Well here we are again.
So you are login into the banks or Credit card. You made sure that you have the Key in the browser and you think you are safe?
Well unfortunately you are not. As most websites including Gmail, Cahoot, Tesco etc use the version 1.0 SSL.
Trouble is this has been broken. So, you say oh dear. they will send out a fix. Well the Fix has been out since 2006. But, the websites are some what in a chicken and egg problem.
As the normal browser including IE, Chrome , FF etc are set at version 1.0. Although most can use 1.2 which is the most secure. If they did force you to use this level then quite a few of the commercial sites would refuse to work. 
( and of course the site would lose web traffic.
So, they decided to leave it. Now of course it is going to come and bite them. As they have left open a way for an attacker to high jacking the session. Trouble is, you will not know.
As you will turn up to the right website and be unaware of any thing being wrong. You will see the lock in the browser and to the normal person. Everything would be fine.
So, my suggestion is to convince Google and other Search engines to rate the Websites positions by what SSL level they are using. So, the safe ones that use 1.2 are above the ones that don’t.
Personally I think you would then find a lot of website migrating to the secure version. Which, then would make the site more secure the default standard. A quick tweak to the browser security settings and everyone would be using 1.2 in a short space of time. Then, the hackers would have to crack the 1.2. Which is going to be a lot more difficult.
The search engines then get the credit of providing a more secure internet. The banks have very little excuse. They should have been completed this upgrade many moons ago.
Well that’s my point of view. What’s yours?
Thanks for reading.
David Vincent.
What you have to say.