On 31.08.2014, Tim wrote: > Ideally, for things like banking, you really want to know the > fingerprint ahead of your first use. They should really give you a hard > copy of what to expect when you set up your account / get a new card. I've never seen that a bank has recommended checking the certificates fingerprint, despite tons of articles in newspapers and on the web reporting about phishing. Phishing is not a problem if everybody would check the fingerprint before entering any credentials. You can clone-copy a website, but you can't fake the fingerprint of the certificate. It's that easy, and thus not understandable to me why there is ongoing discussion about phishing. Not that I think global dissemination of how to check the certificates fingerprint would eliminate it, but it would at least reduce it drastically. > The security of personal banking is terrible, anyway. e.g. Try phoning > them up for help, but be unable to recall your password. They'll help > you too much. At least my bank does a f*cking sh*t if I don't appear in person and show them my identity card. -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
