Greg Knittl <[email protected]> wrote: > My credit union, Meridian, only supports Microsoft Windows and Max OS X for > online banking. > https://www.meridiancu.ca/About-Meridian/Privacy-and-Security.aspx under > browser requirements.
I suppose, that what they _support_ is orthogonal to what you can use. I can hardly realise, how it can be possible to write a modern webapp, that would be nailed to something lower than javascript VM. > From the https://www.meridiancu.ca/About-Meridian/Privacy-and-Security.aspx > especially the section titled Your Online Privacy they describe fairly vague > security procedures that would be difficult to completely follow even if I > installed Windows or MAC OS X. Letʼs see: | Protecting your computer | | Never leave your computer unattended while using banking services. | Always exit the Meridian Online Banking using the logout button and close your browser if you step away from your computer. Your browser may retain information you entered in the login screen and elsewhere until you exit the browser. Looks pretty sensible, is not it? | Prevention of Browser Caching (storing of pages) is enabled by default when using Meridian Online Banking. This prevents secure pages and page information from being stored on your personal computer. It is also a beneficial security feature if you are accessing the site from a shared computer, such as at a friend's house or through a publicly-accessible computer, such as at a library or airport. There is nothing to follow here. | Secure or erase files stored on your computer by your browser so others cannot read them. Most browsers store information in non-protected (unencrypted) files in the browser's cache to improve performance. These files remain there until erased. They can be erased using standard computer utilities or by using your browser feature to "empty" the cache. This is somewhat contradictory to the previous point, yet not difficult to follow, if you really want to. In Chromium: Ctrl-Shift-Del. | Disable automatic password-save features in the browsers and software you use to access the Internet. Given that webbrowsers tends to store passwords in cleartext by default, looks more that reasonable. Use encrypted storage, such as gpg(1) + pass(1) + browserpass-ce, for instance, instead. | Install and use a quality anti-virus program. As new viruses are created each and every day, be sure to update your anti-virus program often. It is recommended you update anti-virus definitions automatically. Scan all download files, programs, disks and attachments I am not sure, how relevant it is for GNU, but I believe itʼs not hard to do that when using MS Windows. | and only accept files and programs from a trusted source. That is the only point, which would be indeed extremely hard to follow if read as written, since the half of web is now completely broken without nonfree programs, that websites thrust into your browser to run, without asking or even notifying you. That is not the type of programs they really meant, though. | Install and configure a personal firewall on your computer to ensure others cannot access your computer through the Internet. Sometimes itʼs indeed needed, most of the time it would not harm; and there is nothing particular hard in doing it. | Install new security patches as soon as your operating system and Internet browser manufacturers make them available. This is must, do not you think so? > Any thoughts on technical issues? What technical issues? You have not described any technical issues. Do you have any? > How would a financial institution write platform independent online banking > terms and conditions? By targeting a webbrowser as a platform. > Has anyone found an institution that officially supports Linux No. There is really nothing for them to support at that low level.
signature.asc
Description: PGP signature
_______________________________________________ libreplanet-discuss mailing list [email protected] https://lists.libreplanet.org/mailman/listinfo/libreplanet-discuss
