Middlesex Bank screws up embarrassingly
I went online to check my bank balances, only to get a warning that the bank's certificate had expired a few hours earlier! Well, being somewhat cautious, I called up the bank, who told me they knew about the problem and were in the process of fixing it. They told me that, if I were sufficiently paranoid, I could wait until it was fixed, or else I could just allow my browser to proceed. They assured me that it would be fine to do the latter. I pointed out that they're not supposed to wait for their certificate to expire before getting a new one, and they agreed that it was an embarrassing oversight.
Well, I ended up not waiting, but it occurred to me later that it's a pretty serious security breach, though one that takes a fair amount of effort to exploit.
Well, I ended up not waiting, but it occurred to me later that it's a pretty serious security breach, though one that takes a fair amount of effort to exploit.