 sj |
||
|
||
BS: How Paranoid Are We
|
|
|
|||||||
|
BS: How Paranoid Are We |
Share Thread
|
||||||
|
Subject: BS: How Paranoid Are We From: JohnInKansas Date: 12 Jan 06 - 01:48 AM Do you feel like your online banking transactions are secure? The (US) Federal Bank boys and girls don't. They really do appear to be serious about this. [Quote] Feds Look to Tighten Online Banking Rules By Larry Loeb October 24, 2005 Opinion: The Federal Financial Institutions Examination Council has issued a report stating that a username and password alone aren't secure enough. [End Quote] The title is pretty much self-explanatory. Basically they're saying that a username and a password are not sufficiently secure. One proposal is that after you give your username and password, the bank must call you on your cell phone (they assume everyone has one and will have given its number to their bank) so that you can verify that you are the person who just logged on. Then they may process your transaction. (Does this sound like the Fed needs to know where you are in case it looks like you're making a money-laundering transaction??????? Or am I just paranoid.) Reportedly several alternate schemes of "multi-source indentity verification" have been proposed, with no specific recommendation thus far, but the reporter above seems to believe that something(s) new are on the near horizon. Anyone care to speculate on what the other methods might be? Couriers on bicycles to confirm that they saw you do your logon? I don't have any argument with better banking security; but coming along on the heels of - or in the midst of - so much recent "close surveillance in the name of security" I smell secret purposes. Tell me I'm just reacting to the shrimp eggroll I had for supper... Please. John |
|
Subject: RE: BS: How Paranoid Are We From: Joe Offer Date: 12 Jan 06 - 02:05 AM Well, that idea doesn't sound very good, but I have to say I'm impressed by the "picture key" that Bank of America displays when I log in. I log in with user name and password, and then BofA displays a picture I've previously chosen. If it's the right picture, I enter my password again and get in. I get a lot of credible-looking "phish" e-mails that purport to be from banks and other businesses that want my credit card number. If somebody claims to be from Bank of America and doesn't display my chosen picture key, I won't go in. -Joe Offer- |
|
Subject: RE: BS: How Paranoid Are We From: GUEST Date: 12 Jan 06 - 03:19 AM My bank wants a username and an 8-digit alpha-numeric PIN, but I've never felt particularly safe with that. I've sometimes wondered if there would be a way of hacking a program onto my computer to collect such numbers. Joe's bank's system is a help with phishers, but John's worry seems reasonable, not in my case because my location is private,(it isn't) but because if that is the best they can come up with, perhaps we should give up eBanking. How on earth would the bank phone you after hours, which is when I do my eBanking? Is there a possibility that they will have 24/7 service, even just phones? Naah. I'm not married to the idea of instant banking, so a phone-call before the actual transaction is processed (next business day) seems ok to me. But the tightwads would charge extra for it, and it would be to save THEM money. |
|
Subject: RE: BS: How Paranoid Are We From: gnu Date: 12 Jan 06 - 04:22 AM I have a credit card that has a theft guarantee at no charge, personal cheques and cash. That's it. No ATM card. No Debit Card. No online banking. No PIN. No worries. |
|
Subject: RE: BS: How Paranoid Are We From: The Fooles Troupe Date: 12 Jan 06 - 04:51 AM You're definitely paranoid, John, but are you paranoid enough? |
|
Subject: RE: BS: How Paranoid Are We From: JohnInKansas Date: 12 Jan 06 - 05:14 AM The brief article didn't say they had to talk to you on your cell phone - only that they had to call and get a response from you. I'd suspect that an automated system could ring the phone and a recorded message could tell you to enter your "other password," or give you a random number to punch in just to prove you were a real person. Since all newer US cell phones now have GPS features that the "emergency response" people can read, they will be able to tell where you are, so call-forwarding the callback to Afghanistan might not work. gnu - I'll go one step further on your simplicity. The only credit card I (very rarely) use gets paid automatically by the bank, since I've had one card that sent their statements so late that I couldn't pay on time and then tried to jack my rate up based on my "late payments." With the new bankruptcy laws, you can't default on credit card debts, and they can raise your rate at will just by being inefficient. I've seen increasing "late fees" and decreasing time to pay even on utility bills over the past year. When you get the bill 23 days after the close of the billing cycle, and the payment's due 10 days before the close of the next cycle it's a very small window to get the payments in on time. (Actual numbers from my most recent gas bill.) The consumer, and Joe & Jill Citizen are not the ones whose convenience and safety are at the root of proposals like the ones in the report. (I think.) But I'm sure they have a way to claim it's for our protection. John |
|
Subject: RE: BS: How Paranoid Are We From: Splott Man Date: 12 Jan 06 - 05:31 AM I find that writing my name in my own inimitable way is pretty secure. It was for 40 years of using a bank. During 1 year of chip & pin I've had 3 fraudulent uses of my credit card. |
|
Subject: RE: BS: How Paranoid Are We From: Amos Date: 12 Jan 06 - 07:54 AM John, I think your concern is not merely paranoid; I think it's a reasonable speculation. But given that many people do not have cell phones they will have to have an alternate scheme. I sometimes miss the days when all bankers were personal and your life was done face-to-face.... A |
|
Subject: RE: BS: How Paranoid Are We From: Rapparee Date: 12 Jan 06 - 09:06 AM I don't pay bills online. I write checks. I think that it's more secure. Moreover, I'd rather pay for a 39 cent stamp than pay a 50 cent fee (or higher!) for paying online. Maybe I know too damned much. Maybe I'd like the money I worked for to remain "mine" for a couple more days. Of course, if I can I also pay cash and don't even write a check. No paper trail for the MIBs to follow.... |
|
Subject: RE: BS: How Paranoid Are We From: Liz the Squeak Date: 12 Jan 06 - 09:20 AM John in Kansas - I can sympathise! I would pay my credit card by cheque, the money was taken from my account but credited to someone else's credit card account because the BANK made a mistake when entering the account number. I proved to them that the money was being taken from my account but it wasn't being paid to the credit card. They eventually paid up some, but it cost me a couple of hundred in late fees over the year. Whilst double checking my statements, I found that they sent me at least 3 bills the day AFTER they were due.... I don't have a credit card now, and never intend to again. I don't have storecards for the same reason. I do have internet access to my bank details but I never use it because it can't do the things I want it to, like set up a direct debit. My father always said that if you can't pay cash on the nail for it, you can't afford it. Sometimes I think he had the right idea. We may have been poor growing up, but we were never in debt. LTS |
|
Subject: RE: BS: How Paranoid Are We From: GUEST,DB Date: 12 Jan 06 - 09:21 AM In the UK the 'licenced bandits', who used to be banks, are closing high street branches like there is no tomorrow. In the process they causing hardship to local communities, making people redundant and making even bigger profits. I'm sure that they would love everyone to bank online - they can get stuffed!!! |
|
Subject: RE: BS: How Paranoid Are We From: number 6 Date: 12 Jan 06 - 09:37 AM "Must be because I had the flu for Christmas And I'm not feeling up to par It increases my paranoia Like looking into a mirror and seeing a police car" ... David Crosby Think I'll go out and get a haircut today! sIx |
|
Subject: RE: BS: How Paranoid Are We From: mack/misophist Date: 12 Jan 06 - 10:19 PM 1. There are advantages to using a small local bank where you are known. 2 Yes, Guest, there are programs called keystroke loggers that can record everything you type and foreward it to another machine. They are often included in trojans. Bosses may use them also. BTW, there are also hardware keystroke loggers that can plug into the back of your machine. 3. I believe - personal opinion only - that it's OK to make small purchases on line, cd's and such. The thing to avoid is venders to record your card number and put it in a data bank. That's one of the reasons I won't use PayPal. I pay my ISP with a credit card. but only after I got a wrtiien guarantee that it's not recorded. 4. If your local district attorney's consumer affairs office is any good at all, they can and will do something about merchants who send their bills too late to be paid on time. |
|
Subject: RE: BS: How Paranoid Are We From: Gurney Date: 13 Jan 06 - 12:26 AM I was the Guest 3rd down, in by the back door. Mack, specifically I was wondering if a keystroke logger could record passwords, customer numbers etc., even recognise them as such. I know little about software, as JohniK knows from correspondence, but it seems to me that every time I type a password, it goes in a box. All the worm would have to do was record everything that goes in a box, count the digits, and go on from there. Paranoia? My boy, such paranoia you never saw....! See the news? Symantec was also putting root-kit trojens in their stuff, as well as were some parental-control programs. Worrying. |
|
Subject: RE: BS: How Paranoid Are We From: gnu Date: 13 Jan 06 - 05:23 AM sIx... I went for a haircut yesterday. Even got my beard and stache trimmed. Will I be okay? |
|
Subject: RE: BS: How Paranoid Are We From: The Fooles Troupe Date: 13 Jan 06 - 06:28 AM I just shaved my head again today due to the heat. |
|
Subject: RE: BS: How Paranoid Are We From: number 6 Date: 13 Jan 06 - 09:44 AM I hope your gonna be ok gnu. One never knows where they are. sIx |
|
Subject: RE: BS: How Paranoid Are We From: mack/misophist Date: 13 Jan 06 - 09:49 AM Gurney: Having neither used nor seen the output of a keystroke logger, I can't say for certain. Articles, however, say that the software sits between the keyboard and the network card and records every keystroke made. Reconstructing passwords by looking at the page being displayed should be a snap. The answer is to scan your machine regularly and, if outsiders have access, check for unknown dongles. Also, never make payments or give out personal information by going through a link in an e-mail; enter the url (one already known and trusted) yourself, by hand. |
|
Subject: RE: BS: How Paranoid Are We From: number 6 Date: 13 Jan 06 - 09:52 AM "The thing to avoid is venders to record your card number and put it in a data bank. That's one of the reasons I won't use PayPal. I pay my ISP with a credit card. but only after I got a wrtiien guarantee that it's not recorded." Everything you purchase with your credit card (on-line, or off-line) is stored on a databank, including your cc number ... it's been that way for years, even before 'on-line' ever existed. sIx |
|
Subject: RE: BS: How Paranoid Are We From: GUEST,TIA Date: 13 Jan 06 - 10:17 AM I am NOT paranoid. They all just say that about me. |
|
Subject: RE: BS: How Paranoid Are We From: Donuel Date: 13 Jan 06 - 10:49 AM It was a long time ago, but I saw a bug being put in my phone, my home broken into and documents stolen (from a very secret location) , I was assaulted, the IRS weighed into the fracas, even the FBI showed up several times to do their part. Was I that that subversive? no There was just a lot of cold war hysteria over scientific secrets. Also I refused to join a certain organization as well as telling telling Naval Intelligence I had no knowledge of certain people of ability when in fact I did. I think paranoia is reserved for people who are not sure of harrassment. I'm sure. |
