ak621 at chebucto.ns.ca
Sat Jan 17 19:54:55 AST 2009
On Sat, 17 Jan 2009, Daniel Morrison wrote:
> 2009/1/17 Stephen Gregory <nslug at kernelpanic.ca>:
>> Richard Bonner wrote:
>>> *** One can access one's bank account though Chebucto's shell
>>> server. I do that and am completely isolated from the Internet. No
>>> router, firewall or virus protection is required.
>> You are still using the Internet to access those services. I fail to see
>> how running the web browser (lynx) on someone else's computer
>> (Chebucto's) lowers your level of risk. If anything it is more risky.
> Agreed. If you want secure, remote banking, and don't trust the
> Internet, I suggest telephone (touch-tone) banking instead.
*** That is not secure either, although with the popularity of the
Internet, I suppose it has fallen into less usage. I remember reading
an article years ago about telephone hackers. Most of them were
stealing long distance call capability, but some of them went beyond
that using hand-help recording and dialing devices.
To that end, I have concern for those caught by the recent spate of
telephone scammers that want people to enter a certain code on their
phones. Again. it's to steal long distance, but if it was modified to
steal telephone banking touch tones, accounts could be compromised.
Touch tones are easy to duplicate.
> That said, personally, I have no problem with banking online. I've
> been doing it for at least five years, if not closer to ten, and have
> had no troubles, credit card also, PayPal, etc. I don't even open a
> new browser application for online banking. Am I asking for trouble?
> Perhaps. But I pay the vast majority of bills online, and don't
> expend any effort worrying about it. I do only the minimum:
> - keep my login credentials safely private
> - ensure the browser URL bar indicates the correct site, and that
> https/SSL/TLS/whatever it's called now is enabled
> - don't accept cookies by default, and make exceptions only 'per session'
*** Another policy is to change pass codes often.
More information about the nSLUG