Thank you Heinz for the good suggestions regarding checking certificates and all. As I think about it I would indeed really like to see a little program for myself (perhaps a script can do if I can find the right tools) which examines the entire log in procedure - perhaps "from which IP(s) - using what certificates - fingerprint match QQ - time between segments similar - ... - and if there are problems or significant differences raise a colored flag to tell me how concerned I should be - and - keep a copy of the exchange for further analysis if that might prove useful to the institution IT team or law enforcement.
Thanks Tim as well, I will do some learning on DNS cache and figure out good ways to work with what could be good or flush what may be bad.
On Sun, Aug 31, 2014 at 1:59 AM, Heinz Diehl <htd+ml@xxxxxxxxxx> wrote:
On 31.08.2014, Tim wrote:I've never seen that a bank has recommended checking the certificates
> Ideally, for things like banking, you really want to know the
> fingerprint ahead of your first use. They should really give you a hard
> copy of what to expect when you set up your account / get a new card.
fingerprint, despite tons of articles in newspapers and on the web
reporting about phishing. Phishing is not a problem if everybody would
check the fingerprint before entering any credentials. You can
clone-copy a website, but you can't fake the fingerprint of the
certificate. It's that easy, and thus not understandable to me why
there is ongoing discussion about phishing. Not that I think global
dissemination of how to check the certificates fingerprint would
eliminate it, but it would at least reduce it drastically.
At least my bank does a f*cking sh*t if I don't appear in person
> The security of personal banking is terrible, anyway. e.g. Try phoning
> them up for help, but be unable to recall your password. They'll help
> you too much.
and show them my identity card.
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
