Protect my private infomation form administrator

Printable View

Show 40 post(s) from this thread on one page

June 27th, 2007, 11:06 PM
jockey0109

Well, of course, I don't have a wife and I have no clue as to what to do about the relationships.

Anyway as far as the technical perspective is concerned, I would say something like this:

If you are sure that your system does not run a 'keylogger' at anytime, while surfing the sites, I would suggest you to start a HTTP secure conection. I used this trick to prevent my password / ID theft from a cyber cafe which I was sure ran a network traffic sniffer on the server to which other computers were connected. I knew that becuase I had the physical access to the server with a 'guest' account.

A question: can a 'secure SSL' connection be hacked by the network administrator?
June 28th, 2007, 01:08 AM
nihil

Quote:

I would suggest you to start a HTTP secure conection

I am afraid that won't work. The issue here is certainly one of physical security as banking details have been compromised and they are secure transmissions.

Quote:

A question: can a 'secure SSL' connection be hacked by the network administrator?

Yes, but if you have a strong password it would take a very long time. Not the sort of thing you would do if you could easily install a keylogger instead.
June 28th, 2007, 01:43 AM
jockey0109

OK I agree, the concern here is the physical security. However there are two ways in which a person could have a physical security breach (in this case):
1> Administrator has the physical access to the machine being used and hence has some babysitter installed on the target.

2> All connections leaking personal data were insecure. The connections may have included the email account access and things as such.

Quote:

The issue here is certainly one of physical security as banking details have been compromised and they are secure transmissions.

Well, if it is so, how would the info leak at the first place (if the transactions were secure).

Quote:

Yes, but if you have a strong password it would take a very long time. Not the sort of thing you would do if you could easily install a keylogger instead.

Well, I hope that most people who use a banking account know by some means that they must have a strong password. However I am not sure in this case too ... just a presumption.

@odigohi: How do you know that the administrator is going into your banking details and stuff like that? Are you sure, it is none except him?
June 28th, 2007, 02:16 AM
nihil

Well, there is one obvious solution that would explain both banking and e-mail being compromised.

That would be the installation of a keylogger on the target machine.

If you install a firewall and demote the network administrator's account that should prevent stuff getting loaded over the network. However there is still the issue of physical access, as they are sharing the same accommodation.

;)
June 28th, 2007, 02:20 AM
jockey0109

Hmmm.... I understand it now.

Well, you know Nihil, thats what I like AO for: Availability of Experience of the Experienced ones.
July 4th, 2007, 08:05 AM
okos

Having been married for 15 years trust is very important. I suggest you first communicate your frustrations. If you cannot communicate, you should not be in the relationship. Neither business or personal.
July 17th, 2007, 01:40 PM
adam jones

There is one method through which the pin numbers and the codes that is typed into the bank site should be erased off the computer. So that the administrator has no access to the bank accounts.
July 19th, 2007, 07:38 AM
nihil

Adam Jones, welcome to AO,

Quote:

There is one method through which the pin numbers and the codes that is typed into the bank site should be erased off the computer

That is an excellent idea, can you give us more details? I like the concept if you have to use a machine that others have access to, or for laptops that might get stolen.

For improved security on a static machine I tend to go for the removable hard drive caddy. These cost between $15 and $25 and usually have one or more small fans that prevent the build up of stale, hot air around the drive, so you get additional hardware (and hence, data) protection as a bonus.:)

I am afraid that neither provides protection against a keylogger that phones home.:(
July 19th, 2007, 08:15 AM
WolfeTone

Nothing a good software firewall on a client PC wouldn't solve eh nihil?

But I do like your idea of the removable hard drive - I've meant to do it numerous times but never quiet got around to it. That's this evenings project!
July 19th, 2007, 10:35 AM
nihil

Hush your bugle me bucum ;)

Totally correct on the software firewall, and this is an internal problem....

Problem is that there is no internal physical security?

Hey, I must try the removable drives in RAID1............ :D

Show 40 post(s) from this thread on one page