| 1 |
Jan Seeger wrote: |
| 2 |
|
| 3 |
> <snip insane security paranoia> |
| 4 |
|
| 5 |
insane? What's insane: Presuming the windows host is compromised? or |
| 6 |
having your computer on a USB flash drive? or using two browsers to |
| 7 |
confirm the integrity of a site? The procedure is quite easy, once |
| 8 |
you've done it once or twice. |
| 9 |
|
| 10 |
But go ahead and do something less; it's easy to do something less cautious. |
| 11 |
|
| 12 |
> |
| 13 |
> Actually, at that stage, you should be more worried about the hardware. Slip a little hardware |
| 14 |
> keylogger in there and all that is for nothing. And try to do online banking without entering |
| 15 |
> anything... If your bank doesn't require something like a TAN (transaction number) or ITAN (indexed |
| 16 |
> transaction number), I wouldn't use it at all. So it would probably wiser to get a laptop and take |
| 17 |
> good care of it. |
| 18 |
|
| 19 |
Definitely agree. Laptop is easily the best choice. (But I still check |
| 20 |
for DNS poisoning and XSS attacks at the destination) :-) |
| 21 |
|
| 22 |
-> However, maybe Steve doesn't have a laptop! At any rate, he is |
| 23 |
discussing a solution for use at a windows pc. |
| 24 |
|
| 25 |
(And I wouldn't mind entering a TAN via a library keyboard if the |
| 26 |
primary authentication (initial phase of a two phase identification) was |
| 27 |
hidden from the hardware - it alone won't compromise my account.) |
| 28 |
|
| 29 |
-- |
| 30 |
gentoo-user@l.g.o mailing list |
Archives