|
-
November 3rd, 2005, 10:43 AM
#11
Get some good religion from Bad Religion.
-
November 3rd, 2005, 03:53 PM
#12
Galdron: Bigger the bank dose not mean the better the security. I worked for CHASE, or to use its full name JP Morgan, Chase, Bank one. The number 2 bank in the nation (only city bank is larger), the security there was crap. Same is true for Bank of America. After working there for a while most of us refused the employee acounts a seriously considered going to an under the matress type of system. Talking ot the guys that where there premerger bank one had good security, chase just dosn't seem to think security is an issue.
Who is more trustworthy then all of the gurus or Buddha’s?
-
November 3rd, 2005, 04:52 PM
#13
Hi,
This has been an interesting read. Frankly i have always been extremely pleased with HSBCs security. They send you a 12 digit ID to use and you provide them with a 6-10 digit password. When you log on you provide the full ID but it only asks for 3 of the 6-10 digits in your pass number. Lastly (and i'm not too sure on the point of this one) they ask you to put in your date of birth.
Additionally after reading this i went to have a read up on there site about security, and it seems that Internet Security is actually getting some really serious thought over here in the uk. HSBC aswell as a number of other companies are attempting to educate the general public in Internet Security.
HSBCs Security Page:
http://www.hsbc.co.uk/1/2/security-sc
Get Safe Online Page:
http://********safeonline.org/
Shock, horror, the average user might actually learn some basic security tips...
Matt
-
February 9th, 2006, 11:44 PM
#14
Junior Member
Originally posted here by TheNovice
The CAM bank in Spain uses a numeric "keyboard" to type you password. You have to use the mouse and not your PC keyboard to select the numbers . The numeric keyboard on the screen is never the same.
JC
I don't believe this will protect against man-in-the middle attacks will it?
-
February 10th, 2006, 01:14 AM
#15
Best Laugh All Week
Originally posted here by bballad ... After working there for a while most of us refused the employee acounts a seriously considered going to an under the matress type of system... [/B]
This was a classic, best laugh I've had all week. It might be a bit old post but then I've been gone for awhile and just getting around to checking my rounds.
The funny part is, Chase (et all) has gone to the expense to partner with Comodo for their neat green Verification Engine border (very good product, btw, imho) to verify visitors are on their own website instead of some hijacked spoofed copy... and then they apparently don't take care of client security business internally...
An under the mattress system sounds OK to me ! ROFLMAO, every time I read that 
-
February 10th, 2006, 01:43 AM
#16
Am I the only person who checks my statements. In the uk, if their is an entry on my statement that is not mine, then the bank will cover it, and look into it, it is no more unsafe than it is to quote your credit card number over the phone, or paying for your petrol at a petrol station for that matter. Is that not the case in the US?
Online banking is just a more convenient way for banks to take your money off you.
The unfrustable tronnyJond
Sarcasm is a way of life 
-
February 10th, 2006, 01:59 AM
#17
Member
It is really the same in the States. I have online-banking but I check my statements too. There are just too many ways for someone to get a hold of personal information to not check it.
The only limit a person has, is the limit they give themselves.
Cogito ergo sum. - Descartes
-
February 10th, 2006, 12:55 PM
#18
A couple of factors at work here:
1) Security boils down to "cost" for most outfits. Banks aren't going to experience much of a rate of return on investing in a more secure system.
2) Big companies like dumbed-down admins. They are reticent to hire anyone who sees past the "Hear no evil, see no evil, speak no evil" ethos of most corporate environments.
A couple of stories come to mind. The first, I got called into a mortgage brokerage when the owner was getting 3000 emails every 45 minutes. The guy had 10 computers in the office, I shook down everything for viruses and only turned up viruses in his PC in compressed, unopened email files. I was positive those were not active on his computer. But RAV's online scan gave me an odd result: "HideWindowsTool". Told the guy his workstation was hacked and he needed to pull it off the network. He didn't believe it and kept insisting it was a virus. I came by the next day with HijackThis and ran it. When he saw me running HijackThis and I explained what I was doing, he threw me out of his office, thinking I was pulling some shenanigans. Tail between my legs, I left with the HJT logfile and a determination to get to the bottom of things. The next day, I was able, with the help of some online forums, to determine his computer was being used to stage DoS attacks via email. He was interested in catching whoever it was and I explained that was a lot of work and we'd find out our rogue was well out of local jurisdiction. Bottom line, the 4th day after my first call onsite, this guy finally had me back to clean out our rogue DoS guest. This guy could care less about security or the safekeeping of his clients' data. The only reason he had me back to clean things up is because one of his clients, an FBI agent, insisted his system get cleaned up before he, the FBI agent, closed on the mortgage.
This fall I was onsite at a big chemical company working a Dell contract. We were doing FNR's (flatten and reloads) for a few days there and I got to know the site admin, who was responsible for a number of offices. At one point he expressed concern the old GX150's would be too slow w/ SP2. I mentioned running "msconfig" and he didn't even know what it was! Then we wasted half a day on two or three proprietary apps he had no clue how they were backed up. I finally had to call the software vendors myself and figure out the backups. This guy was a boob.
It's a new paragigm...
“Everybody is ignorant, only on different subjects.” — Will Rogers
-
February 10th, 2006, 12:57 PM
#19
Oops..."paradigm"...he-heh.
“Everybody is ignorant, only on different subjects.” — Will Rogers
-
February 10th, 2006, 07:24 PM
#20
Banks within the US have been ordered to provide a security risk assessment and go to 2 part authentication if risk (customer base size versus potential loss through monetary transactions) warrants it. And by the end of 2006.
Also banks using a SSN for authentication are being tasked to change the practice.
1) Security boils down to "cost" for most outfits. Banks aren't going to experience much of a rate of return on investing in a more secure system.
That's not entirely true anymore with government regulations and inspections.
West of House
You are standing in an open field west of a white house, with a boarded front door.
There is a small mailbox here.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
