Lucky you, but not everyone, especially outside of Germany, has access to secure technology for banking.
On 17. Mai 2014 19:03:41 MESZ, Sven Bartscher <sven.bartsc...@weltraumschlangen.de> wrote: >On Sat, 17 May 2014 18:57:35 +0200 >Franz Brandl <franz.bra...@runbox.com> wrote: > >> May be off topic, but IMO one should use an OS booted from DVD or >write protected USB Stick for online banking. > >Assuming that no remote attacker can plug my HBCI-cardreader into the >USB-HUB, I think that is not necessary. >> On 17. Mai 2014 18:50:42 MESZ, Sven Bartscher ><sven.bartsc...@weltraumschlangen.de> wrote: >> >On Sun, 18 May 2014 01:36:44 +0900 >> >Joel Rees <joel.r...@gmail.com> wrote: >> > >> >> >> There are more reasons than the X11 hole to refrain from using >> >your >> >> >> admin user to surf the web. >> >> > >> >> > Just out of curiosity, what are these reasons? >> >> >> >> Your browser and any plugins, addons, etc. that it loads, >including >> >> java, flash, java/ecmascript, and, well, any scripting language >the >> >> browser can be running, for starters. >> >> >> >> Shoot, if my memory serves me, I seem to remember a class of >> >> vulnerabilities that has never really been answered, involving >> >pushing >> >> keyboard loggers into the keyboard controller itself. >> >> >> >> >> If you are worried about needing to find answers to admin >problems >> >by >> >> >> searching the web, lynx helps somewhat. But I still restrict >the >> >> >> places I visit with lynx while running as an admin to my search >> >engine >> >> >> site, certain subdomains of debian.org, and such. >> >> > >> >> > I'm not only worried about my admin account. >> >> > This is still a big security-hole for non-admins. >> >> >> >> The web is not safe. If you do internet banking, at least make a >> >> separate, dedicated account for that, too. And if you go places >where >> >> maybe you should not let you go, re-think your reasons for going. >> > >> >So basically I would need one account for surfing, one for >> >online-banking, ssh(-agent) and other important stuff and an >> >admin-account. Some accounts I missed? >> > >> >I know that's not gonna help, but I fell like there should be a >better >> >way to isolate processes. >> > >> >PS: Please don't CC me >> > >> >Regards >> >Sven >> >> -- >> Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail >gesendet. -- Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail gesendet.
