the state level. http://t.co/4HbsPcnBsw
#Denton: There’s a great WordPress Engineer position available on the Square. Check this out: http://t.co/nzYJfjwcdo
Do you love building WordPress plugins? Do you want to do it for WordPress VIP sites? http://t.co/gwq7dkuQbr