On 07.05.14 00:34, Andrew McGlashan wrote: > Apparently the Commonwealth Bank was effected, but they claim that > only the main website was vulnerable, not Netbank -- can you trust > them? I think NOT! Banks do NOT care about security as much as they > need to; why do you think tap-and-pay systems are so good for them ... > it's because the RETAILER takes ALL the risk whilst the bank takes NO > RISK at all.
Is there any evidence for any of those assertions? That bank cared enough about security to _insist_ on sending a security dongle when a substantial netbank account was opened - they did not wish to accept liability for loss of that amount of funds without the extra security provision. Given the one-time access provided by each long-cycle pseudorandom code produced by the dongle, a strong password on the account becomes mere back-up protection. AIUI anyone can ask for a dongle. It's worth knowing that even if account ID and password were intercepted, they would avail a crim nothing at all. Erik -- A computer is like an air conditioner, it works poorly when you open Windows. _______________________________________________ luv-main mailing list [email protected] http://lists.luv.asn.au/listinfo/luv-main
