Secure Transactions
Tod Merley
todbot88 at gmail.com
Sun Aug 31 09:45:12 UTC 2014
Thank you Heinz for the good suggestions regarding checking certificates
and all. As I think about it I would indeed really like to see a little
program for myself (perhaps a script can do if I can find the right tools)
which examines the entire log in procedure - perhaps "from which IP(s) -
using what certificates - fingerprint match QQ - time between segments
similar - ... - and if there are problems or significant differences raise
a colored flag to tell me how concerned I should be - and - keep a copy of
the exchange for further analysis if that might prove useful to the
institution IT team or law enforcement.
Thanks Tim as well, I will do some learning on DNS cache and figure out
good ways to work with what could be good or flush what may be bad.
On Sun, Aug 31, 2014 at 1:59 AM, Heinz Diehl <htd+ml at fritha.org> wrote:
> On 31.08.2014, Tim wrote:
>
> > Ideally, for things like banking, you really want to know the
> > fingerprint ahead of your first use. They should really give you a hard
> > copy of what to expect when you set up your account / get a new card.
>
> I've never seen that a bank has recommended checking the certificates
> fingerprint, despite tons of articles in newspapers and on the web
> reporting about phishing. Phishing is not a problem if everybody would
> check the fingerprint before entering any credentials. You can
> clone-copy a website, but you can't fake the fingerprint of the
> certificate. It's that easy, and thus not understandable to me why
> there is ongoing discussion about phishing. Not that I think global
> dissemination of how to check the certificates fingerprint would
> eliminate it, but it would at least reduce it drastically.
>
> > The security of personal banking is terrible, anyway. e.g. Try phoning
> > them up for help, but be unable to recall your password. They'll help
> > you too much.
>
> At least my bank does a f*cking sh*t if I don't appear in person
> and show them my identity card.
>
> --
> users mailing list
> users at lists.fedoraproject.org
> To unsubscribe or change subscription options:
> https://admin.fedoraproject.org/mailman/listinfo/users
> Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
> Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
> Have a question? Ask away: http://ask.fedoraproject.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/users/attachments/20140831/f4527aeb/attachment.html>
More information about the users
mailing list