Re: What a screwup by Pokerstars!!!
Our client software uses the industry standard SSLv3 protocol. It is configured to use RSA for authentication and key generation and triple-DES (EDE3, in outer-CBC mode) for encryption. Currently we are using 512-bit RSA key, which according to [1] is sufficient for short and medium-term (up to several years) secrets. As we update server private keys every three months, we are secure with a good safety margin. The use of Triple-DES EDE3 for session encryption is considered even safer
No private data, such as pocket cards, is ever transferred to other players
I think for the non-computer people out there, this is rather amusing.
Lori
|