Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Tue 30 Sep 2014, 06:05
All times are UTC - 4
 Forum index » Off-Topic Area » Security
On-line banking: How safe is it?
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 2 [30 Posts]   Goto page: 1, 2 Next
Author Message
Flash
Official Dog Handler


Joined: 04 May 2005
Posts: 11079
Location: Arizona USA

PostPosted: Tue 29 Sep 2009, 15:47    Post subject:  On-line banking: How safe is it?  

http://blogs.techrepublic.com.com/security/?p=2409&tag=nl.e036
Quote:
Some are reporting that this is a failure of multi-factor authentication. I don’t see that. Having multi-factor authentication in place forced the cybercriminals to go to extraordinary lengths to gain account access. Therein lays the problem. Once again the bad guys have figured out a work-around. ...... I plan on using a LiveCD from now on when I am doing any kind on-line banking or retail transaction. That way, I know the operating system is not compromised. It’s going to be a pain, but I do not see any other recourse at this time.
Back to top
View user's profile Send private message 
sunburnt


Joined: 08 Jun 2005
Posts: 5032
Location: Arizona, U.S.A.

PostPosted: Tue 29 Sep 2009, 18:01    Post subject:  

Hi Flash; Or another possibility would be to have Puppy boot without the Save file.
No Save file is the same as booting from CD-DVD with no Save file ( almost ).

There should be a boot screen menu for boot options like this...

Last edited by sunburnt on Tue 29 Sep 2009, 18:01; edited 1 time in total
Back to top
View user's profile Send private message 
yarraman

Joined: 28 Sep 2009
Posts: 36
Location: Melbourne, Australia

PostPosted: Tue 29 Sep 2009, 18:01    Post subject: a concern
Subject description: rogues
 

My concern, as a pretty non-technical guy, is more pragmatic; what about dodgy employees who betray credit card numbers? This occurred a few years ago with CityLink accounts. I have never bought anything online and don't plan to.
Back to top
View user's profile Send private message 
01micko


Joined: 11 Oct 2008
Posts: 7805
Location: qld

PostPosted: Tue 29 Sep 2009, 18:05    Post subject:  

Puppy Linux ... a faster, safer way to do your online banking Cool
_________________
Woof Mailing List | keep the faith Cool |
Back to top
View user's profile Send private message Visit poster's website 
Flash
Official Dog Handler


Joined: 04 May 2005
Posts: 11079
Location: Arizona USA

PostPosted: Tue 29 Sep 2009, 23:54    Post subject: Re: a concern
Subject description: rogues
 

yarraman wrote:
My concern, as a pretty non-technical guy, is more pragmatic; what about dodgy employees who betray credit card numbers? This occurred a few years ago with CityLink accounts. I have never bought anything online and don't plan to.

Actually credit cards should be the safest way to pay online. By law, you're only out $50 if someone steals the number (unless credit card companies got the law changed and I haven't heard about it. Embarassed )
Back to top
View user's profile Send private message 
Sylvander

Joined: 15 Dec 2008
Posts: 3446
Location: West Lothian, Scotland, UK

PostPosted: Wed 30 Sep 2009, 02:48    Post subject:  

1. "what about dodgy employees who betray credit card numbers?"
The safest way I have to make payments is online using "Cahoot Webcard".
This is a program installed within Windows.
When at a website, paying with credit card...
I click on the Webcard icon in the System Tray...
The program securely contacts base and I give my username and password, and a one-transaction credit card is generated.
I can specify a limit to the amount that can be drawn on that card/transaction.
When it has been used that once, it cannot be used again [the details are useless, even if known].
To get the Cahoot Webcard I had to apply for, and get, a Cahoot credit card.
I wish this could be installed within Puppy.

2. I use "Acerose Password Vault" to [Safely and Securely] hold all my URL's, usernames, passwords, etc.
I must remember my username and looong password used to gain access to the vault.
Once in, all the info is available, so doesn't need to memorized.
Info can be copied and pasted, so passwords can be gobbledegook that's impossible to memorize.
Back to top
View user's profile Send private message 
mikeb


Joined: 23 Nov 2006
Posts: 8257

PostPosted: Mon 05 Oct 2009, 11:13    Post subject:  

Since the crime in the first post was carried out by a program installed and running via the web simply use linux, a mac or windows with Internet Explorer and associated activex properly removed behind a firewall or with the usually vunerable ports disabled.

You don't have to go online to be compromised.....book into an Ibis hotel, give them your card details and then find after your stay that every penny in your account is frozen by being tied to them for a week or two.

I use internet banking and pay online for stuff and and seems ok ....I don't have half a million quid to defraud after all Very Happy

mike
Back to top
View user's profile Send private message 
ttuuxxx


Joined: 05 May 2007
Posts: 10756
Location: Ontario Canada,Sydney Australia

PostPosted: Mon 05 Oct 2009, 13:31    Post subject: Re: On-line banking: How safe is it?  

Flash wrote:
http://blogs.techrepublic.com.com/security/?p=2409&tag=nl.e036
Quote:
Some are reporting that this is a failure of multi-factor authentication. I don’t see that. Having multi-factor authentication in place forced the cybercriminals to go to extraordinary lengths to gain account access. Therein lays the problem. Once again the bad guys have figured out a work-around. ...... I plan on using a LiveCD from now on when I am doing any kind on-line banking or retail transaction. That way, I know the operating system is not compromised. It’s going to be a pain, but I do not see any other recourse at this time.

that site you posted said "Make the user enter a reCAPTCHA for every transfer that leaves the bank."
well we all know that CAPTCHA's are a thing of the past and have been comprised by well paid hackers linked to China and Russia mofia. I even posted a link in the spam section to the company actually selling the spam software that can actually read all known forms of CAPTCHA's, That site and its owners should of been removed from the www, and sent to prison for promoting/distributing it. Too bad they delete the link from the spam section, would of been handy to hand into the fbi, or some other agency.
ttuuxxx

_________________
http://audio.online-convert.com/ <-- excellent site
http://samples.mplayerhq.hu/A-codecs/ <-- Codec Test Files
http://html5games.com/ <-- excellent HTML5 games Smile
Back to top
View user's profile Send private message Visit poster's website 
Aitch


Joined: 04 Apr 2007
Posts: 6825
Location: Chatham, Kent, UK

PostPosted: Mon 05 Oct 2009, 14:16    Post subject:  

Don't worry ttuuxxx

The FBI are well aware of that old news...

Michael Kassner is a well respected security researcher, and here's another piece which should be equally alarming - Personally Identifiable Information

It may not cost you financially, but to me this privacy is worth far more than mere money...

http://blogs.techrepublic.com.com/security/?p=2350

Aitch Smile
Back to top
View user's profile Send private message 
rarsa


Joined: 29 May 2005
Posts: 3053
Location: Kitchener, Ontario, Canada

PostPosted: Mon 05 Oct 2009, 14:29    Post subject:  

There are risks with any transaction.

There is no single answer for every concern.

The important thing to consider is the personal tolerance to risk.

e.g. I prefer to carry plastic than cash in my pockets. If I loose the wallet I can put a stop payment on the cards but not on the cash.

As for on-line transactions I have my PayPal account associated with a credit card with a very low credit limit and with a bank account that always has a 0 balance.

When I buy something I make the transfer for the exact amount and then submit the payment.

I accept the risk that someone may get my credit card or misuse my bank account number, but I know they won't bankrupt me.

For me the convenience of some on-line transactions overrides the risk. But my risk tolerance would not allow me to buy/sell a car on eBay.

_________________
http://rarsa.blogspot.com Covering my eclectic thoughts
http://www.kwlug.org/blog/48 Covering my Linux How-to
Back to top
View user's profile Send private message Visit poster's website 
ttuuxxx


Joined: 05 May 2007
Posts: 10756
Location: Ontario Canada,Sydney Australia

PostPosted: Mon 05 Oct 2009, 14:37    Post subject:  

Yes I keep my money in another different bank completely, one I don't have access online, The one I use online I just keep a small amount in it, and only use it with my paypal account that isn't connected to a credit card, its connected to my low bank account, so transfers take 2-3 days, oh well, lol the most they could ever take me is a couple of hundred.
ttuuxxx

_________________
http://audio.online-convert.com/ <-- excellent site
http://samples.mplayerhq.hu/A-codecs/ <-- Codec Test Files
http://html5games.com/ <-- excellent HTML5 games Smile
Back to top
View user's profile Send private message Visit poster's website 
KittyCat


Joined: 29 Sep 2009
Posts: 67
Location: On a blanket in the sun

PostPosted: Mon 05 Oct 2009, 14:42    Post subject:  

mikeb wrote:
I use internet banking and pay online for stuff and and seems ok ....I don't have half a million quid to defraud after all Very Happy


I have been doing online banking on my XP computer for years without my accounts or my identity being compromised, and what you just said is probably one of the biggest reasons: My accounts would not yield a large enough pay-out to be worth it.

Now, if I had no security software at all on my system, and if I was using Internet Explorer with all security features disabled it would probably be different, because that would make me a far easier target.

As rarsa pointed out, there are risks associated with any transaction, and it's up to each and everyone of us to decide where our own personal risk tolerance lies and how much inconvenience we are willing to put up with to feel safe.

_________________
Not a dog person. Razz
Back to top
View user's profile Send private message 
mikeb


Joined: 23 Nov 2006
Posts: 8257

PostPosted: Mon 05 Oct 2009, 16:36    Post subject:  

Quote:
its connected to my low bank account

I only have one of those so even safer Very Happy

KittyCat...Internet explorer is running the whole time windows is running..that's why removing it properly is the only safe option...simply using another browser is not enough. The plus side is that in doing so you can remove all that anti spyware crap too and end up with a machine that runs 3 time faster. This information has been around for around 10 years now but continues to be ignored/supressed.

Journalists feed of people's paranoia...remember that.
Yer average social worker is much more likely to screw yer life up ...money is just something that someone made up one day Very Happy

mike
Back to top
View user's profile Send private message 
KittyCat


Joined: 29 Sep 2009
Posts: 67
Location: On a blanket in the sun

PostPosted: Mon 05 Oct 2009, 17:01    Post subject:  

mikeb wrote:
KittyCat...Internet explorer is running the whole time windows is running..that's why removing it properly is the only safe option...simply using another browser is not enough. The plus side is that in doing so you can remove all that anti spyware crap too and end up with a machine that runs 3 time faster. This information has been around for around 10 years now but continues to be ignored/supressed.


But that would require actual work... Razz

Not to mention, I occasionally actually need IE. Smile

_________________
Not a dog person. Razz
Back to top
View user's profile Send private message 
mikeb


Joined: 23 Nov 2006
Posts: 8257

PostPosted: Mon 05 Oct 2009, 17:20    Post subject:  

Quote:
But that would require actual work... Razz

Not to mention, I occasionally actually need IE. Smile

Well that 'need' is not a good one..protest to the site in question.
It really is the main reason viruses etc have been so prevelent on the web since it's inclusion...it is entangled into the operating system in a fundamentally unsafe way...clue...adobe use the same mechanism as many malware sites do to install flash for example.
Removing it can actually require less work than setting up puppy .

I only brought up the subject as it would be a shame if your machine got messed up via IE...anyway end of topic straying Very Happy

regards

mike
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 2 [30 Posts]   Goto page: 1, 2 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0942s ][ Queries: 11 (0.0039s) ][ GZIP on ]