[LINK] A security question
David Lochrin
dlochrin at d2.net.au
Thu Dec 19 10:23:33 AEDT 2013
On 2013-12-18 15:23 Dr Bob wrote:
> As I said in my original email, ING and CitiBank required the use of a token and each have provided a RSA fob.
Sorry for the spam then - I should have read your email more closely before responding!
> As an aside, ING and Citibank have provided me with an RSA fob to verify who I am in certain transactions. I wonder as well if having a fob to generate a one time password is more secure (not ignoring the fact that RSA got hacked a some time ago).
Westpac will also provide an RSA SecurID fob for authorisation of withdrawals over a certain user-defined amount, though I think I had to request one. The RSA attack was over two years ago I believe and involved theft of the database which maps each fob serial-number to its seed, so any SecurID device manufactured since shortly afterwards should be reasonably safe.
> Thanks for your email though. Also thanks for everyone else who have made suggestions. I am looking at Tails and that seems an interesting option but nothing is really secure I guess. I just have to keep a wary eye on the accounts.
I have never had any hack into my Internet banking in the 16-odd years I've had accounts (touch wood...) however I moved away from Windows many years ago and I wouldn't have an account without something-you-have access control. If you feel able to speak about it I'd be interested to know if, and how willingly, the bank involved made up the amount of the theft? I haven't seen any recent statistics on such crimes, but I'm amazed that the level of theft hasn't made Internet banking very much more expensive.
David L.
More information about the Link
mailing list