nanog mailing list archives

Re: User negligence?

From: Kandra Nygårds <kandra () foxette net>
Date: Sun, 27 Jul 2003 10:03:11 +0200


From: "Sean Donelan" <sean () donelan com>

Unfortunately there are a lot, and growing number, of self-infected PCs
on the net.  As the banks point out, this is not a breach of the bank's
security. Nor is it a breach of the ISP's security.  The user infects
his PC with a trojan and then the criminal uses the PC to transfer money
from the user's account, with the user's own password.


Banks use passwords for authentication? That's what scares me.

Personally, I find it terrifying that banks allow such weak authentication
as a password for financial transactions. To the best of my knowledge, all
banks around here use a smartcard based system. It might be a bit more
inconvenient, but the added security makes it well worth it, in my opinion.

It may not be a breach of the bank's security as such, but the measures they
take in order to protect their customers' money is in my opinion so low
that, IMHO, they are the ones guilty of negligence.



-Kandra

Current thread:

Re: Its not just Spam and DDOS anymore (was Re: OT: Re: User negligence?), (continued)
- - - Re: Its not just Spam and DDOS anymore (was Re: OT: Re: User negligence?) Rob Thomas (Jul 27)
    - Re: Its not just Spam and DDOS anymore (was Re: OT: Re: User negligence?) Vinny Abello (Jul 27)
    - Re: Its not just Spam and DDOS anymore (was Re: OT: Re: User negligence?) Vinny Abello (Jul 27)
    - Re: Its not just Spam and DDOS anymore (was Re: OT: Re: User Paul Vixie (Jul 27)
    - Re: Its not just Spam and DDOS anymore (was Re: OT: Re: User Patrick (Jul 27)
    - Re: Its not just Spam and DDOS anymore (was Re: OT: Re: User Paul Vixie (Jul 27)
    - Re: Its not just Spam and DDOS anymore (was Re: OT: Re: User Patrick (Jul 27)
    - RE: OT: Re: User negligence? David Schwartz (Jul 27)
    - Re: OT: Re: User negligence? Simon Lockhart (Jul 27)
- Re: User negligence? Barney Wolff (Jul 27)
- Re: User negligence? Kandra Nygårds (Jul 27)
  - Re: User negligence? Sean Donelan (Jul 27)
    - Re: User negligence? Kandra Nygårds (Jul 27)
  - Re: User negligence? Owen DeLong (Jul 27)
    - Re: User negligence? James H. Cloos Jr. (Jul 27)
  - Re: User negligence? JC Dill (Jul 27)
    - Re: User negligence? David Lesher (Jul 27)
    - Re: User negligence? JC Dill (Jul 27)
    - Re: User negligence? Christopher L. Morrow (Jul 27)
    - Re: User negligence? Stephen Sprunk (Jul 27)
    - Re: User negligence? ken emery (Jul 27)

(Thread continues...)