1 |
Jan Seeger wrote: |
2 |
|
3 |
> <snip insane security paranoia> |
4 |
|
5 |
insane? What's insane: Presuming the windows host is compromised? or |
6 |
having your computer on a USB flash drive? or using two browsers to |
7 |
confirm the integrity of a site? The procedure is quite easy, once |
8 |
you've done it once or twice. |
9 |
|
10 |
But go ahead and do something less; it's easy to do something less cautious. |
11 |
|
12 |
> |
13 |
> Actually, at that stage, you should be more worried about the hardware. Slip a little hardware |
14 |
> keylogger in there and all that is for nothing. And try to do online banking without entering |
15 |
> anything... If your bank doesn't require something like a TAN (transaction number) or ITAN (indexed |
16 |
> transaction number), I wouldn't use it at all. So it would probably wiser to get a laptop and take |
17 |
> good care of it. |
18 |
|
19 |
Definitely agree. Laptop is easily the best choice. (But I still check |
20 |
for DNS poisoning and XSS attacks at the destination) :-) |
21 |
|
22 |
-> However, maybe Steve doesn't have a laptop! At any rate, he is |
23 |
discussing a solution for use at a windows pc. |
24 |
|
25 |
(And I wouldn't mind entering a TAN via a library keyboard if the |
26 |
primary authentication (initial phase of a two phase identification) was |
27 |
hidden from the hardware - it alone won't compromise my account.) |
28 |
|
29 |
-- |
30 |
gentoo-user@l.g.o mailing list |