Showing posts from May, 2018

Sad state of email encryption in Serbia - or how a web based bank just does not encrypt emails

Not long ago, browsing through my received emails in my gmail, I've realized that one of the banks I use does not use TLS when sending emails to their clients. Of course, being a security aware customer of the bank, and having in mind that I am their client, I've decided to contact them with this information, pointing out the fact that Gmail, a 21st century go-to free email provider, makes this very prominent in each mail they send. The usual ways of contacting the bank in question is either via phone, email or Twitter. Since they don't encrypt their email traffic, and I didn't have time for waiting on their staff on the phone (who does these days, right?), I've decided to use Twitter. I had previous experience with them via this channel, and a positive one. They seemed to be on top of any problems they receive via tweets, and are quite fast to reply. Translation: "Hello @TelenorBanka, did you know that emails you're sending to your clients are not en