On Thu, Oct 3, 2013 at 1:53 AM, Jerry Stuckle <jstuc...@attglobal.net> wrote: > On 10/2/2013 12:24 PM, peasth...@shaw.ca wrote: >> >> From: Joel Rees <joel.r...@gmail.com> >> Date: Wed, 2 Oct 2013 15:30:26 +0900 >>> >>> [...] > >>> And accessing your bank logged in as the same user that you use to >>> surf random sites is one of the primary causes of leaked bank account >>> numbers and passwords. >> >> >> The banking information is stored in a cookie. Subsequently a site other >> than the bank is allowed to read the cookie? A failure of the browser. >> Correct? Prior to studying this thoroughly, I might stick to personal >> banking. >> > > Not if your browser is working properly. Cookies can only be sent to the > domain which originated them (and, depending on the cookie options, > subdomains of the main domain).
subdomains. And too many places, bank sites included, outsource parts of their sites. Particularly ad-related stuff. I play it safe and limit logging in to my bank to a user that does nothing but logging into that bank. Hey, it's my computer, I can add users all I like. And I try to avoid logging in to the bank, but the bank sometimes requires me to log in to do certain things, now. > But too many people use the same userid/password for multiple sites, and a > security problem on one site can expose those userids/passwords. This makes > it easy for a hacker to access one's banking account. > > I use online banking all the time. But I have a unique userid/password > combination on each of my accounts. These are long, non-obvious, known only > to me and not stored on any computer. That's important, too. Which means that the problem here is getting used to manage more than a few userids and passwords, and most people are intimidated by what it takes to get that experience. -- Joel Rees Be careful where you see conspiracy. Look first in your own heart. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CAAr43iN2gt2fX1UUf-MJ=SbO+G8qU=vyv0ht00sflptosbb...@mail.gmail.com
