ak621 at chebucto.ns.ca
Sat Jan 17 19:41:06 AST 2009
On Sat, 17 Jan 2009, Stephen Gregory wrote:
> Richard Bonner wrote:
>> *** One can access one's bank account though Chebucto's shell
>> server. I do that and am completely isolated from the Internet. No
>> router, firewall or virus protection is required.
> You are still using the Internet to access those services. I fail to see
> how running the web browser (lynx) on someone else's computer
> (Chebucto's) lowers your level of risk.
*** It eliminates the risk to my computers, but as I said in that or
another post, bad guys could crack Chebucto's server and access an
account that way.
> If anything it is more risky. You now an unencrypted connection to
> Chebucto. You are trusting Chebucto's physical and software
> security. You are also trusting Chebucto's volunteers completely. It
> would be trivial to capture your keystrokes sent to the Chebucto
> shell server.
*** Chebucto's shell server is https compliant; would it not have
to have security in place in order to be so?
As for their volunteers, none are far enough up in the organisation
that they would have access to personal accounts. Theoretically, some
employees at any ISP must have such access. There must be safeguards
> You still need some form of virus protection on your local computer
> to protect against keyboard loggers (which can wait to upload the
> log the next time you have an ip connection).
*** How might I get such a virus? It can't come down the shell
server pipe unless I manually download and run an infected executable.
> This is not to say that Chebucto's service is insecure, but there is
> a lot more to think about.
> - sg
More information about the nSLUG