On Tue, 23 Jan 2007 08:37:47 +1100 Howard Lowndes <[EMAIL PROTECTED]> wrote:
> > > Alan L Tyree wrote: > > On Tue, 23 Jan 2007 07:57:55 +1100 > > Alex Samad <[EMAIL PROTECTED]> wrote: > > > >> On Tue, Jan 23, 2007 at 07:45:02AM +1100, Alan L Tyree wrote: > >>> On Tue, 23 Jan 2007 07:34:24 +1100 > >>> James Purser <[EMAIL PROTECTED]> wrote: > >>> > >>>> On Tue, 2007-01-23 at 07:22 +1100, Alan L Tyree wrote: > >>>>> Hi all, > >>>>> I'm about to give an interview on the ABC concerning the EFT > >>>>> Code of Conduct. I realised that I am ignorant on the following > >>>>> question: > >>>>> > >>>>> When a customer connects for on-line banking, is it possible to > >>>>> identify the system that the customer is using? Can they tell > >>>>> it is Windows 98, XP, etc? > >>>>> > >>>>> Thanks for any feedback on this. > >>>>> > >>>>> Alan > >>>> Hi Alan, > >>>> > >>>> It is possible to identify the OS that a browser is based on, as > >>>> this is part of the information the browser sends to the server. > >>>> However in browsers outside of IE this is spoofable. > >>> Thanks James. One of the proposals for the new EFT Code is that > >>> users be liable for all losses caused by infected computers. My > >>> point is going to be that this is inappropriate as long as the > >>> banks do not restrict connections from older systems that are > >>> known to be insecure. > >> My 2c, but isn't that just lazyness of the banks part. the getting > >> around key loggers shouldn't be that hard. Banks in US have > >> started to hand out 2 token authentication devices. IMB provides > >> you with a encoding matrix for your password so the same key > >> combination doesn't always log you in > > > > Yes, of course. I was just looking at elementary things to make a > > quick "sound bite" type of argument. Bill Caelli also addressed this > > yesterday talking to Richard Glover - pointing out that multi-factor > > authorisation is a minimum. Also out-of-band communications. Lots of > > things. > > Is there any link to Bill's talk? I had the pleasure of meeting him > once about 20 years ago - very interesting person. I don't know. It was a very short interview on Richard Glover's Drive program yesterday afternoon about 3:30. You might try the 702 web site. He is a brilliant performer in that situation, able to communicate ideas quickly and concisely. > > > -- > Howard. > LANNet Computing Associates - Your Linux people > <http://lannetlinux.com> When you want a computer system that works, > just choose Linux; When you want a computer system that works, just, > choose Microsoft. -- > Flatter government, not fatter government; abolish the Australian > states. > > -- > SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ > Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html > -- Alan L Tyree http://www2.austlii.edu.au/~alan Tel: +61 2 4782 2670 Mobile: +61 427 486 206 Fax: +61 2 4782 7092 FWD: 615662 -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
