boun...@linuxbox.org] On
Behalf Of Drsolly
Sent: Friday, March 04, 2011 10:45 AM
To: funsec@linuxbox.org
Subject: [funsec] Bank security
I was called by my bank recently, to discuss a complaint I'd made. After a
few minutes talking, my called decided she needed to do a security check.
S
I was called by my bank recently, to discuss a complaint I'd made. After a
few minutes talking, my called decided she needed to do a security check.
So she asked me for part of my sort code, part of my account number, part
of my mother's maiden and, and my birth date.
After we'd finished dealin
::sniff:: I love happy endings. :)
On 3/10/2010 1:24 AM, Rich Kulawiec wrote:
> On Mon, Mar 08, 2010 at 11:08:37PM -0500, Joel Esler wrote:
>> Okay, so then what they do!? You've got me on the edge of my seat here.
>
> Well, at that very moment an iceberg the size of Rhode Island broke
> off in
On Mar 9, 2010, at 8:24 PM, Rich Kulawiec wrote:
> On Mon, Mar 08, 2010 at 11:08:37PM -0500, Joel Esler wrote:
>> Okay, so then what they do!? You've got me on the edge of my seat here.
>
> Well, at that very moment an iceberg the size of Rhode Island broke
> off into the southern Atlantic, sendi
On Mon, Mar 08, 2010 at 11:08:37PM -0500, Joel Esler wrote:
> Okay, so then what they do!? You've got me on the edge of my seat here.
Well, at that very moment an iceberg the size of Rhode Island broke
off into the southern Atlantic, sending a wave careening into the
side of an ocean liner full o
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I just had a backup of a PCI DSS DB uploaded via anon FTP for a server
I'm working on. Can't get much more clueless than that considering that
they had:
- - a valid login to an alternative secure sftp server.
- - both my and their own GPG credentials
On Mar 8, 2010, at 6:00 PM, Rich Kulawiec wrote:
> Recent similar experience: was given a pair of running shorts as a gift.
> They didn't fit. Took them back to $BIGOUTDOORSTORE along with a
> printout of the receipt from their online store. Did not ask for
> cash refund. Did not ask for refund
Just had a gov agency send me an email that contained private and personal info
(not mine)
Called em on it and they went oops
Sent via BlackBerry from T-Mobile
___
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listi
Just had a gov agency send me an email that contained private and personal info
(not mine)
Called em on it and they went oops
Sent via BlackBerry from T-Mobile
___
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listi
in perfunctory, and mostly useless, "check the box" security.
> -Original Message-
> From: funsec-boun...@linuxbox.org [mailto:funsec-boun...@linuxbox.org]
> On Behalf Of Rich Kulawiec
> Sent: Monday, March 08, 2010 3:01 PM
> To: funsec@linuxbox.org
> Subject
olly; funsec@linuxbox.org
> Subject: Re: [funsec] Bank security
>
> What a shame. Things like this would never happen in America.
>
> LJS
>
> -Original Message-
> From: funsec-boun...@linuxbox.org [mailto:funsec-boun...@linuxbox.org]
> On Behalf Of Drsolly
Recent similar experience: was given a pair of running shorts as a gift.
They didn't fit. Took them back to $BIGOUTDOORSTORE along with a
printout of the receipt from their online store. Did not ask for
cash refund. Did not ask for refund on the card that was used for
the purchase. Asked for a
What a shame. Things like this would never happen in America.
LJS
-Original Message-
From: funsec-boun...@linuxbox.org [mailto:funsec-boun...@linuxbox.org]
On Behalf Of Drsolly
Sent: Monday, March 08, 2010 10:07 AM
To: funsec@linuxbox.org
Subject: [funsec] Bank security
I just got
I just got called by my bank. And then they wanted some information so
they could be sure it was me. Why, when it was them that callked me?
Well, it's just they way they do it.
Naturally, I refused to give out any info to someone who had just called
me, and I told them that I'd call them back,
Rich Kulawiec wrote:
> About a year ago, I went several rounds with a local financial institution
> while trying to deposit money into an account. They wanted a thumbprint
> in order to verify that fraud wasn't being attempted, and were utterly
> impervious to the point that it was a DEPOSIT, not
I think the way it works is this.
You have the people who actually understand A) security and B) how
computers work and C) how email works and D) how the internet works and E)
the things that people get up to and F) the stupid things that users do.
That's a small number of people. Me, of course
On Thu, 23 Jul 2009, Peter Evans wrote:
> On Wed, Jul 22, 2009 at 11:28:31AM -0700, Tomas L. Byrnes wrote:
> > Well, if they used PKI, that would be true (that the e-mail could be
> > authenticated whereas the fax cannot).
>
> > >Apparently, anyone can send an fax, but if an email has me in the
On Wed, Jul 22, 2009 at 09:43:55AM +0100, Drsolly wrote:
> And this is a bank.
>
> And we wonder why there's fraud ...
About a year ago, I went several rounds with a local financial institution
while trying to deposit money into an account. They wanted a thumbprint
in order to verify that fraud
PC Magazine
> larry_selt...@ziffdavis.com
> http://blogs.pcmag.com/securitywatch/
>
>
> -Original Message-
> From: Drsolly [mailto:drsol...@drsolly.com]
> Sent: Wednesday, July 22, 2009 8:16 PM
> To: Tomas L. Byrnes
> Cc: Larry Seltzer; funsec@linuxbox.or
Oh, I have several others I could show you. That was just the most recent,
and was a bit breathtaking.
On Wed, 22 Jul 2009, Rob Thompson wrote:
> Drsolly wrote:
> > I sent my bank a fax to tell them about my change of address. They sent a
> > fax back, asking me to phone them. The lady I spoke
com]
Sent: Wednesday, July 22, 2009 8:16 PM
To: Tomas L. Byrnes
Cc: Larry Seltzer; funsec@linuxbox.org
Subject: RE: [funsec] Bank security
My bank thinks that PKI is a brand of peanut.
They just wanted a plain, vanilla email. And I sent them one. And
they're
happy. Hey - the email says it came f
truth that e-Mail is slightly more verifiable than fax.
>
>
>
> >-Original Message-
> >From: funsec-boun...@linuxbox.org [mailto:funsec-boun...@linuxbox.org]
> >On Behalf Of Larry Seltzer
> >Sent: Wednesday, July 22, 2009 3:19 AM
> >To: Drsoll
Ask your bank what their change of address procedure is, and whether
they'll accept an emailed request.
I'm reminded of a Douglas Adams adventure game, in which the object of the
game was to notify your bank of your change of address.
On Wed, 22 Jul 2009, Caveguy wrote:
> Which bank was this
Drsolly wrote:
> I sent my bank a fax to tell them about my change of address. They sent a
> fax back, asking me to phone them. The lady I spoke to, said that they
> couldn't do it from a fax, they needed an email. I asked why; she said
> that it was so they could be sure it came from me.
>
> A
Date sent: Wed, 22 Jul 2009 09:43:55 +0100 (BST)
From: Drsolly
> And this is a bank.
Did you check the caller-ID, to be sure? :-)
== (quote inserted randomly by Pegasus Mailer)
rsl...@vcn.bc.ca sl...@victoria.tc.ca rsl...@computercri
hat e-Mail is slightly more verifiable than fax.
>-Original Message-
>From: funsec-boun...@linuxbox.org [mailto:funsec-boun...@linuxbox.org]
>On Behalf Of Larry Seltzer
>Sent: Wednesday, July 22, 2009 3:19 AM
>To: Drsolly; funsec@linuxbox.org
>Subject: Re: [funsec
m: funsec-boun...@linuxbox.org [mailto:funsec-boun...@linuxbox.org]
> On Behalf Of Drsolly
> Sent: Wednesday, July 22, 2009 4:44 AM
> To: funsec@linuxbox.org
> Subject: [funsec] Bank security
>
> I sent my bank a fax to tell them about my change of address. They sent
> a
> fax ba
@linuxbox.org
Subject: [funsec] Bank security
I sent my bank a fax to tell them about my change of address. They sent
a
fax back, asking me to phone them. The lady I spoke to, said that they
couldn't do it from a fax, they needed an email. I asked why; she said
that it was so they could be su
I sent my bank a fax to tell them about my change of address. They sent a
fax back, asking me to phone them. The lady I spoke to, said that they
couldn't do it from a fax, they needed an email. I asked why; she said
that it was so they could be sure it came from me.
Apparently, anyone can send
29 matches
Mail list logo