> >Yes, e-gold is BIG business and as such it is utterly
> >INEXCUSABLE that they do not have 24/7 live tech support
> >and are not working their a**es off making our e-gold
> >accounts opaque to hackers. I know of one person
> >who had I5K removed from his account, and just
> >this week two people I know have had attempts at
> >hacking their e-gold accounts, in one case
> >rendering it useless for spends.
>
> If you click on every untrusted executable sent to you,
> there's nothing that e-gold [or anyone else] could do.
> It's called evolution in action.
Actually, it's something that could probably happen to any of us, if there
is such a thing as a trojan horse which will email our passwords to some
thief, somewhere.
In order to wire money from my CompuBank account, I need to do this:
1) Login with a 10-Digit UserID that only I know about AND a password of my
choosing.
2) Answer a random personal question.
3) Enter a second password to transfer the money.
4) Answer a call-back at my number.
Fundamentally, E-Gold should offer at least another two tiers of protection;
whereby small spends and balances use one password; larger spends use
another password; and the account information is protected by a third
password. The user could choose to set all passwords identically, or he
could choose separate passwords for these functions. The call-back function
is great, but I ask for too much. Another great security feature would be
positive handshaking, whereby a spend is allowed to be revocable until the
receiver picks it up with a password of the senders choice. This would
eliminate any concerns about sending a lot of money to the wrong e-gold
account. The sender could revoke the spend if the receiver doesn't have the
password to pick it up.
The way e-gold is now is that it's a one-password-uses-all type of system
and this is a bit unsettling for someone who wants to keep a lot of money in
it. I found myself just yesterday, checking my balance on a University
computer. Who knows where that's been?
Craig
---
You are currently subscribed to e-gold-list as: [email protected]
To unsubscribe send a blank email to [EMAIL PROTECTED]
