Is your bank responsible for protecting you from key loggers?

    Date 11 Aug 2006
    Category Privacy
    Posted By Brittany Day
    Where does your bank's responsibility to protect you and your online transactions end? Apparently the HSBC bank of Great Britain knew for 2 years that they had a vulnerability and did nothing about it. There are very few details about the vulnerability, but one thing is known -- an attacker would already have to have a key logger on the customer's system to take advantage of the vulnerability. Maybe I'm being naive, but if an attacker has a key logger on the system, I figure your online banking credentials being stolen is just the start of your worries.

    The vulnerability HSBC has is apparently extremely difficult to actually take advantage of, a factor HSBC took into account when they decided to live with it because other concerns were more pressing. As security professionals, we should understand this balancing act, even if we don't always agree with the decisions that are reached. The cost to fix the issue was considered to by management to exceed the probability of an exploit multiplied by the possible cost of paying for any such breaches. Pretty standard business reasoning.

    LinuxSecurity Poll

    How do you feel about the elimination of the terms 'blacklist' and 'slave' from the Linux kernel?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    [{"id":"112","title":"I strongly support this change - racially charged language should not be used in the code and documentation of the kernel and other open-source projects.","votes":"3","type":"x","order":"1","pct":42.86,"resources":[]},{"id":"113","title":"I'm indifferent - this small change will not affect broader issues of racial insensitivity and white privilege.","votes":"2","type":"x","order":"2","pct":28.57,"resources":[]},{"id":"114","title":"I'm opposed to this change - there is no need to change language that has been used for years. It doesn't make sense for people to take offense to terminology used in community projects.","votes":"2","type":"x","order":"3","pct":28.57,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.