[LINK] A security question

Kim Holburn kim at holburn.net
Wed Dec 18 18:08:40 AEDT 2013 

On 2013/Dec/18, at 8:03 AM, Dr Bob Jansen wrote:

> Linkers,
> 
> I have a security question one of you may be able to answer. Which device is more secure for internet banking, a laptop such as a macbook , an iphone or an ipad? As far as i am aware, the iphone and ipad's sandbox facility makes keyloggers difficult but then they do not have any antivirus capability (I use Sophos on the mac laptop, and it reports clean). 
> 
> The reason I ask is that my internet banking account got hacked yesterday and they tried to make off with about 5K. The password was secure, at least I thought it was. It was a meaningless sequence of characters, upper and lower case and numbers, difficult enough to remember in the best of times.
> 
> I can only assume they were sniffing packets.  My connection to the net is via a wireless link to an apple airport express I carry with me. 

I'm not sure how this could be sniffing packets.  I assume you are making a secure, https, connection with your bank.  

There are a number of other possibilities.  

1. They have some software on your system, or 

2. your router (your apple express) (maybe through xsite scripting), or 

3. they have somehow poisoned your DNS and are rerouting you through a website that adds scripts or something to frame your banking site.

Some of these can be got around not using a local DNS (openDNS, googleDNS) using a VPN and or going the full monty and using tor.  Some can be got around using say a bunch of firefox security extensions (it doesn't make using firefox easy though).  

You probably should make sure your system isn't compromised as a high priority task, especially check that you have no rootkit.  I'd want at least to use something like little snitch to warn you when a program is talking when it shouldn't.  

Probably you should use a live linux cd or usb like tails until that is sorted but even so you maybe should consider a non-local DNS and a VPN.

Kim

> I am in South Korea for three months and need internet banking to pay my bills, etc.

> 
> As an aside, ING and Citibank have provided me with an RSA fob to verify who I am in certain transactions. I wonder as well if having a fob to generate a one time password is more secure (not ignoring the fact that RSA got hacked a some time ago).
> 
> Bobj
> 
> Dr Bob Jansen
> Turtle Lane Studios
> PO Box 26 Erskineville NSW 2043 Australia
> Ph: +61 414 297 448
> Skype: bobjtls
> http://www.turtlelane.com.au
> 
> 
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link

-- 
Kim Holburn
IT Network & Security Consultant
T: +61 2 61402408  M: +61 404072753
mailto:kim at holburn.net  aim://kimholburn
skype://kholburn - PGP Public Key on request

More information about the Link mailing list