[ILUG] Net banks with linux support
Colm MacCarthaigh
colm at stdlib.net
Sun Jul 17 13:40:20 IST 2005
On Sun, Jul 17, 2005 at 01:04:02PM +0100, Timothy Murphy wrote:
> On Sat 16 Jul 2005 20:08, Colm MacCarthaigh wrote:
>
> > Of course ATM still have they're own deficiencies, like the simple
> > man-in-the-middle attacks that been occuring in the last few years.
>
> Aren't you all a bit paranoid?
Yes :) But I think it's important to be aware of the risks, there's no
point inviting trouble. That said, I still use Online banking, ATM's, a
credit card and in-person banking.
> I feel both online banking and ATM machines are reasonably safe. The
> chances of being mugged at an ATM machine strike me as much higher
> than any electronic attack.
Depends on your definition of electronic attack. If you include
phishing, the risks for electronic attacks are massive. Electronic
Credit Card fraud is pretty massive aswell, much bigger business than
mugging I'd say.
> In any case, wouldn't the bank re-imburse you if you were the victim
> of an attack on their system?
Depends, probably only if the fault lay in their system. In a lot of
cases (phishing, MITM) it doesn't.
> My colleague Michael Purser (the cryptography expert) told me of a
> strange attack on ATM machines when they first came out. Apparently
> if you completed an identical transaction within a short time it was
> assumed that it was the same transaction which had been interrupted,
> so you could get 200 pounds while only being debited 100 pounds. But
> that was a long time ago.
They still find them;
http://www.cl.cam.ac.uk/TechReports/UCAM-CL-TR-560.pdf
and react to them badly;
http://cryptome.org/pacc.htm
> Are there figures for the sums lost by fraud at ATM machines or online
> banking? Most of the scare stories one reads strike me as urban
> myths. Or else they are put about by firms involved in electronic
> security.
The recent physical ones are definitely not myths, they've recoverd
devices in Dublin, Cork and Galway. I've never seen figures that
wern't just wild estimation though.
--
Colm MacCárthaigh Public Key: colm+pgp at stdlib.net
More information about the ILUG
mailing list