how to safely do banking on line

Discussion in 'NZ Computing' started by Peter, Oct 22, 2009.

  1. Peter

    Peter Guest

    Avoid Windows Malware: Bank on a Live CD

    "The simplest, most cost-effective answer I know of? Don't use Microsoft
    Windows when accessing your bank account online.
    I do not offer this recommendation lightly ... but I have interviewed dozens
    of victim companies that lost anywhere from $10,000 to $500,000 dollars
    because of a single malware infection. I have heard stories worthy of a
    screenplay about the myriad ways cyber crooks are evading nearly every
    security obstacle the banks put in their way.
    But regardless of the methods used by the bank or the crooks, all of the
    attacks shared a single, undeniable common denominator: They succeeded
    because the bad guys were able to plant malicious software that gave them
    complete control over the victim's Windows computer."
    http://voices.washingtonpost.com/securityfix/2009/10/avoid_windows_malware_bank_on.html
     
    Peter, Oct 22, 2009
    #1
    1. Advertising

  2. Peter

    Mary Hanna Guest

    On Thu, 22 Oct 2009 20:18:29 +1300, Peter <> wrote:

    >
    >Avoid Windows Malware: Bank on a Live CD
    >
    >"The simplest, most cost-effective answer I know of? Don't use Microsoft
    >Windows when accessing your bank account online.
    >I do not offer this recommendation lightly ... but I have interviewed dozens
    >of victim companies that lost anywhere from $10,000 to $500,000 dollars
    >because of a single malware infection. I have heard stories worthy of a
    >screenplay about the myriad ways cyber crooks are evading nearly every
    >security obstacle the banks put in their way.
    >But regardless of the methods used by the bank or the crooks, all of the
    >attacks shared a single, undeniable common denominator: They succeeded
    >because the bad guys were able to plant malicious software that gave them
    >complete control over the victim's Windows computer."
    >http://voices.washingtonpost.com/securityfix/2009/10/avoid_windows_malware_bank_on.html
    >
    >
    >



    What a load of utter crap use a Bank that has decent online security like the
    Kiwi Bank and the BNZ and National Bank.

    Plus there is No OS that can't be hacked.
     
    Mary Hanna, Oct 22, 2009
    #2
    1. Advertising

  3. Peter

    EMB Guest

    Mary Hanna wrote:
    > On Thu, 22 Oct 2009 20:18:29 +1300, Peter <> wrote:
    >
    >> Avoid Windows Malware: Bank on a Live CD
    >>
    >> "The simplest, most cost-effective answer I know of? Don't use Microsoft
    >> Windows when accessing your bank account online.
    >> I do not offer this recommendation lightly ... but I have interviewed dozens
    >> of victim companies that lost anywhere from $10,000 to $500,000 dollars
    >> because of a single malware infection. I have heard stories worthy of a
    >> screenplay about the myriad ways cyber crooks are evading nearly every
    >> security obstacle the banks put in their way.
    >> But regardless of the methods used by the bank or the crooks, all of the
    >> attacks shared a single, undeniable common denominator: They succeeded
    >> because the bad guys were able to plant malicious software that gave them
    >> complete control over the victim's Windows computer."
    >> http://voices.washingtonpost.com/securityfix/2009/10/avoid_windows_malware_bank_on.html
    >>
    >>
    >>

    >
    >
    > What a load of utter crap use a Bank that has decent online security like the
    > Kiwi Bank and the BNZ and National Bank.


    BNZ and National. Decent online security. Pull the other one Woger, it
    plays jingle bells. Neither get close to ASB or HSBC for online security.
    >
    > Plus there is No OS that can't be hacked.
    >

    OK - how do you hack a linux live cd?
     
    EMB, Oct 22, 2009
    #3
  4. Peter

    ~misfit~ Guest

    Somewhere on teh intarwebs EMB wrote:
    > Mary Hanna wrote:
    >> On Thu, 22 Oct 2009 20:18:29 +1300, Peter <>
    >> wrote:
    >>> Avoid Windows Malware: Bank on a Live CD
    >>>
    >>> "The simplest, most cost-effective answer I know of? Don't use
    >>> Microsoft Windows when accessing your bank account online.
    >>> I do not offer this recommendation lightly ... but I have
    >>> interviewed dozens of victim companies that lost anywhere from
    >>> $10,000 to $500,000 dollars because of a single malware infection.
    >>> I have heard stories worthy of a screenplay about the myriad ways
    >>> cyber crooks are evading nearly every security obstacle the banks
    >>> put in their way. But regardless of the methods used by the bank or the
    >>> crooks, all
    >>> of the attacks shared a single, undeniable common denominator: They
    >>> succeeded because the bad guys were able to plant malicious
    >>> software that gave them complete control over the victim's Windows
    >>> computer."
    >>> http://voices.washingtonpost.com/securityfix/2009/10/avoid_windows_malware_bank_on.html

    >>
    >> What a load of utter crap use a Bank that has decent online security
    >> like the Kiwi Bank and the BNZ and National Bank.

    >
    > BNZ and National. Decent online security. Pull the other one Woger,
    > it plays jingle bells. Neither get close to ASB or HSBC for online
    > security.
    >>
    >> Plus there is No OS that can't be hacked.
    >>

    > OK - how do you hack a linux live cd?


    With a hack-saw?

    Ok, enough Shiraz... Two whole glasses! I'm a cheap xxxxxx these days. No
    tolerance. I'd best have a third glass, make it half the bottle. Gotta
    maintain *some* tolerance.

    Cheers, <hic>
    --
    Shaun.

    "Give a man a fire and he's warm for the day. But set fire to him and he's
    warm for the rest of his life." Terry Pratchet, 'Jingo'.
     
    ~misfit~, Oct 22, 2009
    #4
  5. On Thu, 22 Oct 2009 22:17:01 +1300, EMB <> wrote:

    >Mary Hanna wrote:
    >> On Thu, 22 Oct 2009 20:18:29 +1300, Peter <> wrote:
    >>
    >>> Avoid Windows Malware: Bank on a Live CD
    >>>
    >>> "The simplest, most cost-effective answer I know of? Don't use Microsoft
    >>> Windows when accessing your bank account online.
    >>> I do not offer this recommendation lightly ... but I have interviewed dozens
    >>> of victim companies that lost anywhere from $10,000 to $500,000 dollars
    >>> because of a single malware infection. I have heard stories worthy of a
    >>> screenplay about the myriad ways cyber crooks are evading nearly every
    >>> security obstacle the banks put in their way.
    >>> But regardless of the methods used by the bank or the crooks, all of the
    >>> attacks shared a single, undeniable common denominator: They succeeded
    >>> because the bad guys were able to plant malicious software that gave them
    >>> complete control over the victim's Windows computer."
    >>> http://voices.washingtonpost.com/securityfix/2009/10/avoid_windows_malware_bank_on.html
    >>>
    >>>
    >>>

    >>
    >>
    >> What a load of utter crap use a Bank that has decent online security like the
    >> Kiwi Bank and the BNZ and National Bank.

    >
    >BNZ and National. Decent online security. Pull the other one Woger, it
    >plays jingle bells. Neither get close to ASB or HSBC for online security.
    >>
    >> Plus there is No OS that can't be hacked.
    >>

    >OK - how do you hack a linux live cd?


    By tricking people into downloading an already hacked version.

    PS I do my banking from my old OS/2 box - there is no malware for that
    either.
     
    Stephen Worthington, Oct 22, 2009
    #5
  6. Peter

    ~misfit~ Guest

    Somewhere on teh intarwebs geoff wrote:
    > Stephen Worthington wrote:
    >> By tricking people into downloading an already hacked version.
    >>
    >> PS I do my banking from my old OS/2 box - there is no malware for
    >> that either.

    >
    > On the other hand, I've been doing mine on a winders box for a decade
    > and have never had a problem. Apart from the balance.


    LOL, ditto.
    --
    Shaun.

    "Give a man a fire and he's warm for the day. But set fire to him and he's
    warm for the rest of his life." Terry Pratchet, 'Jingo'.
     
    ~misfit~, Oct 22, 2009
    #6
  7. Peter

    Sailor Sam Guest

    Roger_Nickel wrote:
    > On Thu, 22 Oct 2009 22:17:01 +1300, EMB wrote:
    >
    >> Mary Hanna wrote:
    >>> On Thu, 22 Oct 2009 20:18:29 +1300, Peter <>
    >>> wrote:
    >>>
    >>>> Avoid Windows Malware: Bank on a Live CD
    >>>>
    >>>> "The simplest, most cost-effective answer I know of? Don't use
    >>>> Microsoft Windows when accessing your bank account online. I do not
    >>>> offer this recommendation lightly ... but I have interviewed dozens of
    >>>> victim companies that lost anywhere from $10,000 to $500,000 dollars
    >>>> because of a single malware infection. I have heard stories worthy of
    >>>> a screenplay about the myriad ways cyber crooks are evading nearly
    >>>> every security obstacle the banks put in their way. But regardless of
    >>>> the methods used by the bank or the crooks, all of the attacks shared
    >>>> a single, undeniable common denominator: They succeeded because the
    >>>> bad guys were able to plant malicious software that gave them complete
    >>>> control over the victim's Windows computer."
    >>>> http://voices.washingtonpost.com/securityfix/2009/10/

    > avoid_windows_malware_bank_on.html
    >>>>
    >>>>
    >>>>
    >>> What a load of utter crap use a Bank that has decent online security
    >>> like the Kiwi Bank and the BNZ and National Bank.

    >> BNZ and National. Decent online security. Pull the other one Woger, it
    >> plays jingle bells. Neither get close to ASB or HSBC for online
    >> security.
    >>> Plus there is No OS that can't be hacked.
    >>>

    >> OK - how do you hack a linux live cd?

    >
    > If the banks were serious about security then they would offer their
    > customers a live CD and use one-time passwords- either from a key fob or
    > from a scratch ticket like that used for lotteries. I'm waiting for one
    > of their commercial clients to get stung and sue.


    If there is a flaw in the image that is stored on the CD, such as
    predictable random number generators, then there is a vector available
    to the miscreant who may wish to exploit it. Recall, once the OS has
    been loaded into RAM it becomes malleable again.
     
    Sailor Sam, Oct 23, 2009
    #7
  8. Peter

    Roger_Nickel Guest

    On Thu, 22 Oct 2009 22:17:01 +1300, EMB wrote:

    > Mary Hanna wrote:
    >> On Thu, 22 Oct 2009 20:18:29 +1300, Peter <>
    >> wrote:
    >>
    >>> Avoid Windows Malware: Bank on a Live CD
    >>>
    >>> "The simplest, most cost-effective answer I know of? Don't use
    >>> Microsoft Windows when accessing your bank account online. I do not
    >>> offer this recommendation lightly ... but I have interviewed dozens of
    >>> victim companies that lost anywhere from $10,000 to $500,000 dollars
    >>> because of a single malware infection. I have heard stories worthy of
    >>> a screenplay about the myriad ways cyber crooks are evading nearly
    >>> every security obstacle the banks put in their way. But regardless of
    >>> the methods used by the bank or the crooks, all of the attacks shared
    >>> a single, undeniable common denominator: They succeeded because the
    >>> bad guys were able to plant malicious software that gave them complete
    >>> control over the victim's Windows computer."
    >>> http://voices.washingtonpost.com/securityfix/2009/10/

    avoid_windows_malware_bank_on.html
    >>>
    >>>
    >>>
    >>>

    >>
    >> What a load of utter crap use a Bank that has decent online security
    >> like the Kiwi Bank and the BNZ and National Bank.

    >
    > BNZ and National. Decent online security. Pull the other one Woger, it
    > plays jingle bells. Neither get close to ASB or HSBC for online
    > security.
    >>
    >> Plus there is No OS that can't be hacked.
    >>

    > OK - how do you hack a linux live cd?


    If the banks were serious about security then they would offer their
    customers a live CD and use one-time passwords- either from a key fob or
    from a scratch ticket like that used for lotteries. I'm waiting for one
    of their commercial clients to get stung and sue.
     
    Roger_Nickel, Oct 23, 2009
    #8
  9. Peter

    EMB Guest

    Roger_Nickel wrote:

    > If the banks were serious about security then they would offer their
    > customers a live CD and use one-time passwords- either from a key fob or
    > from a scratch ticket like that used for lotteries. I'm waiting for one
    > of their commercial clients to get stung and sue.


    You mean something like ASB's Netcode Token approach that's been in use
    for the last 5 years or so? At its simpler level you need the code it
    produces to authorise payments, and at the enhanced level you need the
    code in order to log on.

    http://www.asb.co.nz/fastnetbusiness/security.asp

    Even though this is the business page it also applies to personal
    internet banking.
     
    EMB, Oct 23, 2009
    #9
  10. Peter

    ~misfit~ Guest

    Somewhere on teh intarwebs EMB wrote:
    > Roger_Nickel wrote:
    >
    >> If the banks were serious about security then they would offer their
    >> customers a live CD and use one-time passwords- either from a key
    >> fob or from a scratch ticket like that used for lotteries. I'm
    >> waiting for one of their commercial clients to get stung and sue.

    >
    > You mean something like ASB's Netcode Token approach that's been in
    > use for the last 5 years or so? At its simpler level you need the
    > code it produces to authorise payments, and at the enhanced level you
    > need the code in order to log on.
    >
    > http://www.asb.co.nz/fastnetbusiness/security.asp
    >
    > Even though this is the business page it also applies to personal
    > internet banking.


    That's good, if I had any money worth protecting I might get one. <g> I
    quite like my BNZ 'Netguard' card that has an x axis A - G and a y axis 1 -
    7 and, when I log on I am asked for three combinations (eg. F3, C1, D4). If
    I lose the Netguard card I notify BNZ immediately. A new one is sent out
    after a set amount of uses/certain time. No charge for that service.

    Cheers,
    --
    Shaun.

    "Give a man a fire and he's warm for the day. But set fire to him and he's
    warm for the rest of his life." Terry Pratchet, 'Jingo'.
     
    ~misfit~, Oct 23, 2009
    #10
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. totsob
    Replies:
    1
    Views:
    1,232
    Markus
    Oct 22, 2004
  2. HC
    Replies:
    8
    Views:
    510
  3. paul.bennett

    removing outlook express 6 safely

    paul.bennett, Oct 29, 2003, in forum: Computer Support
    Replies:
    5
    Views:
    665
    Rifleman
    Oct 30, 2003
  4. Zebraloc
    Replies:
    3
    Views:
    6,978
    ┬░Mike┬░
    Dec 14, 2003
  5. JD
    Replies:
    2
    Views:
    4,037
Loading...

Share This Page