Security Certificate Test

Super Cert Hosting has conducted a browser security test to see what information is actually sent across the secure and non-secure servers with a freeware program called Ethereal, which can be found at http://www.ethereal.com. Our results were somewhat surprising. We were able to see plaintext passwords, credit card numbers, and other information being send from the test computer to the non-secure server using a special program we got from the Internet. We tested the secure server by using our own web site to send across the exact same information that we sent across the first time with the non-secure server. The only information that we found that was not encrypted was the information about the security certificate that the browser sends out in order to establish a secure connection. It was the first bit of important information sent out to the server. Below are some pictures of our test:

Test with non-secure server.

Test with secure server.

As you can see from the picture at the top of the non-secure server, the test credit card number we used was 43872930393800 and both of the passwords were testx. In the bottom picture, all the information is encrypted before it is sent out via the secure connection. We did other tests involving E-mail clients such as MS Outlook and we could see plaintext passwords sent out as well.

In conclusion, we have found that hackers, your ISP, the government, anyone else who knows how to intercept packets of data sent to or from your computer and/or the non-secure server can read any of this information before you do. Super Cert Hosting allows you to transmit information securely via a Secure Socket Layer (SSL) to and from our servers. RSA Data Security says it would take someone a trillion times a trillion years to break the 128-bit encryption certificate using current technology.

Copyright © 2003 Super Cert Hosting. All Rights Reserved.
SuperCertHosting.com is an Alpine Snow Company.