Join Early Retirement Today
Reply
 
Thread Tools Search this Thread Display Modes
Old 02-14-2013, 01:02 PM   #21
Full time employment: Posting here.
 
Join Date: Nov 2009
Posts: 510
Quote:
Originally Posted by Mulligan View Post
I hear this are extremely secure and need no virus protection as everything is done through google and the net with no operating programs on the laptop. It is literally wiped clean every time you turn it off. You can get a google chrome book for as little as $199. I am going to get one soon to replace my aging compaq and the slothful Vista that is on it.

Troubles me that you'll be paying for a laptop that depends on the internet/google for apps and functionality. Like taking TV recording from the total freedom of VCRs in the old days, to the highly restrictive DVR's you pay a monthly rental to your Cable TV provider for these days (with most not capable of allowing personal storage off the system - they're encrypted). See the future of Cloud storage/access going rental DVR style. Another way of putting it is that the cell phone is free with a 2 year contract, but the monthly service will definitely cost you.....

The Samsung Chromebook Reviewed: Worth Buying, But Limited by Its Internet Dependency | MIT Technology Review
__________________

__________________
fritz is offline   Reply With Quote
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!

Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!

You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!

Old 02-14-2013, 01:13 PM   #22
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
Mulligan's Avatar
 
Join Date: May 2009
Posts: 7,376
Quote:
Originally Posted by fritz

Troubles me that you'll be paying for a laptop that depends on the internet/google for apps and functionality. Like taking TV recording from the total freedom of VCRs in the old days, to the highly restrictive DVR's you pay a monthly rental to your Cable TV provider for these days (with most not capable of allowing personal storage off the system - they're encrypted). See the future of Cloud storage/access going rental DVR style. Another way of putting it is that the cell phone is free with a 2 year contract, but the monthly service will definitely cost you.....

The Samsung Chromebook Reviewed: Worth Buying, But Limited by Its Internet Dependency | MIT Technology Review
That is true. But for me I only use computers for surfing. Which source doesn't matter to me, Google is fine.
__________________

__________________
Mulligan is online now   Reply With Quote
Old 02-14-2013, 02:38 PM   #23
Thinks s/he gets paid by the post
imoldernu's Avatar
 
Join Date: Jul 2012
Location: Peru
Posts: 4,616
On the computer...
Just bought from Walmart online, a refurbished HP CompaQ no shipping.. for $148. Model dc5850. Not much more than the price of Windows 7.
These are off lease computers, that come and go into the refurbisher who strips, cleans and installs Windows 7 (spoke to the refurbisher... 3000/week) . There are many models and the offerings change daily.
Mine has a 2.3 Athlon processor, 4 MB of RAM, an 80 gig hard drive and comes with Windows set up and updated. I am more than pleased. Had a problem out of the box... Called the vendor, and had the replacement in hand in 4 days.
Backed by the Walmart guarantee, so no real worries. My last refurb was $100 and lasted for 5 years 'til I gave it away...
__________________
Today is the oldest you've ever been, and the youngest you'll ever be again. - Eleanor Roosevelt
imoldernu is offline   Reply With Quote
Old 02-15-2013, 03:52 PM   #24
Dryer sheet aficionado
 
Join Date: Dec 2010
Posts: 37
You just boot your existing PC with a Linux LiveCD OS, here's a source (do a search for Live Medium). Burn a CD, boot of it and use the browser there.

Another option is to create a Webconverger USB stick or CD. The use of this just for online banking is discussed a lot in the forum .

Personally, I set up my PC to dual boot with WIndows and Puppy Linux. I use the Linux 99% of the time, as I don't have to worry so much about malware, viruses etc. etc. But occassionally, I need to WIndows software and go there.

Article, another
__________________
lark_L is offline   Reply With Quote
Old 02-16-2013, 10:38 PM   #25
Full time employment: Posting here.
 
Join Date: Aug 2009
Posts: 522
I have my important stuff at Etrade. They gave me a security key that has a 6 digit number that chances every minute. I have to add this number to then end of my password to log in. Seems foolproof. Do any of the others offer this ?
__________________
bmcgonig is offline   Reply With Quote
Old 02-18-2013, 08:37 AM   #26
Recycles dryer sheets
 
Join Date: Jan 2013
Posts: 92
Quote:
Originally Posted by bmcgonig View Post
I have my important stuff at Etrade. They gave me a security key that has a 6 digit number that chances every minute. I have to add this number to then end of my password to log in. Seems foolproof. Do any of the others offer this ?
This is very good, but not a panacea. Others offer this token-based approach, but not many. Your main threat in this scenario is a man-in-the-browser type attack, where some form of malware has gotten onto your machine, and the MITB is acting behind the scenes on your computer, which you have authenticated with the token you refer to. Most malware attacks windows devices just due to proliferation of those devices (and some would say inherent vulnerabilities). Ah, but you say "I don't go to gambling sites or porn sites, so my odds of getting my machine infected are very low!" Well, that sounds logical, but the problem is this: it's not those sites that are the problem. They have a vested interest in keeping their sites malware free, as they want you to come back and spend real money. The most problematic sites: religious blogs. Why? They lack the security expertise to keep their sites free from malware, plus they have an extremely large following. A perfect place for a Trojan if I'm a fraudster trying to steal from you. So, stay away from religion, and only go to porn and gambling sites! Lol. This of course is a joke!

Ack! What to do? Lots of good suggestions here - dedicated devices, Linux OS, chromebook, etc. I prefer to use one of the most secure and easy to use devices: iPad over 4G (or personal wifi). It's not a malware free device, but it's the closest you'll probably get that is still easy to use and widely supported by the sites you need to get to. For me this works, because I constantly check on all things finance related, and I travel extensively. I couldn't be restricted to one stay-at-home device.
__________________
Unpaintedhuffhines is offline   Reply With Quote
Old 02-18-2013, 09:00 AM   #27
Full time employment: Posting here.
 
Join Date: Aug 2009
Posts: 522
[QUOTE=Unpaintedhuffhines;1285349]This is very good, but not a panacea. Others offer this token-based approach, but not many. Your main threat in this scenario is a man-in-the-browser type attack, where some form of malware has gotten onto your machine, and the MITB is acting behind the scenes on your computer, which you have authenticated with the token you refer to.

This seems very unlikely. Even if the MITB was watching specifically for my Etrade account, it would have 1-2 seconds to use that password. And they could only use it once. So maybe I dont understand what you mean?
__________________
bmcgonig is offline   Reply With Quote
Old 02-18-2013, 12:43 PM   #28
Thinks s/he gets paid by the post
Rustward's Avatar
 
Join Date: Apr 2006
Posts: 1,572
[QUOTE=bmcgonig;1285351]
Quote:
Originally Posted by Unpaintedhuffhines View Post
This seems very unlikely. Even if the MITB was watching specifically for my Etrade account, it would have 1-2 seconds to use that password. And they could only use it once. So maybe I dont understand what you mean?
I'm not BMC, but he probably means that because the "man" is "in" the browser, he does not even need the password. You provided it for him.
__________________
Rustward is offline   Reply With Quote
Old 02-18-2013, 12:55 PM   #29
Recycles dryer sheets
 
Join Date: Jan 2013
Posts: 92
Rust, correct. Once authenticated, he opens his own hidden browser window and does the bad thing that he does.
__________________
Unpaintedhuffhines is offline   Reply With Quote
Old 02-18-2013, 09:39 PM   #30
Full time employment: Posting here.
 
Join Date: Aug 2009
Posts: 522
Has not thought of that. Thanks
__________________
bmcgonig is offline   Reply With Quote
Old 02-19-2013, 07:41 AM   #31
Recycles dryer sheets
 
Join Date: Aug 2009
Posts: 141
I would just buy a cheap windows laptop. I did what you mention in your OP but thought it was silly (but I have 2 laptops anyways). Since I am a keyboard jockey, I spent a good 6 hours min. on the machine, visiting hundreds of site (99.99% are non-shady), still you never know what will get installed on your machine without your knowledge. So I dug into some security bulletins and have a routine before doing banking work.

I have CCleaner (with CEnhancer), PrivaZer to clean all internet activities, Super Antispyware. I run all 3 of these before doing any banking work. So far so good.

I recommend against Chromebook. AFAIK, you can not store locally and I certainly do not want my financial documents in the cloud.
__________________
noelm is offline   Reply With Quote
Old 02-19-2013, 08:14 AM   #32
Full time employment: Posting here.
 
Join Date: Nov 2009
Posts: 510
Another very good security program that I use (didn't mention in my earlier post) is KeyScrambler.

KeyScrambler Personal - CNET Download.com

I posted CNET link about it for review, but you can also download the free personal version 3.0 direct from QFX

QFX Software - Download KeyScrambler

I have Windows 7 premium (32 bit) and version 3.0 works fine with it - some complaints about version 3.0 not working with it at CNET. I have been using KeyScrambler personal (free) version for many years with other computers and Widows OS programs and it has always successfully encrypted keystrokes while on line (KeyScrambler box pops up in tray when browser activated and you can see KeyScramber in action when you type). Free version works with most popular browsers.
__________________
fritz is offline   Reply With Quote
Old 02-19-2013, 08:55 AM   #33
Recycles dryer sheets
 
Join Date: Sep 2009
Posts: 353
Quote:
Originally Posted by fritz View Post
Another very good security program that I use (didn't mention in my earlier post) is KeyScrambler.

KeyScrambler Personal - CNET Download.com

I posted CNET link about it for review, but you can also download the free personal version 3.0 direct from QFX

QFX Software - Download KeyScrambler

I have Windows 7 premium (32 bit) and version 3.0 works fine with it - some complaints about version 3.0 not working with it at CNET. I have been using KeyScrambler personal (free) version for many years with other computers and Widows OS programs and it has always successfully encrypted keystrokes while on line (KeyScrambler box pops up in tray when browser activated and you can see KeyScramber in action when you type). Free version works with most popular browsers.

Awesome! Thanks for mentioning this. I will start using it as well!

For financial passwords, I never store them anywhere digitally. I have a relatively easy part I memorize and more complex part of each password that I write down on 2 pieces of paper stored separately. This way, I don't have to trust any program to store them for me or deliver them to my browser carefully enough without leaving traces in memory, etc.

If someone steals my piece of paper, they won't be able to use it without my "relatively easy" part (plus they won't even understand what accounts that piece is for, what user name I use, etc.)... and I figure it's unlikely that whoever steals or finds the paper is a good computer hacker.
__________________
smjsl is offline   Reply With Quote
Old 02-19-2013, 09:00 AM   #34
Recycles dryer sheets
 
Join Date: Sep 2009
Posts: 353
For all those using Lunix, how do you secure it? There are viruses for Linux too, just like for Apple OSes and any other OS. Sure, there are not as many as for Windows, but is that really good enough to protect your life savings?
__________________
smjsl is offline   Reply With Quote
Old 02-19-2013, 09:12 AM   #35
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
Mulligan's Avatar
 
Join Date: May 2009
Posts: 7,376
Quote:
Originally Posted by noelm
I would just buy a cheap windows laptop. I did what you mention in your OP but thought it was silly (but I have 2 laptops anyways). Since I am a keyboard jockey, I spent a good 6 hours min. on the machine, visiting hundreds of site (99.99% are non-shady), still you never know what will get installed on your machine without your knowledge. So I dug into some security bulletins and have a routine before doing banking work.

I have CCleaner (with CEnhancer), PrivaZer to clean all internet activities, Super Antispyware. I run all 3 of these before doing any banking work. So far so good.

I recommend against Chromebook. AFAIK, you can not store locally and I certainly do not want my financial documents in the cloud.
I am seriously thinking of getting a Chromebook, but I admit I am not a computer genius. So let me ask this question to make sure I understand correctly. You are only recommending against Chromebook because you can not store locally and don't want info in the cloud. My intentions are only to conduct transactions online, and print and file documents in my paper file, not store anything anywhere. Chromebooks used in this manner would be a perfectly safe option then because of their setup, and internal safety controls, correct?
__________________
Mulligan is online now   Reply With Quote
Old 02-19-2013, 09:38 AM   #36
Recycles dryer sheets
 
Join Date: Sep 2009
Posts: 353
Quote:
Originally Posted by Mulligan View Post
I am seriously thinking of getting a Chromebook, but I admit I am not a computer genius. So let me ask this question to make sure I understand correctly. You are only recommending against Chromebook because you can not store locally and don't want info in the cloud. My intentions are only to conduct transactions online, and print and file documents in my paper file, not store anything anywhere. Chromebooks used in this manner would be a perfectly safe option then because of their setup, and internal safety controls, correct?
I am not a security expert but... I figure Chromebook is still a computer running some software in memory, connected to internet. It would allow complex software run on the computer from the websites (else many websites would not work on your computer). I imagine if you happen to end up on some bad website by accident (e.g. website pretending to be your bank or brokerate), it could do some damage by uploading whatever user id / pw you use to connect to the cloud or user name password you type in during that session, etc.

Also, found this link regarding security for Chromebooks:
Is Google's Chromebook impervious to viruses? | Homeland Security News Wire

Regarding storage, I wonder if you could use a flash drive if you needed to.
__________________
smjsl is offline   Reply With Quote
Old 02-19-2013, 09:45 AM   #37
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Sep 2005
Location: Northern IL
Posts: 18,264
Quote:
Originally Posted by smjsl View Post
For financial passwords, I never store them anywhere digitally. I have a relatively easy part I memorize and more complex part of each password that I write down on 2 pieces of paper stored separately. This way, I don't have to trust any program to store them for me or deliver them to my browser carefully enough without leaving traces in memory, etc.

If someone steals my piece of paper, they won't be able to use it without my "relatively easy" part (plus they won't even understand what accounts that piece is for, what user name I use, etc.)... and I figure it's unlikely that whoever steals or finds the paper is a good computer hacker.
This is the system that I'm setting up for my important passwords. I like the KISS principle, and prefer not to have them stored on some other system. This just seems so simple and secure. Even keeping the unique part in a spreadsheet would seem to be OK, you need to couple them with the memorized 'key' to be of any use (I'm using two simple keys - KEY#1&complex-unique&KEY#2).

For everything else, I use the same easy to remember password for all, a mnemonic for something easy to remember, like "This Website Does Not Require Security Paranoia", TwdnrsP980 , cap the first/last, add a few digits you can recall easily.

-ERD50
__________________
ERD50 is offline   Reply With Quote
Old 02-19-2013, 10:02 AM   #38
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Sep 2005
Location: Northern IL
Posts: 18,264
Quote:
Originally Posted by smjsl View Post
For all those using Lunix, how do you secure it? There are viruses for Linux too, just like for Apple OSes and any other OS. Sure, there are not as many as for Windows, but is that really good enough to protect your life savings?
We get regular security updates on Linux, so it is being patched and kept secure. I have about 50 patches waiting for me right now, probably issued in just the past 2 weeks. Mostly for java/flash, but a few others.

But a distinction is required - there are security vulnerabilities and security breaches. So these are patches for vulnerabilities - maybe some little flaw that might allow someone to get in under some circumstances. But that doesn't mean anyone has actually demonstrated that happening - that would be a security breach. And then, the breach would have to be delivered somehow. AFAIK, there have not been any wide-spread security breaches of a Linux system, and very few on the Mac OS. There was a widely publicized one on Mac OS a few years back, but IIRC, it required some action on the user's part to initiate, and it never spread far, and was patched pretty quickly. I have not heard of any since then. With the increased popularity of Mac and IOS, it's hard for me to believe that these OS are relying on 'security by obscurity', that may still be part of it, but I tend to think that they are inherently more secure (but not 'bullet-proof'). I will say no more, it might awaken a bunny.

I've also got an open source virus scanner, ClamTK, that I run manually when I think of it, which is almost never. I get some false positives (very old pdfs) never anything else.

-ERD50
__________________
ERD50 is offline   Reply With Quote
Old 02-19-2013, 10:28 AM   #39
Recycles dryer sheets
 
Join Date: Sep 2009
Posts: 353
Quote:
Originally Posted by ERD50 View Post
keeping the unique part in a spreadsheet would seem to be OK, you need to couple them with the memorized 'key' to be of any use (I'm using two simple keys - KEY#1&complex-unique&KEY#2).
I personally would be paranoid about a hacker downloading that spreadsheet and if they knew / guessed / found out its meaning, they could potentially use it to crack rest of password, since they'd know the complex part already... (I believe you can seed password cracking programs with a starting string, and maybe there are other ways too.)
__________________
smjsl is offline   Reply With Quote
Old 02-19-2013, 11:23 AM   #40
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
Lsbcal's Avatar
 
Join Date: May 2006
Location: west coast, hi there!
Posts: 5,676
Quote:
Originally Posted by smjsl View Post
I personally would be paranoid about a hacker downloading that spreadsheet and if they knew / guessed / found out its meaning, they could potentially use it to crack rest of password, since they'd know the complex part already... (I believe you can seed password cracking programs with a starting string, and maybe there are other ways too.)
What if the spreadsheet has a very strong password itself? I think Excel allows a 15 characters.
__________________

__________________
Lsbcal is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


 

 
All times are GMT -6. The time now is 07:17 AM.
 
Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.