On 01.09.2014, Tod Merley wrote:
> So lets say I do see a wrong fingerprint. As in "ghost busting" who am I
> gonna call!?
The person(s) who is/are responsible for the bank/netshop whatever
you're trying to communicate with. In most cases, they could connect
you with whoever operates the websit
Thanks for the spoof response Heinz!
So lets say I do see a wrong fingerprint. As in "ghost busting" who am I
gonna call!?
On Sun, Aug 31, 2014 at 10:53 PM, Heinz Diehl wrote:
> On 01.09.2014, jd1008 wrote:
>
> > As I said, the caveat of all add-on is that they are just as mysterious
> > with
On 01.09.2014, jd1008 wrote:
> As I said, the caveat of all add-on is that they are just as mysterious
> with respect to their actual content as FF itself - and for that matter,
> Windows and Linux and Unix/variants, are just as mysterious. I say this
> because even with open source software, doe
Tim:
>> Sensible to me is websites continue to work, with the minimal of
>> tracking being possible. Sensible to others is no tracking, and some
>> sites will fail to work. And to yet others, still, sites work
>> without errors or users having to make decisions about using the
>> sites.
jd1008:
On 01.09.2014, Tod Merley wrote:
> General question - can one spoof a certificate? I suppose "man in the
> middle" is simply nasty.
You can't "spoof" a certificate, but create one on your own and
present it as the real one when you're the "man in the middle".
Therefore the fingerprint check. O
Jd1008 - java - life without it! Possible? Better.
Remember - transactions only on the build.
On Sun, Aug 31, 2014 at 9:17 PM, jd1008 wrote:
>
> On 08/31/2014 09:45 PM, Tim wrote:
>
>> Tim:
>>
>>> Be prepared for various things to fail, you cannot force HTTPS with
sites that are HTTP-on
On 08/31/2014 09:45 PM, Tim wrote:
Tim:
Be prepared for various things to fail, you cannot force HTTPS with
sites that are HTTP-only.
jd1008:
Actually, the sites that do not support https, simply default to http.
So, such sites are still browsable even with this plugin.
That wouldn't work wi
Tim:
>> Be prepared for various things to fail, you cannot force HTTPS with
>> sites that are HTTP-only.
jd1008:
> Actually, the sites that do not support https, simply default to http.
> So, such sites are still browsable even with this plugin.
That wouldn't work with various virtually hosted si
On 08/31/2014 04:02 PM, Tod Merley wrote:
Heinz thanks for reminding me about looking at certificates by
clicking the padlock. I also note that they have the ability to
export and so I suppose a comparison could be made through that as well.
General question - can one spoof a certificate? I
On Sun, Aug 31, 2014 at 15:02:03 -0700,
Tod Merley wrote:
Heinz thanks for reminding me about looking at certificates by clicking the
padlock. I also note that they have the ability to export and so I suppose
a comparison could be made through that as well.
General question - can one spoof a
Heinz thanks for reminding me about looking at certificates by clicking the
padlock. I also note that they have the ability to export and so I suppose
a comparison could be made through that as well.
General question - can one spoof a certificate? I suppose "man in the
middle" is simply nasty.
On 08/30/2014 08:33 PM, Tim wrote:
On Sat, 2014-08-30 at 18:39 -0600, jd1008 wrote:
3. HttpToHttps
Be prepared for various things to fail, you cannot force HTTPS with
sites that are HTTP-only.
Actually, the sites that do not support https, simply default to http.
So, such sites are still brow
Allegedly, on or about 31 August 2014, Heinz Diehl sent:
> If you don't trust the site at your first use (5.), you should verify
> that the shown information really is genuine by contacting the
> bank/netshop etc..
Who probably won't have a clue about how to respond to such a query
about their SS
On 31.08.2014, Tod Merley wrote:
> Thank you..
You're welcome!
Btw: for those few who do not immediately know how to localize/check the
fingerprint
of the certificate a website is using:
1. Go to the login dialog on the site you wish to enter
2. Don't insert any credentials!
3. Firefox: click
Thank you Heinz for the good suggestions regarding checking certificates
and all. As I think about it I would indeed really like to see a little
program for myself (perhaps a script can do if I can find the right tools)
which examines the entire log in procedure - perhaps "from which IP(s) -
using
On 31.08.2014, Tim wrote:
> Ideally, for things like banking, you really want to know the
> fingerprint ahead of your first use. They should really give you a hard
> copy of what to expect when you set up your account / get a new card.
I've never seen that a bank has recommended checking the ce
On Sat, 2014-08-30 at 19:41 -0700, Tod Merley wrote:
> Ok - considering that this Fedora 20 install and FireFox browser will
> only be used for Internet transactions how would you set it up to do
> it's job well?
Most of them are self evident, if you know what the options mean, and
some are clearl
On Sat, 2014-08-30 at 20:18 -0700, Tod Merley wrote:
> What sort of security issues are indicated by redirection?
Wasn't me that suggested there were any. It were you that said you
thought they were.
But anyway... If you browse to your bank's domain name, they may bump
you to another address of
On Sun, 2014-08-31 at 09:21 +0200, Heinz Diehl wrote:
> When logging into your bank account (or the like) the very first time,
> make a copy of its certificate/fingerprint. Every time you connect,
> verify the certificates fingerprint first. If it differs,
> take contact with your bank to make sur
On 31.08.2014, Tod Merley wrote:
> I am simply seeking thoughts on the basic approach, alternatives, other
> things to do to make a secure transaction environment.
When logging into your bank account (or the like) the very first time,
make a copy of its certificate/fingerprint. Every time you co
What sort of security issues are indicated by redirection?
What would they be doing (or not doing) in the programming from their end
which would cause this?
Could problems with DNS or other parts of the IP stack be involved?
Why would closing the browser and shutting off the machine and finding
Thanks for your response Tim!
Tim said:
It's well worth going through your browser settings, and setting them
sensibly, rather than hoping some third-party add-on will sort things out
for you.
. . .
Ok - considering that this Fedora 20 install and FireFox browser will only
be used for Internet tr
On Sat, 2014-08-30 at 18:44 -0700, Tod Merley wrote:
> The most suspicious things that ever happened while doing transactions
> may have been related to re-direction. Specifically my "sign on
> picture and text" came up wrong from time to time. My usual response
> was to close the browser and re-
On Sat, 2014-08-30 at 18:39 -0600, jd1008 wrote:
> 3. HttpToHttps
Be prepared for various things to fail, you cannot force HTTPS with
sites that are HTTP-only.
> 6. Redirect Cleaner - this will prevent a website you want to visit to
> redirect your browser to some other website you had no intent
Thanks for responding jd1008 and Joe,
Jd1008 as you point out add-ons are unknowns. I find unknowns kinda scary
when it comes to security. I really do try to do things to limit the sites
I actually go to and very much stay away from e-mail use in the transaction
process if at all possible.
In t
On 08/30/2014 05:39 PM, jd1008 wrote:
Since it is transactions you want to secure, I have advised friends
to install these firefox add-ons (not neceCELLERY :) in the same order:
Two more:
BetterPrivacy
Flash Block
The nice thing about Flash Block is that it doesn't completely block
Flash,
On 08/30/2014 06:15 PM, Tod Merley wrote:
Hi all!
I have been using Windows monitored by Norton used almost exclusively
to do on line transactions and banking. The strategy is simply that I
do not use it otherwise. Transactions only.
But then the W8 laptop Norton would not update or scan!!
Hi all!
I have been using Windows monitored by Norton used almost exclusively to do
on line transactions and banking. The strategy is simply that I do not use
it otherwise. Transactions only.
But then the W8 laptop Norton would not update or scan!! First attempts at
fix failed and refresh and rel
28 matches
Mail list logo
