Prev: downloading and copying movies
Next: Are Indesign files interchangeable between Macs and PCs without any hassle?
From: Chris Ridd on 26 Mar 2010 02:34
On 2010-03-25 23:19:13 +0000, Bruce Horrocks said:

> On 25/03/2010 19:26, The Older Gentleman wrote:
>> but before doing what the bank wants
>
> Anyone wishing to stall their bank could write and ask why Trusteer
> Rapport doesn't appear to have a CESG Claims Tested Mark nor a Common
> Criteria certification.
> <http://www.cctmark.gov.uk/>
> <http://www.commoncriteriaportal.org/>
>
> After all, CCTM only costs �10-�20k to get evaluated which is peanuts
> to a bank serious about protecting its customers...

Now that's a *brilliant* idea. I'll keep it up my sleeve.

--
Chris

From: The Older Gentleman on 26 Mar 2010 03:11
Bruce Horrocks <07.013(a)scorecrow.com> wrote:

> On 25/03/2010 19:26, The Older Gentleman wrote:
> > but before doing what the bank wants
>
> Anyone wishing to stall their bank could write and ask why Trusteer
> Rapport doesn't appear to have a CESG Claims Tested Mark nor a Common
> Criteria certification.
> <http://www.cctmark.gov.uk/>
> <http://www.commoncriteriaportal.org/>
>
> After all, CCTM only costs �10-�20k to get evaluated which is peanuts to
> a bank serious about protecting its customers...
>

*Nice* idea.


--
BMW K1100LT Ducati 750SS Honda CB400F Triumph Street Triple
Suzuki TS250ER GN250 Damn, back to six bikes!
Try Googling before asking a damn silly question.
chateau dot murray at idnet dot com
From: chris on 26 Mar 2010 05:13
On 25/03/10 20:56, eastender wrote:
> In article<1jfxcgi.thevmn19hpkg0N%totallydeadmailbox(a)yahoo.co.uk>,
> totallydeadmailbox(a)yahoo.co.uk (The Older Gentleman) wrote:
>
>> My wife's bank wants her to download Trusteer Rapport to improve her
>> online banking security.
>>
>> As we're 100% Mac in this household, I think the risks are already
>> minimal, but before doing what the bank wants I thought I'd ask here.
>>
>> Any bugs? Problems? Nasties? And is it actually worth doing?
>>
>> TIA
>
> I'm running it thanks to HSBC. No problems. It pops up and asks you if
> you want to use the same password for other things, so could be useful
> as a way of eliminating a crucial password in a less secure app. I use
> HSBC for personal and business banking - the latter has a code generator
> that ought to be pretty secure anyway though, but I gather Rapport
> adds the assurance that the browser isn't being hacked while you're on
> the bank site.

Except that (according to various 'expert opinions' I've read) there's
no way that Rapport can guarantee that assurance. In theory, it's
possible to spoof it.

IMO at best it's an layer of authentication that's outside of your
control and at worst it's a single point of attack for black hats to
target thousands of bank accounts.

I'm not a fan.

Fortunately, I use linux at home which isn't supported.
From: chris on 26 Mar 2010 05:23
On 26/03/10 06:34, Chris Ridd wrote:
> On 2010-03-25 23:19:13 +0000, Bruce Horrocks said:
>
>> On 25/03/2010 19:26, The Older Gentleman wrote:
>>> but before doing what the bank wants
>>
>> Anyone wishing to stall their bank could write and ask why Trusteer
>> Rapport doesn't appear to have a CESG Claims Tested Mark nor a Common
>> Criteria certification.
>> <http://www.cctmark.gov.uk/>
>> <http://www.commoncriteriaportal.org/>
>>
>> After all, CCTM only costs �10-�20k to get evaluated which is peanuts
>> to a bank serious about protecting its customers...
>
> Now that's a *brilliant* idea. I'll keep it up my sleeve.

Yes, indeed. I believe a letter to First Direct will be in the offing
tonight. :)

From: Chris Ridd on 26 Mar 2010 05:33
On 2010-03-26 09:23:02 +0000, chris said:

> On 26/03/10 06:34, Chris Ridd wrote:
>> On 2010-03-25 23:19:13 +0000, Bruce Horrocks said:
>>
>>> On 25/03/2010 19:26, The Older Gentleman wrote:
>>>> but before doing what the bank wants
>>>
>>> Anyone wishing to stall their bank could write and ask why Trusteer
>>> Rapport doesn't appear to have a CESG Claims Tested Mark nor a Common
>>> Criteria certification.
>>> <http://www.cctmark.gov.uk/>
>>> <http://www.commoncriteriaportal.org/>
>>>
>>> After all, CCTM only costs �10-�20k to get evaluated which is peanuts
>>> to a bank serious about protecting its customers...
>>
>> Now that's a *brilliant* idea. I'll keep it up my sleeve.
>
> Yes, indeed. I believe a letter to First Direct will be in the offing
> tonight. :)

I'd be interested to hear their response.
--
Chris

First  |  Prev  |  Next  |  Last
Pages: 1 2 3
Prev: downloading and copying movies
Next: Are Indesign files interchangeable between Macs and PCs without any hassle?